urlscan.io logo urlscan.io
SecurityTrails logo

www.buhoblik.org.ua Open in urlscan Pro
2a06:6440:0:2d02::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://buhoblik.org.ua/
Effective URL: https://www.buhoblik.org.ua/
Submission: On February 27 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 130 IPs in 19 countries across 131 domains to perform 472 HTTP transactions. The main IP is 2a06:6440:0:2d02::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is www.buhoblik.org.ua.
TLS certificate: Issued by R3 on February 5th 2022. Valid for: 3 months.
This is the only time www.buhoblik.org.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 11 2a06:6440:0:2... 200000 (UKRAINE-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
10 2a03:90c0:41:... 199524 (GCORE)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 95.216.186.40 24940 (HETZNER-AS)
11 95.163.114.204 12695 (DINET-AS)
1 2a00:7a60:0:1... 200000 (UKRAINE-AS)
12 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 11 146.0.227.110 20773 (GODADDY)
14 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638:1::11 44788 (ASN-CRITE...)
2 4 185.184.8.65 204995 (RTB-HOUSE...)
2 3 51.68.138.57 16276 (OVH)
2 2a0c:5c81:513... 55081 (24SHELLS)
1 216.52.2.39 29791 (VOXEL-DOT...)
2 193.200.65.6 6681 (GIVEME-CLOUD)
6 10 2.18.234.21 16625 (AKAMAI-AS)
2 2 195.209.108.48 52007 (ADRIVER-AS)
2 2 188.42.29.165 7979 (SERVERS-COM)
1 2 194.247.175.26 196831 (BEMOBILE-AS)
1 2 138.201.34.239 24940 (HETZNER-AS)
2 37.18.16.16 205675 (HYBRID-AS)
1 1 80.64.106.147 20764 (RASCOM-AS...)
5 5 3.124.66.16 16509 (AMAZON-02)
1 1 94.23.171.206 16276 (OVH)
1 2a0c:5c81:509... 55081 (24SHELLS)
2 2 23.88.75.189 24940 (HETZNER-AS)
3 25 62.149.0.72 15497 (COLOCALL ...)
2 51.89.9.253 16276 (OVH)
1 2 5.178.65.246 50673 (SERVERIUS-AS)
1 67.202.105.31 32748 (STEADFAST)
3 5 35.186.253.211 15169 (GOOGLE)
1 216.52.2.48 29791 (VOXEL-DOT...)
1 193.200.65.5 6681 (GIVEME-CLOUD)
2 2 18.200.150.135 16509 (AMAZON-02)
7 10 185.33.221.88 29990 (ASN-APPNEX)
2 2800:3f0:4002... 15169 (GOOGLE)
1 66.102.1.155 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2.19.35.65 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
1 185.255.84.150 200271 (IGUANE-)
4 2.18.233.180 16625 (AKAMAI-AS)
1 1 23.108.101.160 59253 (LEASEWEB-...)
3 3 66.155.71.150 13768 (COGECO-PEER1)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
3 46.249.52.249 50673 (SERVERIUS-AS)
4 18.215.193.43 14618 (AMAZON-AES)
2 5.178.65.252 50673 (SERVERIUS-AS)
1 3 168.119.146.39 24940 (HETZNER-AS)
1 205.234.175.175 30081 (CACHENETW...)
15 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2600:9000:225... 16509 (AMAZON-02)
1 2 37.157.6.247 198622 (ADFORM)
41 178.250.2.135 44788 (ASN-CRITE...)
2 178.250.0.162 44788 (ASN-CRITE...)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 20 142.250.181.226 15169 (GOOGLE)
3 4 35.227.248.159 15169 (GOOGLE)
3 5 37.157.4.39 198622 (ADFORM)
5 6 15.197.193.217 16509 (AMAZON-02)
1 2 2a04:4e42:200... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
4 7 104.36.113.23 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 3 52.31.233.74 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
2 2 185.86.139.113 201081 (SMARTADSE...)
2 3 52.30.14.23 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 2 35.178.150.13 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 79.125.14.53 16509 (AMAZON-02)
4 5 151.101.194.49 54113 (FASTLY)
1 54.220.99.171 16509 (AMAZON-02)
1 1 34.226.104.236 14618 (AMAZON-AES)
1 2 52.95.115.196 16509 (AMAZON-02)
2 104.111.215.191 16625 (AKAMAI-AS)
1 1 52.214.126.220 16509 (AMAZON-02)
1 142.250.185.230 15169 (GOOGLE)
1 13 18.158.238.206 16509 (AMAZON-02)
1 8 2a02:6b8::1:119 208722 (YNDX)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 18.156.47.94 16509 (AMAZON-02)
2 3 35.244.174.68 15169 (GOOGLE)
1 2 69.173.144.138 26667 (RUBICONPR...)
3 69.173.144.139 26667 (RUBICONPR...)
1 62.109.14.161 29182 (THEFIRST-AS)
1 92.63.105.49 29182 (THEFIRST-AS)
8 95.217.109.66 24940 (HETZNER-AS)
1 217.197.112.80 20655 (E-STYLEIS...)
1 18.66.97.9 16509 (AMAZON-02)
2 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 51.158.29.12 12876 (Online SAS)
2 17 185.64.190.80 62713 (AS-PUBMATIC)
3 3 185.29.132.241 30419 (MEDIAMATH...)
1 72.251.241.196 29791 (VOXEL-DOT...)
2 3 52.30.16.91 16509 (AMAZON-02)
1 2 178.250.0.163 44788 (ASN-CRITE...)
1 169.197.150.8 398989 (DEEPINTENT)
1 1 154.59.122.79 174 (COGENT-174)
2 2 3.123.170.95 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 104.111.242.53 16625 (AKAMAI-AS)
1 1 104.45.178.220 8075 (MICROSOFT...)
7 185.64.189.110 62713 (AS-PUBMATIC)
1 38.27.122.126 174 (COGENT-174)
1 2 52.72.71.171 14618 (AMAZON-AES)
1 1 3.120.18.167 16509 (AMAZON-02)
4 198.47.127.20 62713 (AS-PUBMATIC)
1 2 169.50.137.182 36351 (SOFTLAYER)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 18.156.0.31 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 54.159.94.231 14618 (AMAZON-AES)
2 2 35.210.53.219 19527 (GOOGLE-2)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 2 4.78.226.233 3356 (LEVEL3)
1 1 34.102.253.54 15169 (GOOGLE)
1 1 37.252.173.22 29990 (ASN-APPNEX)
2 5 104.111.246.208 16625 (AKAMAI-AS)
1 1 104.111.245.23 16625 (AKAMAI-AS)
1 1 62.209.227.211 13036 (TMOBILE-)
4 87.240.139.194 47541 (VKONTAKTE...)
2 217.20.147.3 47764 (MAILRU-AS...)
2 184.30.24.193 16625 (AKAMAI-AS)
2 94.100.180.55 47764 (MAILRU-AS...)
1 3.124.210.90 16509 (AMAZON-02)
31 104.111.216.213 16625 (AKAMAI-AS)
1 1 185.33.221.157 29990 (ASN-APPNEX)
2 2 72.251.244.142 29791 (VOXEL-DOT...)
1 1 88.212.201.210 39134 (UNITEDNET)
1 151.101.193.44 54113 (FASTLY)
4 4 213.19.147.44 26120 (RHYTHMONE)
1 1 172.105.232.22 63949 (LINODE-AP...)
1 1 54.175.198.118 14618 (AMAZON-AES)
4 4 15.235.15.221 16276 (OVH)
2 2 34.254.143.3 16509 (AMAZON-02)
1 3 63.35.242.195 16509 (AMAZON-02)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 52.50.195.14 16509 (AMAZON-02)
1 54.77.66.11 16509 (AMAZON-02)
1 3.226.143.160 14618 (AMAZON-AES)
3 77.95.131.196 43226 (SAFEDATA ...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 72.246.100.37 ()
7 104.111.214.74 ()
3 8.45.52.250 ()
2 62.128.97.18 ()
4 2a00:1450:400... ()
2 62.128.97.27 ()
4 47.254.80.221 ()
1 8.38.121.251 ()
1 2a00:1450:400... ()
2 2a03:2880:f01... ()
5 217.69.133.145 ()
1 2a03:2880:f11... ()
472 130
11    2a06:6440:0:2d02::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
buhoblik.org.ua
www.buhoblik.org.ua
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com.ua
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
16    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
5    95.216.186.40 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.40.186.216.95.clients.your-server.de
xn--r1a.website
tttttt.me
tlgr.org
11    95.163.114.204 (Moscow, Russian Federation)

ASN12695 (DINET-AS, RU)
w.uptolike.com
1    2a00:7a60:0:109e::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
avto-oblik.com.ua
12    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
11    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
14    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
4    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
3    51.68.138.57 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: vps-79ef5675.vps.ovh.net
a4p.adpartner.pro
2    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
10    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
2    195.209.108.48 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
2    188.42.29.165 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
2    138.201.34.239 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.239.34.201.138.clients.your-server.de
exchange.buzzoola.com
2    37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
1    80.64.106.147 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru
admixer-sync.rutarget.ru
5    3.124.66.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-66-16.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    94.23.171.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-94-23-171.eu
green.erne.co
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
2    23.88.75.189 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de
csync.loopme.me
25    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
sync.spotim.market
sync.console.adtarget.com.tr
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    5.178.65.246 (Amersfoort, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
1    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
ic.tynt.com
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
2    18.200.150.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-150-135.eu-west-1.compute.amazonaws.com
ad.360yield.com
10    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    2800:3f0:4002:814::2003 (Argentina)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net
bid.g.doubleclick.net
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
fo-ssp.omnitagjs.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.108.101.160 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
b1h-apac1.zemanta.com
3    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
pixel.sitescout.com
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
3    46.249.52.249 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
4    18.215.193.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-193-43.compute-1.amazonaws.com
a.audrte.com
2    5.178.65.252 (Amersfoort, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
3    168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
15    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    2600:9000:225e:d200:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
2    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
41    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4009:2::7 (London, United Kingdom)

ASN15169 (GOOGLE, US)
r1---sn-aigzrney.c.2mdn.net
20    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
5    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
6    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f600:6235:8475:2669:58c5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
7    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b002:5c97:83c8:403c:77a7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    52.31.233.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-233-74.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
3    52.30.14.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    35.178.150.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-150-13.eu-west-2.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    79.125.14.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-14-53.eu-west-1.compute.amazonaws.com
beacon.krxd.net
5    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    54.220.99.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-99-171.eu-west-1.compute.amazonaws.com
engine.widespace.com
1    34.226.104.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-104-236.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.214.126.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-126-220.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
1    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
13    18.158.238.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
ih.adscale.de
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
1    2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    18.156.47.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-47-94.eu-central-1.compute.amazonaws.com
d.agkn.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
1    62.109.14.161 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta1007.ru
jaclick.ru
1    92.63.105.49 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta1010.ru
grsync.ru
8    95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de
static.tnsis.ru
umagnet.ru
sonar.semantiqo.com
cdn3.caltat.com
1    217.197.112.80 (Moscow, Russian Federation)

ASN20655 (E-STYLEISP-AS, RU)
PTR: seopult.ru
af.click.ru
1    18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net
tags.crwdcntrl.net
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    51.158.29.12 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-29-12.rev.poneytelecom.eu
js.cookieless-data.com
17    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
3    52.30.16.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-16-91.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
2    3.123.170.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-170-95.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    38.27.122.126 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    52.72.71.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-71-171.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    3.120.18.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-18-167.eu-central-1.compute.amazonaws.com
docker.creative-serving.com
4    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a05:d018:d29:3601:21e5:efde:30c9:e168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    54.159.94.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-94-231.compute-1.amazonaws.com
sync.ipredictive.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    2620:116:800b:21:d7a4:3372:2f4a:f3b0 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
2    4.78.226.233 (Mobile, United States)

ASN3356 (LEVEL3, US)
pmp.mxptint.net
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
5    104.111.246.208 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-246-208.deploy.static.akamaitechnologies.com
s.click.aliexpress.com
www.aliexpress.com
m.aliexpress.com
mbest.aliexpress.com
1    104.111.245.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-23.deploy.static.akamaitechnologies.com
sale.aliexpress.com
1    62.209.227.211 (Vlasim, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid2.ibillboard.com
bbnaut.ibillboard.com
4    87.240.139.194 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv194-139-240-87.vk.com
vk.com
2    217.20.147.3 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip3.147.odnoklassniki.ru
connect.ok.ru
2    184.30.24.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-193.deploy.static.akamaitechnologies.com
api.pinterest.com
2    94.100.180.55 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: connect.mail.ru
connect.mail.ru
1    3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
ps.eyeota.net
31    104.111.216.213 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-213.deploy.static.akamaitechnologies.com
assets.alicdn.com
1    185.33.221.157 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 886.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
adscale-emea.adnxs.com
2    72.251.244.142 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-03.ams2.m6r.eu
tracking.m6r.eu
1    88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru
counter.yadro.ru
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
4    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    172.105.232.22 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1886-22.members.linode.com
gocm.c.appier.net
1    54.175.198.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-198-118.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
3    63.35.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    52.50.195.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-195-14.eu-west-1.compute.amazonaws.com
io.narrative.io
1    54.77.66.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-66-11.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    3.226.143.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-143-160.compute-1.amazonaws.com
rtb.adentifi.com
3    77.95.131.196 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
intercollectcontact.ru
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    72.246.100.37 (None, )

ASN- ()
promotion.aliexpress.ru
7    104.111.214.74 (None, )

ASN- ()
i.alicdn.com
ae01.alicdn.com
3    8.45.52.250 (None, )

ASN- ()
g.alicdn.com
2    62.128.97.18 (None, )

ASN- ()
acs.aliexpress.ru
4    2a00:1450:4001:808::200e (None, )

ASN- ()
www.google-analytics.com
2    62.128.97.27 (None, )

ASN- ()
ru.mmstat.com
4    47.254.80.221 (None, )

ASN- ()
retcode-us-west-1.arms.aliyuncs.com
1    8.38.121.251 (None, )

ASN- ()
ald-lamp-us.alicdn.com
1    2a00:1450:4001:831::2008 (None, )

ASN- ()
www.googletagmanager.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (None, )

ASN- ()
connect.facebook.net
5    217.69.133.145 (None, )

ASN- ()
top-fwz1.mail.ru
1    2a03:2880:f11c:8183:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
Apex Domain
Subdomains		 Transfer
50 criteo.net
static.criteo.net — Cisco Umbrella Rank: 638
pix.eu.criteo.net — Cisco Umbrella Rank: 7678
csm.eu.criteo.net — Cisco Umbrella Rank: 7893
2 MB
42 alicdn.com
assets.alicdn.com — Cisco Umbrella Rank: 11062
ae01.alicdn.com Failed
i.alicdn.com
g.alicdn.com
ald-lamp-us.alicdn.com
671 KB
40 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 429
image6.pubmatic.com — Cisco Umbrella Rank: 582
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image2.pubmatic.com — Cisco Umbrella Rank: 752
image4.pubmatic.com — Cisco Umbrella Rank: 738
simage4.pubmatic.com — Cisco Umbrella Rank: 1024
aud.pubmatic.com — Cisco Umbrella Rank: 3815
49 KB
36 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
bid.g.doubleclick.net — Cisco Umbrella Rank: 448
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
ad.doubleclick.net — Cisco Umbrella Rank: 167
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
115 KB
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
387 KB
21 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 44426
inv-nets.admixer.net — Cisco Umbrella Rank: 2092
203 KB
16 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7241
ih.adscale.de — Cisco Umbrella Rank: 4945
17 KB
15 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1178
mwzeom.zeotap.com — Cisco Umbrella Rank: 1486
5 KB
15 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 4300
sync.adtelligent.com — Cisco Umbrella Rank: 2421
8 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 350
adscale-emea.adnxs.com — Cisco Umbrella Rank: 16741
10 KB
11 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917
eus.rubiconproject.com — Cisco Umbrella Rank: 512
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
token.rubiconproject.com — Cisco Umbrella Rank: 593
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2038
23 KB
11 uptolike.com
w.uptolike.com — Cisco Umbrella Rank: 116044
73 KB
11 buhoblik.org.ua
buhoblik.org.ua
www.buhoblik.org.ua
231 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
ssum.casalemedia.com — Cisco Umbrella Rank: 1125
9 KB
9 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5930
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 6268
4 KB
8 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2932
121 KB
8 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3099
u-ams02.e-planning.net — Cisco Umbrella Rank: 51355
s.e-planning.net — Cisco Umbrella Rank: 4802
i.e-planning.net — Cisco Umbrella Rank: 4860
4 KB
7 mail.ru
connect.mail.ru — Cisco Umbrella Rank: 55919
top-fwz1.mail.ru
17 KB
7 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 629
tags.crwdcntrl.net — Cisco Umbrella Rank: 2036
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
15 KB
7 adform.net
cm.adform.net — Cisco Umbrella Rank: 1576
dmp.adform.net — Cisco Umbrella Rank: 2002
c1.adform.net — Cisco Umbrella Rank: 529
track.adform.net — Cisco Umbrella Rank: 3678
3 KB
6 aliexpress.com
s.click.aliexpress.com — Cisco Umbrella Rank: 23127
sale.aliexpress.com — Cisco Umbrella Rank: 33325
www.aliexpress.com — Cisco Umbrella Rank: 21026
m.aliexpress.com — Cisco Umbrella Rank: 36515
mbest.aliexpress.com — Cisco Umbrella Rank: 132669
acs.aliexpress.com Failed
12 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
3 KB
6 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 236
www.google-analytics.com Failed
78 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
2 KB
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1330
682 B
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
3 KB
5 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12444
ads.eu.criteo.com — Cisco Umbrella Rank: 7942
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9904
dis.criteo.com — Cisco Umbrella Rank: 619
60 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
136 KB
4 aliyuncs.com
retcode-us-west-1.arms.aliyuncs.com
98 B
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1400
2 KB
4 vk.com
vk.com — Cisco Umbrella Rank: 5435
24 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 357
2 KB
4 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 906
r1---sn-aigzrney.c.2mdn.net — Cisco Umbrella Rank: 380648
s0.2mdn.net — Cisco Umbrella Rank: 246
38 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2683
3 KB
4 spotim.market
sync.spotim.market — Cisco Umbrella Rank: 1958
1 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5927
creativecdn.com — Cisco Umbrella Rank: 585
us.creativecdn.com Failed
1 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 407
128 KB
3 aliexpress.ru
promotion.aliexpress.ru
acs.aliexpress.ru
17 KB
3 intercollectcontact.ru
intercollectcontact.ru — Cisco Umbrella Rank: 299791
3 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 480
2 KB
3 semantiqo.com
sonar.semantiqo.com — Cisco Umbrella Rank: 54674
8 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
2 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 548
idsync.rlcdn.com — Cisco Umbrella Rank: 283
929 B
3 tlgr.org
tlgr.org
34 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 371
usermatch.krxd.net — Cisco Umbrella Rank: 981
942 B
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 388
d.agkn.com — Cisco Umbrella Rank: 487
1 KB
3 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 855
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
2 KB
3 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 6812
loada.exelator.com — Cisco Umbrella Rank: 20824
2 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187
2 KB
3 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 571
match.taboola.com — Cisco Umbrella Rank: 1834
614 B
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1515
744 B
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
pixel.sitescout.com — Cisco Umbrella Rank: 2837
890 B
3 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 104816
t.trafmag.com — Cisco Umbrella Rank: 6501
1 KB
3 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 53119
961 B
3 gstatic.com
www.gstatic.com
csi.gstatic.com
7 KB
2 facebook.net
connect.facebook.net
115 KB
2 mmstat.com
ru.mmstat.com
595 B
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 1950
643 B
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3352
1 KB
2 caltat.com
cdn3.caltat.com — Cisco Umbrella Rank: 148872
964 B
2 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 11465
1 KB
2 pinterest.com
api.pinterest.com — Cisco Umbrella Rank: 2494
776 B
2 ok.ru
connect.ok.ru — Cisco Umbrella Rank: 21839
4 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 3763
963 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 3994
715 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
d.turn.com — Cisco Umbrella Rank: 754
936 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1174
577 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 789
476 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 683
s.tribalfusion.com — Cisco Umbrella Rank: 1640
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 704
1 KB
2 umagnet.ru
umagnet.ru — Cisco Umbrella Rank: 203238
113 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 927
pixel.quantserve.com — Cisco Umbrella Rank: 374
902 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 425
529 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1361
1 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1933
1 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 23557
673 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 977
792 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 621
655 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 865
2 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 911
417 B
2 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 6079
475 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 22253
543 B
2 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 88852
467 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1448
1 KB
2 adriver.ru
ad.adriver.ru — Cisco Umbrella Rank: 23572
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 696
ap.lijit.com — Cisco Umbrella Rank: 598
588 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
fcmatch.google.com Failed
549 B
1 facebook.com
www.facebook.com
295 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 931
96 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 978
209 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
621 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 1908
393 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 821
535 B
1 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 8633
332 B
1 googletagmanager.com
www.googletagmanager.com Failed
67 KB
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 845
1 KB
1 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 17653
550 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3101
464 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 882
522 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2481
104 B
1 creative-serving.com
docker.creative-serving.com — Cisco Umbrella Rank: 4314
475 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1320
112 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3011
348 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 946
674 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 807
44 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1259
408 B
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 4583
535 B
1 click.ru
af.click.ru — Cisco Umbrella Rank: 147280
865 B
1 tnsis.ru
static.tnsis.ru — Cisco Umbrella Rank: 135030
499 B
1 grsync.ru
grsync.ru — Cisco Umbrella Rank: 147565
4 KB
1 jaclick.ru
jaclick.ru — Cisco Umbrella Rank: 147145
319 B
1 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 38628
215 B
1 widespace.com
engine.widespace.com — Cisco Umbrella Rank: 58307
76 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 776
324 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1393
596 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 9578
411 B
1 zemanta.com
b1h-apac1.zemanta.com
326 B
1 omnitagjs.com
fo-ssp.omnitagjs.com — Cisco Umbrella Rank: 16397
965 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 4079
1 erne.co
green.erne.co — Cisco Umbrella Rank: 12245
298 B
1 rutarget.ru
admixer-sync.rutarget.ru — Cisco Umbrella Rank: 93555
288 B
1 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 5583
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 741
649 B
1 avto-oblik.com.ua
avto-oblik.com.ua
72 KB
1 tttttt.me
tttttt.me
2 KB
1 xn--r1a.website
xn--r1a.website — Cisco Umbrella Rank: 868167
465 B
1 google.com.ua
www.google.com.ua — Cisco Umbrella Rank: 15661
320 B
0 Failed
function sub() { [native code] }. Failed
0 taobao.com Failed
fourier.taobao.com Failed
472 131
Domain Requested by
41 pix.eu.criteo.net ads.eu.criteo.com
31 assets.alicdn.com m.aliexpress.com
assets.alicdn.com
promotion.aliexpress.ru
www.buhoblik.org.ua
20 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
spl.zeotap.com
www.buhoblik.org.ua
17 simage2.pubmatic.com 2 redirects ads.pubmatic.com
16 pagead2.googlesyndication.com www.buhoblik.org.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
14 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
13 mwzeom.zeotap.com spl.zeotap.com
13 sync.adtelligent.com 2 redirects s.adtelligent.com
ads.us.e-planning.net
ads.pubmatic.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
11 inv-nets.admixer.net 1 redirects cdn.admixer.net
www.buhoblik.org.ua
11 w.uptolike.com www.buhoblik.org.ua
w.uptolike.com
10 ib.adnxs.com 7 redirects googleads.g.doubleclick.net
spl.zeotap.com
10 cdn.admixer.net www.buhoblik.org.ua
cdn.admixer.net
9 www.buhoblik.org.ua www.buhoblik.org.ua
8 mc.yandex.ru 1 redirects w.uptolike.com
www.buhoblik.org.ua
assets.alicdn.com
8 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
7 image2.pubmatic.com ads.pubmatic.com
7 image6.pubmatic.com 4 redirects ads.pubmatic.com
7 static.criteo.net ads.eu.criteo.com
6 match.adsrvr.org 5 redirects bcp.crwdcntrl.net
6 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
5 top-fwz1.mail.ru www.buhoblik.org.ua
top-fwz1.mail.ru
5 i.alicdn.com promotion.aliexpress.ru
i.alicdn.com
5 sync-tm.everesttech.net 4 redirects bcp.crwdcntrl.net
5 rtb.openx.net 3 redirects ads.us.e-planning.net
googleads.g.doubleclick.net
5 x.bidswitch.net 5 redirects
5 www.googletagservices.com googleads.g.doubleclick.net
www.googletagservices.com
4 retcode-us-west-1.arms.aliyuncs.com assets.alicdn.com
4 pixel.onaudience.com 4 redirects
4 www.google-analytics.com assets.alicdn.com
i.alicdn.com
www.google-analytics.com
tttttt.me
www.googletagmanager.com
4 vk.com w.uptolike.com
www.buhoblik.org.ua
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 a.audrte.com ads.us.e-planning.net
a.audrte.com
s.adtelligent.com
4 ads.pubmatic.com s.adtelligent.com
ads.us.e-planning.net
s.console.adtarget.com.tr
ads.pubmatic.com
4 sync.spotim.market 1 redirects s.adtelligent.com
4 eus.rubiconproject.com s.adtelligent.com
ads.us.e-planning.net
eus.rubiconproject.com
3 g.alicdn.com promotion.aliexpress.ru
g.alicdn.com
3 intercollectcontact.ru cdn3.caltat.com
intercollectcontact.ru
3 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
3 sync.1rx.io 3 redirects
3 sonar.semantiqo.com umagnet.ru
sonar.semantiqo.com
www.buhoblik.org.ua
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 tlgr.org tttttt.me
tlgr.org
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 dpm.demdex.net 2 redirects bcp.crwdcntrl.net
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 u-ams02.e-planning.net ads.us.e-planning.net
ads.pubmatic.com
3 creativecdn.com 2 redirects www.buhoblik.org.ua
3 ssum-sec.casalemedia.com 3 redirects
3 a4p.adpartner.pro 2 redirects cdn.admixer.net
2 connect.facebook.net www.buhoblik.org.ua
connect.facebook.net
2 ru.mmstat.com www.buhoblik.org.ua
2 acs.aliexpress.ru g.alicdn.com
assets.alicdn.com
2 io.narrative.io 1 redirects www.buhoblik.org.ua
2 visitor.fiftyt.com 2 redirects
2 loada.exelator.com 2 redirects
2 cdn3.caltat.com umagnet.ru
2 simage4.pubmatic.com ads.pubmatic.com
2 tracking.m6r.eu 2 redirects
2 ae01.alicdn.com m.aliexpress.com
promotion.aliexpress.ru
2 connect.mail.ru w.uptolike.com
2 api.pinterest.com w.uptolike.com
2 connect.ok.ru w.uptolike.com
2 m.aliexpress.com grsync.ru
m.aliexpress.com
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pool.admedo.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 px.owneriq.net 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 umagnet.ru static.tnsis.ru
umagnet.ru
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 token.rubiconproject.com eus.rubiconproject.com
2 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
2 id.rlcdn.com 2 redirects
2 tags.bluekai.com spl.zeotap.com
bcp.crwdcntrl.net
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 beacon.krxd.net spl.zeotap.com
2 aa.agkn.com 1 redirects www.buhoblik.org.ua
2 sync.smartadserver.com 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 trc.taboola.com 1 redirects spl.zeotap.com
2 dmp.adform.net 1 redirects spl.zeotap.com
2 r1---sn-aigzrney.c.2mdn.net www.buhoblik.org.ua
2 csm.eu.criteo.net ads.eu.criteo.com
2 spl.zeotap.com ads.us.e-planning.net
www.buhoblik.org.ua
2 s.e-planning.net ads.us.e-planning.net
2 pixel-sync.sitescout.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 ad.360yield.com 2 redirects
2 ads.us.e-planning.net 1 redirects s.adtelligent.com
2 onetag-sys.com s.adtelligent.com
ads.us.e-planning.net
2 csync.loopme.me 2 redirects
2 dm.hybrid.ai www.buhoblik.org.ua
s.adtelligent.com
2 exchange.buzzoola.com 1 redirects www.buhoblik.org.ua
2 pa.tns-ua.com 1 redirects www.buhoblik.org.ua
2 ads.betweendigital.com 2 redirects
2 ad.adriver.ru 2 redirects
2 m.trafmag.com www.buhoblik.org.ua
2 s.adtelligent.com inv-nets.admixer.net
s.adtelligent.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
tttttt.me
2 ssl.google-analytics.com www.buhoblik.org.ua
2 buhoblik.org.ua 2 redirects
1 www.facebook.com www.buhoblik.org.ua
1 ald-lamp-us.alicdn.com g.alicdn.com
1 promotion.aliexpress.ru grsync.ru
1 d.turn.com 1 redirects
1 rtb.adentifi.com www.buhoblik.org.ua
1 rtb.gumgum.com www.buhoblik.org.ua
1 aud.pubmatic.com www.buhoblik.org.ua
1 sync.srv.stackadapt.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 counter.yadro.ru 1 redirects
1 www.googletagmanager.com assets.alicdn.com
1 mbest.aliexpress.com assets.alicdn.com
1 adscale-emea.adnxs.com 1 redirects
1 track.adform.net 1 redirects
1 ssum.casalemedia.com 1 redirects
1 ps.eyeota.net s.adtelligent.com
1 bbnaut.ibillboard.com 1 redirects
1 www.aliexpress.com 1 redirects
1 sale.aliexpress.com 1 redirects
1 s.click.aliexpress.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pixel.quantserve.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 idsync.rlcdn.com ads.pubmatic.com
1 docker.creative-serving.com 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 js.cookieless-data.com s.e-planning.net
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 s0.2mdn.net googleads.g.doubleclick.net
1 tags.crwdcntrl.net s.e-planning.net
1 af.click.ru w.uptolike.com
1 static.tnsis.ru w.uptolike.com
1 grsync.ru w.uptolike.com
1 jaclick.ru w.uptolike.com
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 ad.doubleclick.net www.googletagservices.com
1 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 cms.analytics.yahoo.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 gcdn.2mdn.net 1 redirects
1 cm.adform.net s.console.adtarget.com.tr
1 i.e-planning.net ads.us.e-planning.net
1 pixel.sitescout.com 1 redirects
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 b1h-apac1.zemanta.com 1 redirects
1 fo-ssp.omnitagjs.com s.adtelligent.com
1 www.google.com googleads.g.doubleclick.net
1 bid.g.doubleclick.net imasdk.googleapis.com
1 t.trafmag.com s.adtelligent.com
1 ap.lijit.com s.adtelligent.com
1 ic.tynt.com s.adtelligent.com
1 s.console.adtarget.com.tr s.adtelligent.com
1 green.erne.co 1 redirects
1 admixer-sync.rutarget.ru 1 redirects
1 ce.lijit.com www.buhoblik.org.ua
1 prebid-eu.creativecdn.com cdn.admixer.net
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.co.uk pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 avto-oblik.com.ua www.buhoblik.org.ua
1 tttttt.me www.buhoblik.org.ua
1 xn--r1a.website 1 redirects
1 www.gstatic.com www.buhoblik.org.ua
1 www.google.com.ua 1 redirects
0 fcmatch.google.com Failed www.buhoblik.org.ua
0 resolve Failed tttttt.me
0 fourier.taobao.com Failed www.buhoblik.org.ua
assets.alicdn.com
0 us.creativecdn.com Failed assets.alicdn.com
0 acs.aliexpress.com Failed assets.alicdn.com
472 202

This site contains links to these domains. Also see Links.

Domain
uptolike.ru
promopult.ru
Subject Issuer Validity Valid
www.buhoblik.org.ua
R3		 2022-02-05 -
2022-05-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-08 -
2022-06-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tttttt.me
R3		 2022-02-25 -
2022-05-26		 3 months crt.sh
uptolike.com
R3		 2021-12-25 -
2022-03-25		 3 months crt.sh
www.avto-oblik.com.ua
R3		 2022-02-09 -
2022-05-10		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-06		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
adpartner.pro
R3		 2022-01-10 -
2022-04-10		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-02-01 -
2022-05-02		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-01-28 -
2022-04-28		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-01-29 -
2022-04-29		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.us.e-planning.net
R3		 2022-02-24 -
2022-05-25		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2022-01-29 -
2022-04-29		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
widespace.com
R3		 2022-01-11 -
2022-04-11		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
tlgr.org
R3		 2022-02-23 -
2022-05-24		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
jaclick.ru
R3		 2022-02-24 -
2022-05-25		 3 months crt.sh
grsync.ru
R3		 2022-02-24 -
2022-05-25		 3 months crt.sh
static.tnsis.ru
R3		 2022-01-20 -
2022-04-20		 3 months crt.sh
*.click.ru
R3		 2021-12-15 -
2022-03-15		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-02-08 -
2022-04-19		 2 months crt.sh
js.cookieless-data.com
R3		 2022-02-15 -
2022-05-16		 3 months crt.sh
umagnet.ru
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-12-05 -
2022-12-06		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
ae01.alicdn.com
DigiCert SHA2 Secure Server CA		 2022-02-10 -
2023-02-10		 a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.ok.ru
GeoTrust RSA CA 2018		 2021-02-18 -
2022-03-21		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
*.mail.ru
GeoTrust RSA CA 2018		 2021-11-01 -
2022-12-02		 a year crt.sh
*.eyeota.net
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
ru.aliexpress.com
DigiCert SHA2 Secure Server CA		 2022-02-15 -
2023-02-16		 a year crt.sh
semantiqo.com
R3		 2022-01-20 -
2022-04-20		 3 months crt.sh
cdn3.caltat.com
R3		 2022-01-20 -
2022-04-20		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
intercollectcontact.ru
R3		 2022-01-02 -
2022-04-02		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
img.alicdn.com
DigiCert SHA2 Secure Server CA		 2022-02-15 -
2023-02-16		 a year crt.sh
*.alicdn.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-07-03 -
2022-08-04		 a year crt.sh
*.aliexpress.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-05-25 -
2022-06-26		 a year crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-06-28 -
2022-07-30		 a year crt.sh
*.arms.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-12-09 -
2023-01-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-06 -
2022-03-06		 3 months crt.sh

This page contains 75 frames:

Primary Page: https://www.buhoblik.org.ua/
Frame ID: F2F8DE0BCDBFE924299CD6EEFCB272B6
Requests: 66 HTTP requests in this frame

Frame: tg://resolve?domain=buhoblik_org_ua
Frame ID: 65189A64F2740DE2126E49FBF728A3B6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Frame ID: AAE6903B1E36B2C6B467735B2D57B7EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645965425&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426386&bpp=18&bdt=351&idt=122&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&correlator=6049263549741&frm=20&pv=2&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=EtmAHCiu4P&p=https%3A//www.buhoblik.org.ua&dtd=135
Frame ID: 4209A680AFCA03C522E9995507AA2ACD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&adk=1812271804&adf=3025194257&lmt=1645965425&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&plas=294x1080_l%7C294x1080_r&format=0x0&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426426&bpp=1&bdt=391&idt=102&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=116
Frame ID: 8B10B8EA0E2D632EC5E3F545AF1F5304
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426427&bpp=3&bdt=392&idt=117&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8TqPpiXJb3&p=https%3A//www.buhoblik.org.ua&dtd=119
Frame ID: F0A7054135D859DD6A54D2D69940D25D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645965425&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426430&bpp=1&bdt=394&idt=120&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=t9E9gqFMd6&p=https%3A//www.buhoblik.org.ua&dtd=121
Frame ID: 6A7DE625847089FE3A27A5F27745F341
Requests: 15 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: 1978BF53DFF43FC2136CF76E29536887
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: A16112C318204BEEB69EC150322208E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Frame ID: 9E978EF2926D617D8DD0EB6BB3A8A562
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Frame ID: FA420419621E54AEAA66023D1941C6F8
Requests: 52 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 6AB56592BD19E0557F7113B39DE3284C
Requests: 9 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=712122
Frame ID: 77F062F2908D01C8EAD0F6D4007B6913
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=3378992c-92b1-4273-a6fb-33f74c532efd
Frame ID: E0C2F9D8F06D9C7F2A3D9716D432C2AE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 7F770AD705C2B11AEDC320147C871DE4
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 0EE55BC0C42AB612E0BB22CECD2CA891
Requests: 6 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 37F97EFBDA7D7C688DF18DEFEA1209AE
Requests: 12 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: F0594F0DC3A64214367EBBFEEFBB72B7
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Frame ID: 28EEC1910B5EF39A31C9BD1DAE9F9EB1
Requests: 11 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?5e5f39385e9edc9f82706afd51e24398
Frame ID: 29EFF53DF1C4A5D471508DD91CC37F1B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 377C51B6F0FDD00ADF33B4A63E7755C8
Requests: 4 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=4418958318859421880
Frame ID: 7A672C758A54FC947DF3E115913CD513
Requests: 1 HTTP requests in this frame

Frame: https://fo-ssp.omnitagjs.com/fo-ssp/sync?gdpr=0
Frame ID: ECBFD165C57AD2F8CA1976359D83922B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 037568FD1A586006B8DD7ADB0A77FE22
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJSungIQ7LaeAhie9cu_ATAB&v=APEucNVl-aiRGge1CYkiNg1yjRCTtObKrBHrejKv7RVPvpYqJQswKbuOCEA4_8_QvJnUkPciYXVnKa1ZtrVxsKHZVKtx_4iAfUWFdkAdwhZlUN-xVF3mxnFzn5-6BTpYp10I1iIau-Ga32lzxhBu__venPmk8aHTQ8lPXW3FI7wm5UBhLH-pZeU
Frame ID: A3723502FF0B960CCFCB2B6E43C7B7E0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6tv8YCEMKMrJYDGMmh-cIBMAE&v=APEucNWqB8fSWlnhk3hmv_y_-jkaq_XyOc-v8sWQs39WZ-z0XcLB2xHYqhZhwSzMx7HtbHFc6kvGSa0HHRMz4qT4NoGcTpa8Hh7tXF_ziqJjeQr8Z1vo8YGcMHDj3xjyGzqfUTBK1EggtmuY2szBO6_lEGCaIzB7aima4Arqa_ASODlsDKis64w
Frame ID: 3AC8D877EA210273198C60756F0A0819
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 1709C2B0C09AC7FDB55C1C627DE3480E
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5e0b356b00c796ee%26uid%3D
Frame ID: 07A5B0A856960F3E57071F676B55EAF0
Requests: 9 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 99AAD1BF6DC9A429CE4995AA72805009
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 57F1DDFCE762E97BEE8519A2E432D685
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 2ED2F3DB4D1A0A28694BE81A6AD9AE97
Requests: 28 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 585F58A842771E4BEB8B8BB6BD1288F9
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: C7F84EFBEDE62AECAEBFA24083DDB9A5
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9tR9d801nIrqaqseOqgy&pi=admatic
Frame ID: B428E310091F221A70BDE635BB81DE65
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 9088C176AB86F997CD13E8524ECCEC26
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 5AFA91E3B36200EEB78C3E275CC2CB3C
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: C4479FA15F7339FE631F996471F70350
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Frame ID: 4B95809FB6560240D074FEDA1E9A3777
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: AF6D258A8FBC12A0BACC45A08CCC0658
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F299B31AA4EC2446BF5634C05BC9BED4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 945FC8F48F3BFDCB30A7BD35F9478BDB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B982947DE410188EA4F50EDA8CBD8205
Requests: 3 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 76F181C4530EB0F8E8FFBC8A89AE4965
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AK8Muliy-wRda6Lv
Frame ID: A1ABF8C734C9BDACBA48D09FCE271F8B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 39AB597ED0C45702804A5AADF22A6D05
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Frame ID: 3966C82D8B651D98F982B157C7C51DF9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhtwdAAJVqlBjABB&gdpr=0&gdpr_consent=&_test=YhtwdAAJVqlBjABB
Frame ID: E4C265396E56B1A8F2E9C42E14E2D8C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3e4a621b-7073-4400-b55d-fec87dfdb1e5&gdpr=0&gdpr_consent=
Frame ID: DCBD2CAFD6B0EE7CE6FD7EF75F950E9C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 6827BF4BDC2D96697F4FFC3EC32C61EB
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: FBB9C9E2155765F3C9916CDD9D986500
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D957A90DDA3120584D6BCC678016EE00
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 212BEFBA10C7ED3376D1D0A2B3DFF7E4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=650334208010
Frame ID: 251062B507D834FDBBDD847EDECEA257
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Dn9tcXnO1NoiNu5&gdpr=0&gdpr_consent=
Frame ID: 6240591FAB028DFE3C6818FE044BA23B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9F7938EC3766EFACA7B02A505CF7BACE
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=image%2Fgif
Frame ID: 435A2BC4285C8DAA9117FE7DCB3EB088
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=f4160edd-d830-44aa-8346-f3071a4ea177
Frame ID: 446F18F3C45B9E82A2A0C9CC292FCE8B
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 275090E0B0EEB8C376DE278F66567EC2
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Frame ID: 9DA81631B5F0049DE3C7B396C07DBC89
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=ae4a4d29-f74c-4365-9a48-0327b8509eb6
Frame ID: B13050473EF3CCF13A766F175509DC72
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Frame ID: B316A79961BC994934808139D0CCA507
Requests: 1 HTTP requests in this frame

Frame: https://mbest.aliexpress.com/m/promote.htm?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Frame ID: A092139937CF558C01FD34219862809C
Requests: 34 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: D6CCDA8716CD139E51ACF37A58EBA446
Requests: 11 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: 901BDC29F3ACBEC891CE5E8FD8D2564D
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_Ss52YF3IAd5cEVfrVcQ0_home&id=pr_Ss52YF3IAd5cEVfrVcQ0_uid_unknown&id=pr_Ss52YF3IAd5cEVfrVcQ0_lid_Nn5mSSV5ON1M5rIw926F&su=https%3A%2F%2Fm.aliexpress.com%2F%3Ftracelog%3Dwwwhome2mobilesitehome%26aff_fcid%3D2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp%26tt%3DCPS_NORMAL%26aff_fsk%3D_9i9ptp%26aff_platform%3Dportals-promotion%26sk%3D_9i9ptp%26aff_trace_key%3D2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp%26terminal_id%3D613ea6ac684841029686c639709275a0&sr=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ts=1645965429303
Frame ID: 02C134195B44A6A013AB5EC7DF5739F5
Requests: 1 HTTP requests in this frame

Frame: https://sonar.semantiqo.com/i/
Frame ID: 33DF446078AF25926AA90C5A36BF5694
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: EECCA5058639AD5104081B58381C7B2F
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7f53ff30-64b6-44f4-a963-1b81ddd63fb8-tuct914f5f6&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 927AD1929995F907D83FB05473B612C9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-72e88b04-b8e8-421f-8585-88b85cbe05d8-003
Frame ID: FE545AD794482E4FC518B7BF1DED6F9D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:755BE3F1940749AAA01EF15FFD42AA6F
Frame ID: 7782EE29D0C829D2ED415764B1B9BB7A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=iQNgnEpnCke1T01nd3AbYg
Frame ID: 2C51B44E50A5089284A1ADC52DE67386
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=G37fesFgSfJfNRzRp8nIfAW7FWU
Frame ID: A4F28F82135E4846576941E8FFD878F1
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=5e0b356b00c796ee&uid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Frame ID: A85ABEA7B7ABD2D558FC08AA45BC9853
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=758950941/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Frame ID: D3B207337921BB641E60426684D073F0
Requests: 7 HTTP requests in this frame

Frame: https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Frame ID: 606106151475DDBBCB552067DE6945B6
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Бухучет в Украине : Бухгалтерский и налоговый учет

Page URL History Show full URLs

  1. http://buhoblik.org.ua/ HTTP 301
    https://buhoblik.org.ua/ HTTP 301
    https://www.buhoblik.org.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

472
Requests

77 %
HTTPS

24 %
IPv6

131
Domains

202
Subdomains

130
IPs

19
Countries

4869 kB
Transfer

9940 kB
Size

198
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://buhoblik.org.ua/ HTTP 301
    https://buhoblik.org.ua/ HTTP 301
    https://www.buhoblik.org.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://www.google.com.ua/cse/brand?form=cse-search-box%E2%8C%A9=ru HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 11
  • https://xn--r1a.website/s/buhoblik_org_ua HTTP 302
  • https://tttttt.me/buhoblik_org_ua
Request Chain 51
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB
Request Chain 52
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806 HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-4440286886 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Arj_GHUZkxFqjrXofVMAdNw
Request Chain 53
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=3860bc89-5a6a-513a-819c-705ae3870029
Request Chain 54
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=9c7f0ef13bf14486a3e151c10f1fe840 HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z2EEA4DAA7304715A0EF8731BBD1AA66&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=9c7f0ef13bf14486a3e151c10f1fe840
Request Chain 55
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=9c7f0ef13bf14486a3e151c10f1fe840 HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=9c7f0ef13bf14486a3e151c10f1fe840
Request Chain 56
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 58
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=3c3c8d4c-f273-4123-9af6-ef022b222110
Request Chain 60
  • https://admixer-sync.rutarget.ru/sync HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=76391747-8C01-44B5-BA9C-B7DA670E100C&id=A3tGZSnWbmlK
Request Chain 61
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=9c7f0ef13bf14486a3e151c10f1fe840&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=9c7f0ef13bf14486a3e151c10f1fe840&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admixer&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=3N7nau82IAbJMyXUyl5SYZH1&ssp=admixer HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=95e8d83a-fe79-43ad-91a3-e598c0ed80d2&gdpr=&consent=&gdpr_pd=
Request Chain 63
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=3378992c-92b1-4273-a6fb-33f74c532efd
Request Chain 66
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 68
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3d2edc91-37a2-417d-971b-2361a6782c20
Request Chain 70
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=b7234acbe79ee4e9
Request Chain 72
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6e5eded3-942a-44eb-bd19-df6f50bd6027
Request Chain 73
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=044f2d76-f928-4006-bd2e-0fe6e10f71fa
Request Chain 74
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4418958318859421880
Request Chain 75
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=9c7f0ef13bf14486a3e151c10f1fe840
Request Chain 97
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 98
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=4418958318859421880
Request Chain 99
  • https://sync.spotim.market/csync?redir=https://fo-ssp.omnitagjs.com/fo-ssp/sync?gdpr=0&gdpr_consent_string={gdpr_consent) HTTP 302
  • https://fo-ssp.omnitagjs.com/fo-ssp/sync?gdpr=0
Request Chain 101
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=
Request Chain 102
  • https://b1h-apac1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D__ZUID__%20 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Request Chain 103
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Request Chain 104
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yhtwcl5ycqmpYOSz6UUk4AAA%26208
Request Chain 121
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D5e0b356b00c796ee HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=5e0b356b00c796ee
Request Chain 125
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D5e0b356b00c796ee HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 126
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D5e0b356b00c796ee%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=5e0b356b00c796ee&uid=4418958318859421880
Request Chain 127
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 134
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9tR9d801nIrqaqseOqgy&pi=admatic
Request Chain 190
  • https://gcdn.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677501427/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/364BA800382F89CF0971E8DFFA5F78209EC26B1C.4EC6320ED5B2E02A29AC58A8EB3AB800AC5C21F9/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-aigzrney.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677501427/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5EA415A9A2655C7E764DA5CF22342B8CCEBDA09F.39075E8BCE6BBBDFCCFAAD9FB4D5DE61409CF09F/key/cms1/cms_redirect/yes/mh/fH/mip/2a02:8c8:c10:30::15/mm/42/mn/sn-aigzrney/ms/onc/mt/1645965075/mv/u/mvi/1/pl/32/file/file.mp4
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
Request Chain 193
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDCTXaHPXu9cHgfdrN8MFO0&google_cver=1
Request Chain 195
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxODk1ODMxODg1OTQyMTg4MA%3D%3D
Request Chain 199
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
Request Chain 200
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDCTXaHPXu9cHgfdrN8MFO0&google_cver=1
Request Chain 202
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxODk1ODMxODg1OTQyMTg4MA%3D%3D
Request Chain 205
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6c0ced92-214c-4ca6-be3c-da9ec837c836&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Request Chain 207
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=27c6900a-cee8-43c7-9df9-2ddc4dabbe41&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Request Chain 210
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361&rdf=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Request Chain 211
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=8a4920dd-277f-4dac-8660-00336f8a4069&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 212
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f6be7388-17f3-4901-6016-e1f77c543494&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f6be7388-17f3-4901-6016-e1f77c543494&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=29053329692172150550491571047363694804&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Request Chain 214
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7069367679324256399&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Request Chain 216
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f6be7388-17f3-4901-6016-e1f77c543494&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f6be7388-17f3-4901-6016-e1f77c543494&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361&bounce=1&random=3486226019 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=j67zJTsuqaLu2mDawiHdgO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Request Chain 217
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 218
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f6be7388-17f3-4901-6016-e1f77c543494?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=f6be7388-17f3-4901-6016-e1f77c543494?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=6d5d579c15eba577a4d9ce916bc9f447&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Request Chain 219
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-7dI839VE2oqUJxtjZImhACrCQm3kiUVSew--~A&zpartnerid=570&env=mWeb
Request Chain 220
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=5MW5g7YHHbnOXmsldmVjT14Oz%2FyLfPFH%2BS41iYitP1U%3D
Request Chain 224
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361&_test=YhtwcwAJTJiYUAAy HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YhtwcwAJTJiYUAAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361&_test=YhtwcwAJTJiYUAAy
Request Chain 226
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Request Chain 227
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f6be7388-17f3-4901-6016-e1f77c543494&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f6be7388-17f3-4901-6016-e1f77c543494&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361&dcc=t
Request Chain 229
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Dfef2c603-6922-4f0a-65b9-6023fa0b5d65%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Request Chain 233
  • https://ih.adscale.de/uu?cbfn=receive&t=1645965427 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1645965427&nut&uu=82130a575f9b48f79038e1fa8ec040ca
Request Chain 243
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENoReFYZ69myImzb0IgK8MQ&google_cver=1&google_push=AYg5qPKJ9p4PNA7GRBgJghFtQjjvxUgQu4nxEkZKN5YJi0ZOB10ImbGScOyBxUF_ceTDK0xN8YYzSN7hENu5psNuPvNj7-bN6Zc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKJ9p4PNA7GRBgJghFtQjjvxUgQu4nxEkZKN5YJi0ZOB10ImbGScOyBxUF_ceTDK0xN8YYzSN7hENu5psNuPvNj7-bN6Zc&google_hm=Q0FFU0VOb1JlRllaNjlteUltemIwSWdLOE1R
Request Chain 244
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKflsj6a0PaWQ7C8TWVarr-L3N84Zm8EaLUy3xfvGb2fN8FGqSpEXlINghpcF0F-KgQRU8qYA4McOnsrJpLEAtCXytF98eg&google_gid=CAESEDB-yGyJ7GS22uV5btQ60TM&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPPg7ZAGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBLZmxzajZhMFBhV1E3QzhUV1ZhcnItTDNOODRabThFYUxVeTN4ZnZHYjJmTjhGR3FTcEVYbElOZ2hwY0YwRi1LZ1FSVThxWUE0TWNPbnNySnBMRUF0Q1h5dEY5OGVn HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwY1VVcDA0cmVfXzhnOF9CUllEUUdtdWJsS01OZTc3elplVUlwOU4tODFaVQ==&google_push
Request Chain 246
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN5CC21juTz_vjseFEJkgno&google_cver=1&google_push=AYg5qPLDrkGeW1BL_X-pQNfJVWkA677Fxwily5VY8mQya4rsWKIvmpG7fKMYY1YhhB4aOxVDMg8q8aQly95VAstmG9Eiwu8V1fAm HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN5CC21juTz_vjseFEJkgno&google_cver=1&google_push=AYg5qPLDrkGeW1BL_X-pQNfJVWkA677Fxwily5VY8mQya4rsWKIvmpG7fKMYY1YhhB4aOxVDMg8q8aQly95VAstmG9Eiwu8V1fAm&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xGlwQbyzSm2Tm1zdH7Faew%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLDrkGeW1BL_X-pQNfJVWkA677Fxwily5VY8mQya4rsWKIvmpG7fKMYY1YhhB4aOxVDMg8q8aQly95VAstmG9Eiwu8V1fAm
Request Chain 247
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGHr1Bcupi00t5fX1HYN8lw&google_cver=1&google_push=AYg5qPKQ8iAxpA8VQDxqRhdCxKAMRYZGCxasKwSAz97--bK6Xwr-xwtDE0ZGyitqX-IEXYwgQ3GKxmwM0aEpLsk188oA1RVNPkLs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDA1OUJHQTgtNC1KVVZS&google_push=AYg5qPKQ8iAxpA8VQDxqRhdCxKAMRYZGCxasKwSAz97--bK6Xwr-xwtDE0ZGyitqX-IEXYwgQ3GKxmwM0aEpLsk188oA1RVNPkLs
Request Chain 248
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA
Request Chain 270
  • https://mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuacwhkv%3Afp%3A922%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A452696730693%3Ahid%3A140422185%3Az%3A0%3Ai%3A20220227123707%3Aet%3A1645965428%3Ac%3A1%3Arn%3A235461099%3Arqn%3A1%3Au%3A1645965428340091172%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1645965425315%3Ads%3A0%2C0%2C296%2C1%2C354%2C0%2C%2C375%2C10%2C%2C%2C%2C1094%3Aco%3A0%3Arqnl%3A1%3Ast%3A1645965428%3At%3A%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuacwhkv%3Afp%3A922%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A452696730693%3Ahid%3A140422185%3Az%3A0%3Ai%3A20220227123707%3Aet%3A1645965428%3Ac%3A1%3Arn%3A235461099%3Arqn%3A1%3Au%3A1645965428340091172%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1645965425315%3Ads%3A0%2C0%2C296%2C1%2C354%2C0%2C%2C375%2C10%2C%2C%2C%2C1094%3Aco%3A0%3Arqnl%3A1%3Ast%3A1645965428%3At%3A%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 277
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Request Chain 278
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YhtwdAAJVqlBjABB HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhtwdAAJVqlBjABB&gdpr=0&gdpr_consent=&_test=YhtwdAAJVqlBjABB
Request Chain 279
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3e4a621b-7073-4400-b55d-fec87dfdb1e5&gdpr=0&gdpr_consent=
Request Chain 281
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFMUJrN0VOdUVBQUFNYmY0eVd0dw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 284
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=650334208010
Request Chain 285
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Dn9tcXnO1NoiNu5&gdpr=0&gdpr_consent=
Request Chain 286
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 287
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 288
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=f4160edd-d830-44aa-8346-f3071a4ea177
Request Chain 290
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=a8f54778-bdc6-42f7-8ac2-831a3a82fb04&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Request Chain 291
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID} HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=ae4a4d29-f74c-4365-9a48-0327b8509eb6
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xGlwQbyzSm2Tm1zdH7Faew%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 295
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=14b9621b-7074-4700-b2b7-e8effa70f27c
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQ2OTcwNDEtQkNCMy00QTZELTkzOUItNUNERDFGQjE1QTdC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELVkCeXf2tVkPs6BYHi1NQE&google_cver=1
Request Chain 299
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7453319797025266452&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 300
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=27c6900a-cee8-43c7-9df9-2ddc4dabbe41
Request Chain 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rXS467xE2uUBOlUW3ocd.CeNQ3eQMYg-~A&gdpr=0&gdpr_consent=
Request Chain 303
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4418958318859421880&gdpr=0&gdpr_consent=
Request Chain 305
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 306
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=fa3d3b1f-97c9-11ec-8681-7f9b9a30e98b&gdpr=0&gdpr_consent=
Request Chain 307
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=95e8d83a-fe79-43ad-91a3-e598c0ed80d2 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=95e8d83a-fe79-43ad-91a3-e598c0ed80d2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b4e5a64a-cae4-4f24-8433-cf119ae27d3f&user_group=1&ssp=pubmatic&bsw_param=95e8d83a-fe79-43ad-91a3-e598c0ed80d2 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=95e8d83a-fe79-43ad-91a3-e598c0ed80d2&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 308
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6bf6T-i1_B7y5_8Z6LzmHO-z_BTy5_oZ6OaIbeOt
Request Chain 309
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4005301367276200709
Request Chain 310
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B331_EBF2A9E7_B9CA815&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 311
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4418958318859421880
Request Chain 313
  • https://s.click.aliexpress.com/e/_9i9ptp HTTP 302
  • https://sale.aliexpress.com/September_fashion_new_lianmeng.htm?aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0 HTTP 302
  • https://www.aliexpress.com/?aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0 HTTP 302
  • https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Request Chain 321
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=82130a575f9b48f79038e1fa8ec040ca&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646e0960bba3f253c31ae%2F1645965428326%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?tpid=101&tpuid=BBID-01-03206794285498474-16536888
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a66-KRB3chpSkOEirx-pvIuuQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a66-KRB3chpSkOEirx-pvIuuQ&gdpr=0&gdpr_consent=&google_gid=CAESEK9J4WAvga8tWavco6cQPmw&google_cver=1
Request Chain 336
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4005301367276200709
Request Chain 337
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=0bab807e0ea0672c3c59a9cada0c5dffd5dc82e8d10001cdbc7c3956251bf646&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646e0960bba3f253c31ae%2F1645965428326%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Yhtwcl5ycqmpYOSz6UUk4AAA%26208
Request Chain 338
  • https://track.adform.net/serving/cookie/match/?party=9&uid=e418a2d802df894811fc8682b99c78430ab1399cc05187ad7718935408d6e81c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646e0960bba3f253c31ae%2F1645965428326%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?tpid=42&gdpr=0&tpuid=4005301367276200709
Request Chain 340
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=2c8a2073722ec4f1cfa44eb57c311374b5fde758ca4ff662aeee4f34026464c1&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646e0960bba3f253c31ae%2F1645965428326%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=cd985754-8bf2-44a2-93fe-6f2ddd7cfa7e&gdpr=0
Request Chain 347
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=9063491132bf5b26ebf07ce4cb0ed648ce92ad1a9addb19cde3dc8ec78042089&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646e0960bba3f253c31ae%2F1645965428326%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=14b9621b-7074-4700-b2b7-e8effa70f27c&gdpr=0&gdpr_consent=
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=390ca4ba8c3d51fb7164fd410342add6e5e93b08ff5921b64b2fda9a40190eec&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646e0960bba3f253c31ae%2F1645965428326%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?uid=390ca4ba8c3d51fb7164fd410342add6e5e93b08ff5921b64b2fda9a40190eec&tpid=38&gdpr=0&tpuid=CAESEBxUmhEwp5DLsmGzLkjCocY&google_cver=1
Request Chain 350
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646e0960bba3f253c31ae%2F1645965428326%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?tpid=75&tpuid=4418958318859421880&gdpr=0
Request Chain 378
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=231f96a00abb43d4eccc2d8fe4d80031f09eb903702dc34d6b87a95455b02c93&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646e0960bba3f253c31ae%2F1645965428326%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=231f96a00abb43d4eccc2d8fe4d80031f09eb903702dc34d6b87a95455b02c93&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646e0960bba3f253c31ae%2F1645965428326%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/js?tpid=48&tpuid=dd7335c7f01b654fe560394598aef8ba
Request Chain 386
  • https://counter.yadro.ru/id127/reff-id.gif?sid=5e86154933854d3aad90e5affddd0142 HTTP 302
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=5e86154933854d3aad90e5affddd0142
Request Chain 389
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 390
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7f53ff30-64b6-44f4-a963-1b81ddd63fb8-tuct914f5f6&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 391
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1645965430758 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6801522309 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/27c6900a-cee8-43c7-9df9-2ddc4dabbe41 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-72e88b04-b8e8-421f-8585-88b85cbe05d8-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-72e88b04-b8e8-421f-8585-88b85cbe05d8-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-72e88b04-b8e8-421f-8585-88b85cbe05d8-003
Request Chain 392
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:755BE3F1940749AAA01EF15FFD42AA6F
Request Chain 393
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=iQNgnEpnCke1T01nd3AbYg
Request Chain 394
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=G37fesFgSfJfNRzRp8nIfAW7FWU
Request Chain 396
  • https://pixel.onaudience.com/?partner=214&mapped=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ed4b3944472496857416b44296b66658 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=27c6900a-cee8-43c7-9df9-2ddc4dabbe41&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=6d5d579c15eba577a4d9ce916bc9f447 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=0448051f5661928c
Request Chain 397
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&addseg=11,34,40
Request Chain 399
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C4697041-BCB3-4A6D-939B-5CDD1FB15A7B HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=fbaa37a0-97c9-11ec-a833-0aa6849ebafd&companyId=673&id=pubmatic_id:C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Request Chain 404
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/6d5d579c15eba577a4d9ce916bc9f447/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7453319797025266452/gdpr=1
Request Chain 406
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=6d5d579c15eba577a4d9ce916bc9f447&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=6c0ced92-214c-4ca6-be3c-da9ec837c836
Request Chain 474
  • https://cm.g.doubleclick.net/pixel?google_nid=aliexpress_adh&google_cm&google_hm=fF6iGqDyRm0CAQW7FWWOrWZd&t=16459654378811109 HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDopDPOtZSdW2xHKLXyTBWZag7eVCG_08fEmKhGNFxGNXbzetKWOIRsBOyGnMYTAeQhR5zvHGRQLrDuOzZcFf1SmO6bc4RoMY5WUQRvzzEqXLa7LYNB0

472 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.buhoblik.org.ua/
Redirect Chain
  • http://buhoblik.org.ua/
  • https://buhoblik.org.ua/
  • https://www.buhoblik.org.ua/
85 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
9a9ae18df2794e90c3f0657da4efd2ee7cb9c7dd294f1f3a9199e4f8bab554f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:05 GMT
content-type
text/html; charset=utf-8
content-length
15645
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
permissions-policy
interest-cohort=()
expires
Wed, 17 Aug 2005 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
pragma
no-cache
x-ray
p953:0.160/wn25401:0.170/wa25401:D=164372
last-modified
Sun, 27 Feb 2022 12:37:05 GMT
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
nginx
date
Sun, 27 Feb 2022 12:37:05 GMT
content-type
text/html; charset=iso-8859-1
content-length
236
x-ray
p953:0.000/wn25401:0.000/wa25401:D=3119
location
https://www.buhoblik.org.ua/
cache-control
max-age=0
expires
Sun, 27 Feb 2022 12:37:05 GMT
5ae88bc53bb2a870aa7eb201075fa2cb.css
www.buhoblik.org.ua/media/com_jchoptimize/cache/css/ 		161 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buhoblik.org.ua/media/com_jchoptimize/cache/css/5ae88bc53bb2a870aa7eb201075fa2cb.css
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
88467b23c1044f571783e76997720036df1c0a9925eee5f428c7ff150fa7da56

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.000/wn25401:0.000/
content-encoding
br
last-modified
Sun, 27 Feb 2022 12:27:18 GMT
server
nginx
etag
W/"621b6e26-28387"
content-type
text/css
cache-control
max-age=2592000
date
Sun, 27 Feb 2022 12:37:06 GMT
expires
Tue, 29 Mar 2022 12:37:06 GMT
0a71639e87b69ef0957d8cf5c1d7e6e3.js
www.buhoblik.org.ua/media/com_jchoptimize/cache/js/ 		137 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buhoblik.org.ua/media/com_jchoptimize/cache/js/0a71639e87b69ef0957d8cf5c1d7e6e3.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
39d7baa5797d401733cfc40ff26c35e4f4d7318ffcaa221ecf767b4f33bb26cc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.000/wn25401:0.000/
content-encoding
br
last-modified
Sun, 27 Feb 2022 12:27:40 GMT
server
nginx
etag
W/"621b6e3c-223b2"
content-type
application/javascript
cache-control
max-age=2592000
date
Sun, 27 Feb 2022 12:37:06 GMT
expires
Tue, 29 Mar 2022 12:37:06 GMT
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com.ua/cse/brand?form=cse-search-box%E2%8C%A9=ru
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5807
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 28 Feb 2022 12:16:32 GMT

Redirect headers

date
Sun, 27 Feb 2022 12:37:06 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Sun, 27 Feb 2022 13:07:06 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f63adf045186a7ff8708597a5a8e9fb9ec71f2cba7c710bf01cbd26d1e389742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53814
x-xss-protection
0
server
cafe
etag
16181131476836168310
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Feb 2022 12:37:06 GMT
youtube-32.png
www.buhoblik.org.ua/images/ 		918 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/youtube-32.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
c6d254ee6b05a14666952b2b7629dedc518103bfed8a8d6ee0c1cbe28f76c6fd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.000/wn25401:0.000/
last-modified
Sat, 21 Mar 2020 22:41:20 GMT
server
nginx
etag
"5e769810-396"
content-type
image/png
cache-control
max-age=2592000
date
Sun, 27 Feb 2022 12:37:06 GMT
accept-ranges
bytes
content-length
918
expires
Tue, 29 Mar 2022 12:37:06 GMT
list_black.png
www.buhoblik.org.ua/images/ 		417 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/list_black.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
002a93857ca724d4828a347c2b419a56eabfd275f206a5febc48246ccfe5830d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.000/wn25401:0.000/
last-modified
Thu, 27 Aug 2015 18:43:06 GMT
server
nginx
etag
"55df5a3a-1a1"
content-type
image/png
cache-control
max-age=2592000
date
Sun, 27 Feb 2022 12:37:06 GMT
accept-ranges
bytes
content-length
417
expires
Tue, 29 Mar 2022 12:37:06 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5630956766216465
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f431b1d76451b28796405fad59a9a6dc4ab02749f31ff19726eeae3baac0fd7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buhoblik.org.ua/
Origin
https://www.buhoblik.org.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53790
x-xss-protection
0
server
cafe
etag
3599209358296745705
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Feb 2022 12:37:06 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77e8da00b8af80823d41c6efdd3f8a691e2869b573ec1e34e75cd93858bcf87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40138
x-xss-protection
0
server
cafe
etag
4162799740583024874
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Feb 2022 12:37:06 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e1a9f29f42c8aded9c06916867c167eeefff784bb887ea25d10959df0bbf25ec

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sun, 27 Feb 2022 12:37:06 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:43 GMT
server
nginx
etag
W/"621a6a17-2c0e6"
x-cached-since
2022-02-27T12:31:20+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Sat, 26 Feb 2022 18:08:55 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5346
date
Sun, 27 Feb 2022 11:08:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sun, 27 Feb 2022 13:08:00 GMT
module-main3.png
www.buhoblik.org.ua/images/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/module-main3.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
8dfbfa16c85400143f85eb24eef8df723fd19c190f841c2c5ff22b8d0a5eeb09

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.000/wn25401:0.000/
last-modified
Sun, 13 Feb 2022 17:15:45 GMT
server
nginx
etag
"62093cc1-11743"
content-type
image/png
cache-control
max-age=2592000
date
Sun, 27 Feb 2022 12:37:06 GMT
accept-ranges
bytes
content-length
71491
expires
Tue, 29 Mar 2022 12:37:06 GMT
buhoblik_org_ua
tttttt.me/ Frame 6518
Redirect Chain
  • https://xn--r1a.website/s/buhoblik_org_ua
  • https://tttttt.me/buhoblik_org_ua
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tttttt.me/buhoblik_org_ua
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
2a1d55064262f36814dac4b445c08287a2d7984302b00b64e1ee5147092ec26a
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

Server
nginx
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Pragma
no-cache
Cache-control
no-store
Strict-Transport-Security
max-age=35768000
Access-Control-Allow-Origin
*
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Sun, 27 Feb 2022 12:37:06 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Pragma
no-cache
Cache-control
no-store
Location
https://tttttt.me/buhoblik_org_ua
Strict-Transport-Security
max-age=35768000
Access-Control-Allow-Origin
*
num_star.png
www.buhoblik.org.ua/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/num_star.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
a4d35007c83b3689910808811412e63293a2ae2abf1180a2dbaf4b3f7bb91ce9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.001/wn25401:0.000/
last-modified
Tue, 03 Jan 2017 22:58:31 GMT
server
nginx
etag
"586c2c97-652"
content-type
image/png
cache-control
max-age=2592000
date
Sun, 27 Feb 2022 12:37:06 GMT
accept-ranges
bytes
content-length
1618
expires
Tue, 29 Mar 2022 12:37:06 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1341596816&utmhn=www.buhoblik.org.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&utmhid=469687113&utmr=-&utmp=%2F&utmht=1645965426377&utmac=UA-23922474-1&utmcc=__utma%3D21695912.1015733277.1645965426.1645965426.1645965426.1%3B%2B__utmz%3D21695912.1645965426.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=471824235&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 		290 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=pub-5630956766216465&plah=www.buhoblik.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4545ea775b4d568be77c65ae999a56d7a3d62f832427801973bfed3dc9d814c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106772
x-xss-protection
0
server
cafe
etag
9197668695526345071
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 27 Feb 2022 12:37:06 GMT
uptolike.js
w.uptolike.com/widgets/v1/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/uptolike.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:06 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Expires
Sun, 27 Feb 2022 13:07:06 GMT
pdf-sborniki-vnizu-115-2022.png
avto-oblik.com.ua/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avto-oblik.com.ua/images/pdf-sborniki-vnizu-115-2022.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:109e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
89c114dc23d61c6b428f26c214e96d1fd49b43c8f777c8fcbb9ffdee7a84d81f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p15931:0.000/wn503:0.000/
last-modified
Mon, 27 Dec 2021 15:47:26 GMT
server
nginx
etag
"61c9e00e-1201c"
content-type
image/png
cache-control
max-age=2592000
date
Sun, 27 Feb 2022 12:37:06 GMT
accept-ranges
bytes
content-length
73756
expires
Tue, 29 Mar 2022 12:37:06 GMT
dovidnik-buhgaltera-238.png
www.buhoblik.org.ua/normativka/spravochniki/spravochnik-buhgaltera/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/normativka/spravochniki/spravochnik-buhgaltera/dovidnik-buhgaltera-238.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
052155039c13b233f324882bd10dc38150b5bd74fb44f27c0ead4d518fbc901b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.000/wn25401:0.000/
last-modified
Wed, 26 Jul 2017 08:14:12 GMT
server
nginx
etag
"59784f54-3eb3"
content-type
image/png
cache-control
max-age=2592000
date
Sun, 27 Feb 2022 12:37:06 GMT
accept-ranges
bytes
content-length
16051
expires
Tue, 29 Mar 2022 12:37:06 GMT
sidebar-uchet-2021.png
www.buhoblik.org.ua/images/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/sidebar-uchet-2021.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
8fd5f6e7503d4078925f3fada4d3b42ec4e036bf844ee62621f9c6c0272a1495

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.000/wn25401:0.000/
last-modified
Tue, 12 Oct 2021 18:15:43 GMT
server
nginx
etag
"6165d0cf-e6ff"
content-type
image/png
cache-control
max-age=2592000
date
Sun, 27 Feb 2022 12:37:06 GMT
accept-ranges
bytes
content-length
59135
expires
Tue, 29 Mar 2022 12:37:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/ Frame AAE6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5630956766216465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Sun, 27 Feb 2022 04:58:03 GMT
expires
Sun, 13 Mar 2022 04:58:03 GMT
cache-control
public, max-age=1209600
age
27543
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		219 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.buhoblik.org.ua&callback=_gfp_s_&client=ca-pub-5630956766216465
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
5c183fa20c0bf98aff3e4ba06652efde4af407eec9f7df9cd67f75e4109d2cde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.buhoblik.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Feb 2022 12:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.buhoblik.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Feb 2022 12:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4209 		19 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645965425&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426386&bpp=18&bdt=351&idt=122&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&correlator=6049263549741&frm=20&pv=2&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=EtmAHCiu4P&p=https%3A//www.buhoblik.org.ua&dtd=135
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9a3283fa8d717e99ea603ac26c140b81eda2b068878aa285fd90bb5f04ff42c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 27 Feb 2022 12:37:06 GMT
server
cafe
content-length
9848
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 27 Feb 2022 12:37:06 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 8B10 		0
180 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&adk=1812271804&adf=3025194257&lmt=1645965425&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&plas=294x1080_l%7C294x1080_r&format=0x0&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426426&bpp=1&bdt=391&idt=102&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=116
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 27 Feb 2022 12:37:06 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 27 Feb 2022 12:37:06 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame F0A7 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426427&bpp=3&bdt=392&idt=117&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8TqPpiXJb3&p=https%3A//www.buhoblik.org.ua&dtd=119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a73f6c353f01bb98e7471301365d4980abae560de372434b11827dc67b2115bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 27 Feb 2022 12:37:06 GMT
server
cafe
content-length
10245
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 27 Feb 2022 12:37:06 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6A7D 		64 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645965425&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426430&bpp=1&bdt=394&idt=120&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=t9E9gqFMd6&p=https%3A//www.buhoblik.org.ua&dtd=121
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef7fe20346e3acd2c5d6a647a4a448a239f7b0d929d9333196b960d8076c33db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 27 Feb 2022 12:37:06 GMT
server
cafe
content-length
21100
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 27 Feb 2022 12:37:06 GMT
cache-control
private
c.html
cdn.admixer.net/scripts3/44184/ Frame 1978 		738 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:06 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Mon, 27 Feb 2023 17:58:56 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-02-26T17:58:56+00:00
x-id
fr5-up-gc38
content-encoding
gzip
0967ebea4a2a8854ab82.b.js
cdn.admixer.net/scripts3/44184/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sun, 27 Feb 2022 12:37:06 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:44 GMT
server
nginx
etag
W/"621a6a18-5d41"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:56 GMT
849bc7976a13501da8fc.b.js
cdn.admixer.net/scripts3/44184/ 		74 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/849bc7976a13501da8fc.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ad8d6790c4653e3bd078031ffcd5b9c231056162ff04ae386ad85fb74e89407e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sun, 27 Feb 2022 12:37:06 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:52 GMT
server
nginx
etag
W/"621a6a20-12993"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:56 GMT
c.html
cdn.admixer.net/scripts3/44184/ Frame A161 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:06 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Mon, 27 Feb 2023 17:58:56 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-02-26T17:58:56+00:00
x-id
fr5-up-gc38
content-encoding
gzip
ads
googleads.g.doubleclick.net/pagead/ Frame 9E97 		34 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e13f343cddcc83d9228bb7e59febba86094fc1ecb9068a58ee7b26ea639d7d93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 27 Feb 2022 12:37:06 GMT
server
cafe
content-length
15960
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 27 Feb 2022 12:37:06 GMT
cache-control
private
version.js
w.uptolike.com/widgets/v1/ 		69 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_164596542669259
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/uptolike.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
63bef1d74ed191475aa9d30d4c2af73f6498500bed3116cff62e7bd1d39706e6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:06 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Expires
Fri, 28 Jan 2022 08:03:17 GMT
dsp.aspx
inv-nets.admixer.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1368077984762894.2&cpv=04296887-8e17-e152-bf5a-526a663cdcae&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22a3c7c3f8-0141-2966-ed0f-4e9f3fa1cda7%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.buhoblik.org.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Linux%3B%20Android%2011)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F86.0.4240.185%20Mobile%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22b29762c0-37e9-e575-b9c1-7c7964e149d5%22%2C%22tagid%22%3A%22dab6be62-b1e7-4d05-a12c-0a70b3291504%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_dab6be62b1e74d05a12c0a70b3291504_zone_1393_sect_956_site_943%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
0f5dca73f1a959c3e024d125cf728f08efcabc93844d8e5e8e65c8b97340597d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:06 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2134
X-Xss-Protection
0
widgetsModule.js
w.uptolike.com/widgets/v1/ 		172 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/uptolike.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:06 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 27 Feb 2022 13:07:06 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame 6A7D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645965425&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426430&bpp=1&bdt=394&idt=120&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=t9E9gqFMd6&p=https%3A//www.buhoblik.org.ua&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7875
x-xss-protection
0
server
cafe
etag
9606807595520751986
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Mar 2022 12:35:16 GMT
css
fonts.googleapis.com/ Frame 6A7D 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645965425&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426430&bpp=1&bdt=394&idt=120&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=t9E9gqFMd6&p=https%3A//www.buhoblik.org.ua&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84283b0271462df7595314fa8ab57070ed633174a851712bed2bfd8e6bd92117
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Feb 2022 10:54:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 27 Feb 2022 12:37:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Feb 2022 12:37:06 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 6A7D 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645965425&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426430&bpp=1&bdt=394&idt=120&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=t9E9gqFMd6&p=https%3A//www.buhoblik.org.ua&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 21 Feb 2022 12:51:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Feb 2023 12:51:50 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 6A7D 		355 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645965425&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426430&bpp=1&bdt=394&idt=120&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=t9E9gqFMd6&p=https%3A//www.buhoblik.org.ua&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Tue, 22 Feb 2022 18:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125995
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Feb 2023 18:59:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 6A7D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645965425&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426430&bpp=1&bdt=394&idt=120&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=t9E9gqFMd6&p=https%3A//www.buhoblik.org.ua&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Mar 2022 12:29:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame F0A7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426427&bpp=3&bdt=392&idt=117&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8TqPpiXJb3&p=https%3A//www.buhoblik.org.ua&dtd=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:30:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Mar 2022 12:30:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F0A7 		124 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426427&bpp=3&bdt=392&idt=117&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8TqPpiXJb3&p=https%3A//www.buhoblik.org.ua&dtd=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Feb 2022 12:37:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame F0A7 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426427&bpp=3&bdt=392&idt=117&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8TqPpiXJb3&p=https%3A//www.buhoblik.org.ua&dtd=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Mar 2022 12:29:02 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F0A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CQHoncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTgAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde56o0PSGg0bTm805WeudRZLv1hnCw7MimCJO61Q5mSvkdty-hqTGgAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NjMwOTU2NzY2MjE2NDY1GAA&sigh=PwqeRimFrII&uach_m=[UACH]&cid=CAQSGwCNIrLMx3eaac68a_IK0a2L-XQ47hndw-n6VhgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426427&bpp=3&bdt=392&idt=117&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8TqPpiXJb3&p=https%3A//www.buhoblik.org.ua&dtd=119
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426427&bpp=3&bdt=392&idt=117&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8TqPpiXJb3&p=https%3A//www.buhoblik.org.ua&dtd=119
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 27 Feb 2022 12:37:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 27 Feb 2022 12:37:06 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame F0A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UqqtCb_6RNoFmAKH-lcYAgAAAL3dF7qT-P8r2nHJuhBycBti39XiO1WmJlBgCrAAEg&wp=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426427&bpp=3&bdt=392&idt=117&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8TqPpiXJb3&p=https%3A//www.buhoblik.org.ua&dtd=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
server
Kestrel
server-processing-duration-in-ticks
177932
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame FA42 		220 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426427&bpp=3&bdt=392&idt=117&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8TqPpiXJb3&p=https%3A//www.buhoblik.org.ua&dtd=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b9631df5c739304eed163112461c1d75560d970df2ec05a6f4f98cc404538cab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=_KVvLpA1nEyV2X7HShDPCOeierSLa7z2Q0cqAvm-eAkq8h2rIp3vDZJtPJAPSu1Z5bVaht4QL3MkmggXyHXNYV1V5hMm3URln2Hv58oeBsz1ByE3vlTKI8eQcQ-i1MLuewnN2vE1z8a5C5480gMQJpqzZUv_6mRDnXa05H9AIEZJYWrqYVCu8XEaM5BDXS6zV_KZDwzv6gpodJqjVH_-X4EGbmQYwaTeXF5vHUVbzlKEL_M3a8ZK0RDflfYVPCpHJVi2QA"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
144132233
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buhoblik.org.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.buhoblik.org.ua
date
Sun, 27 Feb 2022 12:37:06 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
a4p.adpartner.pro/hb/ 		211 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/hb/bid?tag=6818&sizes=240x350,240x400&referer=www.buhoblik.org.ua%2F
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
3bf9331c87b26cf2ef461c5ea891c2838e476391317591cfdfb04afa95b992e6

Request headers

Referer
https://www.buhoblik.org.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.buhoblik.org.ua
date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/json
sync.html
s.adtelligent.com/ Frame 6AB5 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1368077984762894.2&cpv=04296887-8e17-e152-bf5a-526a663cdcae&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22a3c7c3f8-0141-2966-ed0f-4e9f3fa1cda7%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.buhoblik.org.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Linux%3B%20Android%2011)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F86.0.4240.185%20Mobile%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22b29762c0-37e9-e575-b9c1-7c7964e149d5%22%2C%22tagid%22%3A%22dab6be62-b1e7-4d05-a12c-0a70b3291504%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_dab6be62b1e74d05a12c0a70b3291504_zone_1393_sect_956_site_943%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
704d188fe6affad634eb81f2d001965fdc2ddc1eebe234842131c0ba0c9ffa07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

Server
Adtelligent
Date
Sun, 27 Feb 2022 12:37:06 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1215
Access-Control-Allow-Origin
https://www.buhoblik.org.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
merge
ce.lijit.com/ 		0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=380632&3pid=9c7f0ef13bf14486a3e151c10f1fe840&us_privacy=$(US_PRIVACY)&gdpr=&gdpr_consent=&location=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%5BSOVRNID%5D
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:06 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
X-MERGE
GDPR Optout true
X-Sovrn-Pod
ad_ap7ams1
P3P
CP="CUR ADM OUR NOR STA NID"
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=9c7f0ef13bf14486a3e151c10f1fe840
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:06 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
304
Expires
Sun, 27 Feb 2022 12:37:07 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-4440286886
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Arj_GHUZkxFqjrXofVMAdNw
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Arj_GHUZkxFqjrXofVMAdNw
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Arj_GHUZkxFqjrXofVMAdNw
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=3860bc89-5a6a-513a-819c-705ae3870029
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=3860bc89-5a6a-513a-819c-705ae3870029
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=3860bc89-5a6a-513a-819c-705ae3870029
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=9c7f0ef13bf14486a3e151c10f1fe840
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z2EEA4DAA7304715A0EF8731BBD1AA66&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=9c7f0ef13bf14486a3e151c10f1fe840
56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z2EEA4DAA7304715A0EF8731BBD1AA66&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=9c7f0ef13bf14486a3e151c10f1fe840
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0
content-type
image/gif
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z2EEA4DAA7304715A0EF8731BBD1AA66&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=9c7f0ef13bf14486a3e151c10f1fe840
date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
no-cache
server
nginx/1.18.0
content-length
0
expires
-1
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=9c7f0ef13bf14486a3e151c10f1fe840
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=9c7f0ef13bf14486a3e151c10f1fe840
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=9c7f0ef13bf14486a3e151c10f1fe840
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
138.201.34.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.34.201.138.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=9c7f0ef13bf14486a3e151c10f1fe840
date
Sun, 27 Feb 2022 12:37:06 GMT
server
nginx
etag
W/"e8cdac8528b800158bee70bf65d321bea8777b39541644f3c8109d527cb3beb3"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:06 GMT, Sun, 27 Feb 2022 12:37:06 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Sun, 27 Feb 2022 12:37:06 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=9c7f0ef13bf14486a3e151c10f1fe840
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:06 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=3c3c8d4c-f273-4123-9af6-ef022b222110
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=3c3c8d4c-f273-4123-9af6-ef022b222110
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=3c3c8d4c-f273-4123-9af6-ef022b222110
date
Sun, 27 Feb 2022 12:37:06 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=128&vid=9c7f0ef13bf14486a3e151c10f1fe840&gdpr=&gdpr_consent=
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
122
x-xss-protection
1; mode=block
expires
-1
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://admixer-sync.rutarget.ru/sync
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=76391747-8C01-44B5-BA9C-B7DA670E100C&id=A3tGZSnWbmlK
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=76391747-8C01-44B5-BA9C-B7DA670E100C&id=A3tGZSnWbmlK
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=76391747-8C01-44B5-BA9C-B7DA670E100C&id=A3tGZSnWbmlK
date
Sun, 27 Feb 2022 12:37:07 GMT
server
nginx
content-length
0
p3p
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=9c7f0ef13bf14486a3e151c10f1fe840&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=9c7f0ef13bf14486a3e151c10f1fe840&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admixer&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=3N7nau82IAbJMyXUyl5SYZH1&ssp=admixer
  • https://inv-nets.admixer.net/bs/cm.aspx?id=95e8d83a-fe79-43ad-91a3-e598c0ed80d2&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=95e8d83a-fe79-43ad-91a3-e598c0ed80d2&gdpr=&consent=&gdpr_pd=
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=95e8d83a-fe79-43ad-91a3-e598c0ed80d2&gdpr=&consent=&gdpr_pd=
Date
Sun, 27 Feb 2022 12:37:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync.html
s.console.adtarget.com.tr/ Frame 77F0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=712122
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b97330a96d3fca3dd40767f06fea5d420dd01a93f4170733ad7fea14b9b10f06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

Server
Adtelligent
Date
Sun, 27 Feb 2022 12:37:06 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
894
Access-Control-Allow-Origin
https://s.adtelligent.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.adtelligent.com/ Frame E0C2
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=3378992c-92b1-4273-a6fb-33f74c532efd
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=3378992c-92b1-4273-a6fb-33f74c532efd
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

Server
VertaMedia 1.0
Date
Sun, 27 Feb 2022 12:37:06 GMT
Content-Length
0
Etag
b7234acbe79ee4e9

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=3378992c-92b1-4273-a6fb-33f74c532efd
content-length
0
date
Sun, 27 Feb 2022 12:37:07 GMT
server
_
/
onetag-sys.com/usync/ Frame 7F77 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync.html
s.adtelligent.com/ Frame 0EE5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
38f6197388e4772c9c1649bef507ece5981404356171bbcafe865e4ed96b77c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/sync.html?aid=707176

Response headers

Server
Adtelligent
Date
Sun, 27 Feb 2022 12:37:06 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1059
Access-Control-Allow-Origin
https://s.adtelligent.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
/
ads.us.e-planning.net/uspd/1/ Frame 37F9
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
3d0103b1c78a6e300fd6f14467dcf1b136fef8923ccdfeec07eff96ee7db0e88

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

server
openresty
date
Sun, 27 Feb 2022 12:37:07 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Sun, 27 Feb 2022 12:37:07 GMT
x-sid
AMS-606
content-encoding
gzip

Redirect headers

server
openresty
date
Sun, 27 Feb 2022 12:37:07 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
x-sid
AMS-606
d
ic.tynt.com/r/ Frame F059 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

server
nginx/1.16.1
date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
csync
sync.adtelligent.com/ Frame 6AB5
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3d2edc91-37a2-417d-971b-2361a6782c20
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3d2edc91-37a2-417d-971b-2361a6782c20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
b7234acbe79ee4e9
Content-Length
0

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:06 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3d2edc91-37a2-417d-971b-2361a6782c20
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
jnp5cddoq6o3hi9medm8tlc8u6mcjjkk
pixel
ap.lijit.com/ Frame 6AB5 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 27 Feb 2022 12:37:07 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 6AB5
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=b7234acbe79ee4e9
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=b7234acbe79ee4e9
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=b7234acbe79ee4e9
Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
b7234acbe79ee4e9
Content-Length
0
match
dm.hybrid.ai/ Frame 6AB5 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
109
x-xss-protection
1; mode=block
expires
-1
csync
sync.adtelligent.com/ Frame 6AB5
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6e5eded3-942a-44eb-bd19-df6f50bd6027
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6e5eded3-942a-44eb-bd19-df6f50bd6027
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
b7234acbe79ee4e9
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6e5eded3-942a-44eb-bd19-df6f50bd6027
date
Sun, 27 Feb 2022 12:37:06 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/ Frame 6AB5
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=044f2d76-f928-4006-bd2e-0fe6e10f71fa
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=044f2d76-f928-4006-bd2e-0fe6e10f71fa
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
b7234acbe79ee4e9
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=044f2d76-f928-4006-bd2e-0fe6e10f71fa
date
Sun, 27 Feb 2022 12:37:07 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame 6AB5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4418958318859421880
0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4418958318859421880
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
b7234acbe79ee4e9
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
20b4bac5-3d8c-4e04-af16-8b4056853787
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4418958318859421880
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 6AB5
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=9c7f0ef13bf14486a3e151c10f1fe840
0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=9c7f0ef13bf14486a3e151c10f1fe840
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
b7234acbe79ee4e9
Content-Length
0

Redirect headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=9c7f0ef13bf14486a3e151c10f1fe840
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB&am-uid=9c7f0ef13bf14486a3e151c10f1fe840&zone=DAB6BE62-B1E7-4D05-A12C-0A70B3291504&device=6&rule=A115463E-E95D-4D45-91E3-2BE636EF4375&requestId=f357a80f-c90c-4a3d-91f9-e3670346b5c2&hp=-967666016&page=www.buhoblik.org.ua%2F&segments=496%2C6%2C2&ts=637815622267789628&ap=MA%3D%3D&asign=-490373428&sync=98%2C3%2C80%2C96&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=4&isapp=0&os=Android&osv=11&adtype=0&extpubid=1A4D80BD-B81F-427C-A6F6-12DD363AA495&inst=ADS-EU-3&pxl=0&pvid=6ff338e5-1c0b-4e21-a48f-3c46acb1e078&ip=5.187.21.101&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 27 Feb 2022 12:37:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
share-counter.html
w.uptolike.com/widgets/v1/ Frame 28EE 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

Server
nginx
Date
Sun, 27 Feb 2022 12:37:06 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=1800
Expires
Sun, 27 Feb 2022 13:07:06 GMT
Content-Encoding
gzip
impression.html
w.uptolike.com/widgets/v1/ Frame 29EF 		1023 B
914 B 		Document
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/impression.html?5e5f39385e9edc9f82706afd51e24398
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

Server
nginx
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=1800
Expires
Sun, 27 Feb 2022 13:07:07 GMT
Content-Encoding
gzip
icomoon.woff
w.uptolike.com/static/buttons/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29

Request headers

Referer
https://www.buhoblik.org.ua/
Origin
https://www.buhoblik.org.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Last-Modified
Wed, 16 Aug 2017 14:30:13 GMT
Server
nginx
ETag
"599456f5-23b8"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9144
Expires
Sat, 21 May 2022 07:57:01 GMT
truncated
/ Frame F0A7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9df065a4265ceef7e776ac1b504700b7af4163f586350718b2fe9494fbe6bcc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 6A7D 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l059bfra&c=3857411053197&slotId=1928705526598.5&qqid=CPvJwoTzn_YCFZjBOwIdiSUM0Q&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C324123032%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4002:814::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A7D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CPxIFcnAbYvvIJJiD78EPicuwiA3yg-y9aMPS7enJD_AuEAEg5-TyFmC7BsgBBagDAcgDmwSqBJgCT9BJTB6hZP7gkut3ifQC-tTy_kvZwq_Jux6Kkl-H463UsXj7jhEVybASVo7VrljgYf5yxpgr0KwYgox2UQDqh3dQmgXqrTHnemEAnABEBKyazFB6Vpm_uKBhHDHJRSYBZ6pICZa7gohpLXMmZq3etx1g0AcTqVLXBm0SmGhC2uNjuXXPpDyfMBABoTT1b05d1NP7fYXfWD7jfiTp4KZA4uoV3UFnL7_qcYoNqdqgUslxl8s0n8ytT21nv54XttFbmUBjqIwa41nsyxMjtED8sJy1VCCOyNbDKcSLrf-uDTc8KlxQr7qvEMVIsvlT7pb2wl63R4gqmA3uzU-zRieGTnWqbAfbEvr4nHebV-wCH_vh3oUcUiv9TMAErayUjvED4AQDiAWDq9jGPJAGAaAGdtgGAoAH6b6FyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwCgCIoWsAgC0ggJCIDhgBAQARgfgAoByAsB4AsBgAwBsBPO0p4OyBPZq5vfA9ATANgTCoIUFRoTd3d3LmJ1aG9ibGlrLm9yZy51YYgUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1645965427084&ai=CPxIFcnAbYvvIJJiD78EPicuwiA3yg-y9aMPS7enJD_AuEAEg5-TyFmC7BsgBBagDAcgDmwSqBJgCT9BJTB6hZP7gkut3ifQC-tTy_kvZwq_Jux6Kkl-H463UsXj7jhEVybASVo7VrljgYf5yxpgr0KwYgox2UQDqh3dQmgXqrTHnemEAnABEBKyazFB6Vpm_uKBhHDHJRSYBZ6pICZa7gohpLXMmZq3etx1g0AcTqVLXBm0SmGhC2uNjuXXPpDyfMBABoTT1b05d1NP7fYXfWD7jfiTp4KZA4uoV3UFnL7_qcYoNqdqgUslxl8s0n8ytT21nv54XttFbmUBjqIwa41nsyxMjtED8sJy1VCCOyNbDKcSLrf-uDTc8KlxQr7qvEMVIsvlT7pb2wl63R4gqmA3uzU-zRieGTnWqbAfbEvr4nHebV-wCH_vh3oUcUiv9TMAErayUjvED4AQDiAWDq9jGPJAGAaAGdtgGAoAH6b6FyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwCgCIoWsAgC0ggJCIDhgBAQARgfgAoByAsB4AsBgAwBsBPO0p4OyBPZq5vfA9ATANgTCoIUFRoTd3d3LmJ1aG9ibGlrLm9yZy51YYgUAtgUAdAVAfgWAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645965425&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426430&bpp=1&bdt=394&idt=120&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=t9E9gqFMd6&p=https%3A//www.buhoblik.org.ua&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 6A7D 		27 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DVIpVTHRlxTt62pJAzBriZHNjR3FLifn7lTqv5uGN2N9oLXjDPS7GcP8KraEKSU4qeSegrApyvHKID52DNPhe58rFuWA&cry=1&dbm_d=AKAmf-DTX3_-5kO3f4pzYi7mymhqNrrhx9nXIP5V1N0UpNzxH5jykW8Lz742Cqo6taXCG4cXYpFN_4pP15hrZkincD6zjFGKzATy6CKuNKWm6q0aKi9HLLqF3yEOy_26FqAMxLeda8iCtaJRKI9Lg6NchnQ9DjEa0LQ4ZXtb8c9rjjRShSqrKiS1ESifNj3ZdNLoWm1v0ANo2ENATMxI4VIuqevYF_1FH0z_LSdBVQE4ZKVcnc_f6xjah8XHDHSgg6TXifElkt4HM2IqU1nObWbrpNYdgVVyvES4f6XNOhpwD0Xiv0sEJzKB5KbjfkrtPRcaMyRmRmFi1ip5F96K1Ly02hfyYg1NRLibdCYhEPdkJleOL2jU1cs5-J_nJr7dfzFIa5S7vfq20fFn4rEp6BjrZK0wSa0e_UVvIm32bsyNBMtojDAUcAifVFEmCoPScSUp3Q1IaHyfGBLhXiuoSlZ85oUh4HAHMS3YzvpaQJ-wU0GS9WEsbNmOTAdW2tUkhyOxv9RsmY5tj2pJe_dJQu2SS2ENwVdQqI1xzciMFo7pYFx93AUthdt9QqISpR870N670tyg5b0QrQFXNCmXdxr8oSFn640n5H0vY5L4hF5lA_jxHMeiooWMcQEsejlz28DBgZdIwPO6TyyQCTYh0SsGtCUi6c49kNDlBdfi1MKLTb0YBZd2yNDcZh5oaj4SIa6UtuXNMySjM52SFRVhsQ7ZuINfgf1DUhAzAGOG7PEXfSWix2pdZY2S35LX1HZnjFttmqEShPpIT4eNhUkh6Q93munVqvbnxYKVnUtKCqNmqUY6EYYDfCG_g-754negPxqNblblZgVFnioGBEndnMw8hhRn7lw8Sy8AXbTB-o2vXmR2Vtd07gzCnv2RVJar582Tecr8J_YbbVtngJ4KSuKtcch37jHi7V2-FjU2bvHkBwi_djZApc5bYgmPte26nZf1Xo2SuK1dSDsGES8noVpxwut6yQqnC52tXr3ObxrVgotjrvDZoTR-myaEoZ-zPHTrg3dkVIVQq_HxMfP2wrxqfp7YHzZGIEYXF4NK88UhAZ7YvwOtPCmabdlkLI3s4ioRSL8ws4zSrgXRjvgeYyv-ihoaMffu2AixhFB9kY3VqDEL8TIyXTnJc8EQqeDBe-OmQH8PsCk5B77GgDeiTasFpi9EcG_Dpe4HjBpjFWQN21eR8CsijkGcL1veAAdtsP01OBucuHi1JueyVzOmdflAvQg-mvHt-hlUDlWDcrxmDBXPtFqHJ5fSqRAF3HIBMyzg7BLq4HM4eqTazDE83oNuMj5TBFSAArxHjqa48vizAKx7GtEJhwueTHEob9N-pHLqDE_GyC4zZthYPiBlK4FxWUv9RzJdg3L-UDEeZ5OP1srBl_kzEw-FhARfDm5FcC-txvpHpytcnTWxZ3PIs7CLsEu0O3qFr5QR3MfR1xkvL77gavN_lLQ86i9BvmyWwEk-wH0JDvjUxUBOKbmnot4y7XBY3dBTLTlKagS4S7wlHVTqGaqs7NWRzKEh6CMov9_X4snqNrOoBXW2LtI-Xfqd0zNFDc28EYJ-jqhQ1XLgcePVY8HPxAhUt1-ySvgOJiOFIn2tyDnEg_-mzkCewEsOBadmU4j9JoILaGB3yVslEWpU-_RstIMQ9ucNsvRZFJz5hm03enivVqjtNvj8dw8f8GE01K6AAdzWzfWKHQv6q5fHf8m9S49eiKqFf7xMxtZDw0UY9mIRvjVpYFeuW1Bi51R5uCKMlf2PgDWnw0poBMtJTOyODpERluKMEd3koPu-miqdG-XbuKHTK0Qz19mG83traTE_VbUnIvo4IWlvwidLuG6U-XIFOAF3TSJAYRfm4xQLXFOOm65NuMLTHpZ_ACWQXdjsy0mMO-vbI33Noy-rPEkHpdJZZs2liutaN-LY-1V0VD06ASAwFHnxD_jsCj3pymK3JKheFdqhQh7zefFhYixRQtSiqm-wM_c6fE_jMuduofhcK3d9Bz_Qefmfrxv-LBhTxBuY47QWe0OGMR7CI8KjUAorIGoCy0n9SbG06-En5zrChG0qNbuDHWfOhFHQ_n0zFCHfCtptdNlBgZsspKMUeLzdqOZY3RbFv6QPOKo7p5dZi9NvXZP3-mG1sDYzKGw8Q5NjB2DmTvrMNFqZK2Ocbyc5kaB7alvxZGVvvSZ1NiN59d-0WXwQIUkmSjI0kkNESR_k9T-EhUQ9e-gJdeZTMtuLVRj91W92dLPs-p3er0o7elDmipF6I-mE619u9a4yIs-PKlI_p8k7PVEAPOWIYmX_2SiV_VUmOfbByc4lY1ZSN9uUIE_1J0joTaAmIQxXjgU6CXqBz4nct-BTlmYE7mrMFsUs4MFGK2pVILlOiPNdRSGM8-WNBRIEx4W1IMjr3_etx-QXg0AC9ITjq30Dg4Eo9kWXZwf-TeKAxwbBymB_nVIgEFpt2YN5JEcBb0quvqpsG2HjQ3jK8fCQsEJZnkCLBMQR3aXFnv9JmrFXPZRQAa-vAyMQRTZMJDl_6PxpWZYlZM3SjfVhZ82RWNqqcHCKVtefcNtFhi7x_Uqpf2VLKO1hwpk3oHyAnrNjVembOs7yJM2__8DudAWwd4sbpEnHezSE9RePQ5DkmNg-50o8dDuTwY94KissdTCQ9pE6CeeoZBH58NjVfhRtNOqoHlQvPIQaihO2c2dEsy8iq_yoGQBhqjjbvX8_w6luZ4fOAs59I0HxcGu3GM23Uw6VnwZhnAWmpLoDgBTFQCj3lfSgWe_-CQ8lW4j8s1jBeepXqZ2il9qgiXDXzrQBsRDd69GBMEbGO7aDnA_O8jqz1N_se_3_jeMbLTy0ZeFxrLJY8_XTZF30t5-uc2M0X1PrnQ8L81e67iwgHu3M63dbYLFcxZjIkubymrvH3c4Npn17zmQxCfRrefdS8ciZVg8kkJ4kFaNc2zrWHTRAaLKISTT7nlbJ6AiMLseYyDrLltBCsK-0ALAV9MpfgSO5v_7oGT9VaghCQA66JzMawUognB3sQsTrz9GUWxUvufl5yJG4I3rXsYiu_-XFpFSl7jIjNU6oB4648XnjEWAITPjFr2KENFIfn3qvTyzr6TSRVHbsIRIgLITb2wbp5KuOJHfAaKvBs116ypkb4PcJSOM2e-DCuKVVgzyCuEkw4AwZWfAOLwl1qU2VnyUSBTZZXJ9a8SGWtzDLpOOzCLhw1lx9hWcQTyd3CyG5laP4Q0ENVAmXSRwsBeQ-TqdCnahPz_hr6V1OET5Zx1De6CYQYxcULErwBBB9fx5BnWRPH5MEIAMduKFB2Wjxjxux7-n_q_z3ho73TTeve0jU6nwotYALfRL35N9FVfLxDXYYhBAJdaDip2dsvdk5wnorUTfSxz9b2IZfIvQ_26rIkwwMFU1APmVFVYBsyQpldeDP6DqCjIdHB1NRopoP0kqSXQmhHrR3feZuq6onjyudzZvD8K-XT6uBFGDfv7fCXVXnCmU7StKR4nLoSm_OV09i8aXuF40-9JRfUzXd5TjtdlrysO-_S59fRrLjTbw0Bm-sSYbMMn2LwfhflZpBTm2MfKRwlXyTEMFTi_ITQWOH-TK69Q49t9RE4QGCKfSA0f-86Rhl4ZdHZZokiqcLVmkvFSy58yhwbOo_FGbDmcZo2QJC0yPoT6cWRd-23ggE7IKfu1Xa3bkuoMO3G5k-g8rm6mf1Ila46POWWd1L0bqiB5r7TFUHlBhpvx52HgFvFaF2ao_dilWa8oB6CNMNteq3T0ovCP1QwIGiivLPcEOKkg69aHNWwCd79dhNO6YYB7_9kLP7SIHR6lbXMPxDSbSTQpnf_q_9y2YmZUrx6KJbGLFvpZ1LHULGTfuqLxOsrN2Wm-7Q8cp-5DRXV_OWeoTJ5XqxgM5fh3vEkIGofam3tlOn4o31C9QavVNTK0UIEs1OJfzf27ftwvsT2z-nsq27NEWMdS8bre6RUTCXE8fW8Dw7Kj6Ru6Woh5G5e74aZUdMhksyfJAXzLOU1MfX-YxV3GLOMqFlujMPAimyRddhl-tFZmPUInlDfAS_lcuNzISkN9MAyxJ1JQVmn6ca5rfTH7ORwNUllrnjOa2Re_ryY-hmvTfkHZ870V1N8aE11fEplwHbnYgXSXIDwRnw3a6Wpl_-DnwD520dBLcuDdFVbj1ywOQeXu7Y3Kg3V7p66RB4Gl740QP08mV6zcNYVDhyytaj3t9Ewho&cid=CAASBORoRLc&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f155.1e100.net
Software
cafe /
Resource Hash
0b756f68aa36e5c8d6ea6fae7f9eae98c630bbb649e7e4bd3c23d10935ea8db5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15066
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6A7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CaZ2-cnAbYvvIJJiD78EPicuwiA3yg-y9aMPS7enJD_AuEAEg5-TyFmC7BsgBBagDAaoElQJP0ElMHqFk_uCS63eJ9AL61PL-S9nCr8m7HoqSX4fjrdSxePuOERXJsBJWjtWuWOBh_nLGmCvQrBiCjHZRAOqHd1CaBeqtMed6YQCcAEQErJrMUHpWmb-4oGEcMclFJgFnqkgJlruCiGktcyZmrd63HWDQBxOpUtcGbRKYaELa42O5dc-kPJ8wEAGhNPVvTl3U0_t9hd9YPuN-JOngpkDi6hXdQWcvv-pxig2p2qBSyXGXyzSfzK1PbWe_nhe20VuZQGOojBrjWezLEyO0QPywnLVUII7I1sMpxNOsdbAHJagazv06WLWgJxksQVx7LsAPqYGKV0WEB2rEZqub9Gl4uH-HEvUKHnQ8eA7NBxcz405-fwbiwAStrJSO8QPgBAOIBYOr2MY8kgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ22AYCgAfpvoXIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcJEPdRGK76osIBoAiKFrAIAtIICQiA4YAQEAEYH4AKAcgLAbATztKeDsgT2aub3wPQEwDYEwqCFBUaE3d3dy5idWhvYmxpay5vcmcudWGIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItNTYzMDk1Njc2NjIxNjQ2NRgA&sigh=dTrXUGq9m3M&uach_m=[UACH]&cid=CAQSGwCNIrLM5s3Qncwbj1VNrpCzc1nb-Ae62mMsSQ&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645965425&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426430&bpp=1&bdt=394&idt=120&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=t9E9gqFMd6&p=https%3A//www.buhoblik.org.ua&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645965425&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426430&bpp=1&bdt=394&idt=120&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=t9E9gqFMd6&p=https%3A//www.buhoblik.org.ua&dtd=121
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 27 Feb 2022 12:37:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 6A7D 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
348872f490779df623733a20c3497d0a33df0c6b3c2590fc3f891bd0b5a71bad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E97 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtnEsAVwXyBSKnhci8WxIXVrQy6jubt1r3kcr-vOnOefMs9l6cxe7X0wnmH_xtciCABPIr8zL07xAvJjjFW8TC4IxEAT64oepvhLQgsv2P0V1lU2g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 9E97 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:30:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Mar 2022 12:30:42 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 9E97 		67 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sat, 26 Feb 2022 18:15:01 GMT
x-content-type-options
nosniff
server
cafe
age
66126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
2462972746714251406
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Sun, 27 Feb 2022 18:15:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9E97 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Feb 2022 12:37:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 9E97 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Mar 2022 12:29:02 GMT
l
www.google.com/ads/measurement/ Frame 9E97 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPE739jo3pjyDXYHKhYrxPva_wl4TbOoUWKEawJr_OLnjR6Q8j-IPV_Pa_a_6AKAsHYd0X7w5NLAEovr94ZAxF-jxyqQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4209 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BKiiAPIcL7yqLkQqjqFHUagUynGJadawA5hVfBsIPiPtalYFq49OnTe3hAw6mOkZPoQH3XOAbEN2Ckfzzv9pH7j31ECA7I89s3WrG0cr_cFUSqu8M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645965425&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426386&bpp=18&bdt=351&idt=122&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&correlator=6049263549741&frm=20&pv=2&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=EtmAHCiu4P&p=https%3A//www.buhoblik.org.ua&dtd=135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 4209 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645965425&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426386&bpp=18&bdt=351&idt=122&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&correlator=6049263549741&frm=20&pv=2&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=EtmAHCiu4P&p=https%3A//www.buhoblik.org.ua&dtd=135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 27 Feb 2022 13:07:14 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 4209 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645965425&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426386&bpp=18&bdt=351&idt=122&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&correlator=6049263549741&frm=20&pv=2&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=EtmAHCiu4P&p=https%3A//www.buhoblik.org.ua&dtd=135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:30:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Mar 2022 12:30:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4209 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645965425&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426386&bpp=18&bdt=351&idt=122&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&correlator=6049263549741&frm=20&pv=2&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=EtmAHCiu4P&p=https%3A//www.buhoblik.org.ua&dtd=135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Feb 2022 12:37:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 4209 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645965425&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426386&bpp=18&bdt=351&idt=122&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&correlator=6049263549741&frm=20&pv=2&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=EtmAHCiu4P&p=https%3A//www.buhoblik.org.ua&dtd=135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Mar 2022 12:29:02 GMT
usync.html
eus.rubiconproject.com/ Frame 377C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Feb 2022 12:37:07 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=17184-d
date
Sun, 27 Feb 2022 12:37:07 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
csync
sync.spotim.market/ Frame 7A67
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=4418958318859421880
0
386 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=4418958318859421880
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

Server
VertaMedia 1.0
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Length
0
Etag
b7234acbe79ee4e9

Redirect headers

Server
nginx/1.17.9
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=4418958318859421880
AN-X-Request-Uuid
54808e7a-0352-441d-b26c-64d8381c3e34
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
sync
fo-ssp.omnitagjs.com/fo-ssp/ Frame ECBF
Redirect Chain
  • https://sync.spotim.market/csync?redir=https://fo-ssp.omnitagjs.com/fo-ssp/sync?gdpr=0&gdpr_consent_string={gdpr_consent)
  • https://fo-ssp.omnitagjs.com/fo-ssp/sync?gdpr=0
2 KB
965 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fo-ssp.omnitagjs.com/fo-ssp/sync?gdpr=0
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
3aaa0be695adfb21b768884f153eb655991369756fe3da973639f579120a9b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/javascript; charset=UTF-8
expires
0
pragma
no-cache
vary
Accept-Encoding
x-content-type-options
nosniff
date
Sun, 27 Feb 2022 12:37:07 GMT
content-length
753
x-envoy-upstream-service-time
6
server
ayl-lb-fra02

Redirect headers

Server
VertaMedia 1.0
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Length
0
Etag
b7234acbe79ee4e9
Location
https://fo-ssp.omnitagjs.com/fo-ssp/sync?gdpr=0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0375 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=83785
expires
Mon, 28 Feb 2022 11:53:32 GMT
date
Sun, 27 Feb 2022 12:37:07 GMT
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 0EE5
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=
43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
b7234acbe79ee4e9
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:06 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
cf3uftjhkreailj34ijdn25uejlsibna
csync
sync.spotim.market/ Frame 0EE5
Redirect Chain
  • https://b1h-apac1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D__ZUID__%20
  • https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
b7234acbe79ee4e9
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Type
text/html; charset=utf-8
Location
https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
96
Expires
Thu, 01 Dec 1994 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 0EE5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
0
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
b7234acbe79ee4e9
Content-Length
0

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
csync
sync.adtelligent.com/ Frame 0EE5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yhtwcl5ycqmpYOSz6UUk4AAA%26208
0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yhtwcl5ycqmpYOSz6UUk4AAA%26208
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
b7234acbe79ee4e9
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yhtwcl5ycqmpYOSz6UUk4AAA%26208
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
278
Expires
Sun, 27 Feb 2022 12:37:07 GMT
csync
sync.adtelligent.com/ Frame 0EE5 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
b7234acbe79ee4e9
Content-Length
43
Content-Type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame A372 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJSungIQ7LaeAhie9cu_ATAB&v=APEucNVl-aiRGge1CYkiNg1yjRCTtObKrBHrejKv7RVPvpYqJQswKbuOCEA4_8_QvJnUkPciYXVnKa1ZtrVxsKHZVKtx_4iAfUWFdkAdwhZlUN-xVF3mxnFzn5-6BTpYp10I1iIau-Ga32lzxhBu__venPmk8aHTQ8lPXW3FI7wm5UBhLH-pZeU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 27 Feb 2022 12:37:07 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 27 Feb 2022 12:37:07 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9E97 		11 B
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B4clyqgezSUfKapfMdSgzKFXN8HwiwFwjGF36iZ6XnCG4MbtgZwBU_Hj1zXA6kQBtqV3Q7P32xFTsINQ_35duIXHEUYdJ944XSUSSFpfUg_jJO7jobEZsQtCS5_-nYmvLqkxBfdjcmzr4xsfMe2fc8hWYAjQ&dbm_d=AKAmf-AuPZEd4sP3vcXnsRIfImX90KW59uamJR6ASU0yPlu-q8DuaeF8fk68xIlhA_22kLQ6sLqUewjxZ1QOOPYsAMioLW5llBeRTwqv3xR5WX7-FT6aZIfRYDKdMG2zbmPN7qiJzEu4-87eC74CgUsO8XYRBOCccEfENVLXN0YPjqrN5TPDYkPOQNtAvg0gGxcSWmDC4EQPnDdt7YetqPSWLwNnNkvV1jFDiyr6rWn0rlp632vgdso2AtyqCTO2PXdtADzrG-RyrMjzg6xZsYNz2KXZiX7Gz5kAXAYoS1HlvMOFovH1lWl8jsqK51aUvTOsxM6yqcEMWDZ91AZ_8oetQMY-OMuVlbS-DNhNRl7HJXywo71I7XUd_2QpWQ3R4WAtuXtC9myAEeTt1ZZ3qS8x8e_kdlpCdxHr3DFYGztA07qWUNqNZ8iRqItkE6mRFPxAco_QtsngKVqv5XWZ6dIhkFBq5Ie1118jbAxRzkZu3SddXqTjWQB4u1CpmwFr8ha927PXiFiYEbADjXJ-2WyRM8Ac-aotTBIxdJ_dmrwVbvtWCvVYyW8ifGOqvV0m-l78eHiAcM2wbsMtaY-SasWAeKO8z-KebmRKYQO2ERZA69uTgtvxdgZ3vrQ6YRLrS9AgqHsA-VPvIwCRsI7wb155HH8dtHzIYBVwgy-CeS6_CADPkU5PkNZ3nRmKh_3z4qSQPEIrYCWMnEvduuBn1jlld1XnoQa6Hq5H59lnYw1gyj7ydWfQXaviVzvNiU-aiTQjCL_XTzpiSeYzeJcIY89RKVR87O6bSCYuZ6xTNmETd3Dc5T8me3J5tA7emG6tQVWFGXAEzfP7ZOtvKrr5CACyzsmvqSdgBXSNBdCPwAuEdrVUhXy8hchsJdVUaimeATUQXD-szOIvju-y3s8IOXHvFe7kwZzLyc5mkyYM5-jfsGc7AeLTmgPrNnxq5_PRh9lG90w7P0n8Mxv5x9iO7kHIka6wd3tgNbwSUQqrg1i2GdKnrzdtPjtWDc7H6wN0wmHOg9p1e6Qgi5m4Xz9nN5caFma7QnZo1Dwc88L-1KIxN3tGhpZD91ugLYtas81BbKw9TUEg8rmRltc38WqHcjX5IKDWkS0cezHE5mPnch9wTkJ6A4Tnk71Aui7y0kV-7QPVSgoWyG6yIJzRN8HdEaVIQxHqdwBu0LmbxlvZ9Wpc9sihIZXVEZ_ivrsDRQZUWqxjIpRZyAe4T48tG2r_868TMzfB58URwFd00t1mHGsZulcIUaxb3l0GLQG2GHeYbcYCHd0-du7bHVjFeHPdhO1-6mx-gtS1LhjQatI9nREanvnoSRIGlWD2MvPzWAEdxyxNt_alLAMkTN2rr5FgEq15C-uSZOhuwXRGg4VG56ETs97A2z91BPgMkndVUVz1hk_gqXo1pt2K4ilwmvnf_ZWh4n_JBJ4-xTjtkW4XNT9rW4vbPKoqyaPlOuanUs8IneutN11fHAP4UQCfnSo9pUxmdxgBViOwWYO9ukcc2vy0SaiUG20XgzpVbpbr-GhDCXOSDso5MBxyaD01mMFmQR2hqj1zfNE2yNa59W7C53jrzMCrRTqwwdfcNYiQ-ZvHF_I7YKbDC7Ezn2bt464NxIH4aLvHQrMLShEYG7xCfcCOZ2iAcFBcaVhqFVzkTUxO02vCcDmxziVNfA_mczKiFsdTnDABjnrslR9wScyDGyHW43H-oClhhsOUvau5OhlO400gO53vs3ZJMvNk0DDW-ztHkWtHlNrlZrc7pGIobubx-9ORa23sKFDP-RAOHk3DjRk4ggtcB8T9yB7qb0_InWHdfEpgIrNSaJei3iP9TDWSDJs_kQQ91yEqzNtrdkrgMXeiaEp1LFF3XFDO3CLYDlAuNczcSit7uYaet2L41eWkAvSRmdgKMustQuBdZdMq6eYWlVRMP56HF9l4SozkFnFRLTmLi1ylLRCrLejaEoB4pc25ASUChYMJswIF6H45R9f22qHH7jjOE9nEuvpGs8d3FZ6Zl64BQim0fz5FmqiMJJaYh14jnSo6ytqAMU56ljJlVHm8lomBZJ_dbVEgfg0JGpwlpkT_eWQcSwXZ82RqqYW9qbTd_JndnnplZ2svcNea3kirk3Xy-i4z_5RzyCgYR6_PhzqQL_COHpx6025WbqaPN47U5zXh1Bu1mU8yJlESU4N6-fuH_U7Xx2qwMpMAxy41pcjlaANSwIC9IceipC8Qn9E_n8V6s_eMM51PJB0RR6uwTE9SzmcrZRxmsZgm8gTahb5zqIMaKTZFcM5x_l51FdBc8t_U7eBUyfGxSVfEAP5FpkVA9b96f6GmB-PsCPWTLEgRNAOjtPHjRDetgGGhG9PsSL1GHNrv_ZYJs10AoyOpluDjP8l1y4JafrtxDREYXhdtQtdG55XQSm875f9m2wqiwUeItyIh5v_yhggiN2ZHJYTk327lFp7QBeT2XvIX-pnQwuMUE2Fuo4nB3wRK-Q2oitfwYEI54YAq3HxJla4PNg6X9L48SikkO9SuAY-vKWmTyUolabJKXX0RMfnjCNAhM104umW3XrXQ-LtuQyKuGSN6tl1K1hASG0HQywA6qlExvJ0UT3aVDM4v_r98ufxx067RAHRHbiqT_ELfPIec-gtLK5M5P0wGS_ezEPLrXjvEtqpVGnIZhqcTSUi3PvH3KQ2xflXpWKtaY6TfKjAwAnSyqXSJojgcE4t16v_7MCaQllPJT_EvFUXKo8WjBUKAQkaeLJMI5qWD6rYw1Y4zE3oK1GJBdKkJD3NmtObQFMqJHf6z-PF47YLOB9Ga_ub0x5qa9UbIC36HCYTmcFs-BxsKcSWIdR8zCIcgdqRYFgqTMHoOe7TVkYzPHdL6L_fMIpmiWMQtA2NNmV7COw47KyH5JVLs5l5j-GHXZRN2FWFyy7ypNVMhBKA4E6oBBF5vj0LNAMilA8KcApOcD1AEHjDbQQKcMWvYlMiBlOpsnD0caPdXbOO2zMHK0ugqU3xVTiAgQrXk9gj7xrxyXPUiBaDRh9bDw4q9Y4v6Gsv4bipnCQkP2d6Q514sjX9BxI-YpGtSkEVUQryHCsLn_tGEyap53HZpXseysCWCgDV2t6Y-z7H87J28nRP3V-DxIy7tWbhyPpdK7zAbTvMUihZZ9Dn9kLR5sVv3qlbNXFYeQDFutqmRT5RAdA3TKmo7WhkfZZkRPfPKjNPUbAdRLPECvBYOJHqkJMUwcXth0JITg9LvK4efLORN6yUAy5Kfy3dFHHGSveTq5S_6RskG5KqlMpBdy7VMGaHGcvP4eG3lt_cHbqD4XYfbf7USZf0O5OI7f45iu2Rdlu5hU7LgE04hMC-gBO6YDrRDVHIRJgHbl1jOgEI3OzFHDeXTaCiPy8snm8rI_SvN0uFkyhEs-J9Zpaj-1QxQrrHc-fuGZdPHR9Q7m4kZRPfK5jCF0_wjESsHjSutvBildkyl1wHBM4XJSgKO&cid=CAASEuRoF5fIlOz0to348gn3pv74cg&rfl=1%2Chttps%253A%252F%252Fwww.buhoblik.org.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3AC8 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6tv8YCEMKMrJYDGMmh-cIBMAE&v=APEucNWqB8fSWlnhk3hmv_y_-jkaq_XyOc-v8sWQs39WZ-z0XcLB2xHYqhZhwSzMx7HtbHFc6kvGSa0HHRMz4qT4NoGcTpa8Hh7tXF_ziqJjeQr8Z1vo8YGcMHDj3xjyGzqfUTBK1EggtmuY2szBO6_lEGCaIzB7aima4Arqa_ASODlsDKis64w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645965425&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426386&bpp=18&bdt=351&idt=122&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&correlator=6049263549741&frm=20&pv=2&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=EtmAHCiu4P&p=https%3A//www.buhoblik.org.ua&dtd=135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645965425&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426386&bpp=18&bdt=351&idt=122&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&correlator=6049263549741&frm=20&pv=2&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=EtmAHCiu4P&p=https%3A//www.buhoblik.org.ua&dtd=135

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 27 Feb 2022 12:37:07 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 27 Feb 2022 12:37:07 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4209 		14 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgfsK7X6ksHC-hxs3XqvjRaFBCBsi7e_HE4170aZVaX-7yoRIQaQBzTSmQFgFJMk5eTvvhzJX2zv4ffSoZkpJEPggTNaubmz9FlN8mgV7CZtKxEEMpixpkDWZEatK4qpNgPEjeesa2EQUIpzJsoJ8ogMQmbQ&cry=1&dbm_d=AKAmf-DhsQns_u0-0BPJnVgWTbOLRprLmFHxJqdDEUwZIvgVD_-9sTyFSVW-1yqMW9gdnb-_WRNavi4uWDF8LQcYVi1Sk7E0yVa4QTlcq4qyM8PDL_Aw0zy9zlaqB1AfxJf-9V_ba6KHnvDK7kBN-cBrJdOM3GTGl2DAkFfs0sARvygL_FHJIQbp-BTkqPTYf7Xs2z8MQ52SyrNwBxQIsztoUOkW12eogVQ305A4kT3h7cihCq5qf0ySsDM7KWzenrcuJ0wB4FQ0Go2GxwMiGge0lhPuwmiZw48rt7sKMEF0NljDvaEiwEsrUGbAq6H8B5kUzVBk4tM688pEGs-JKZwB8ne7wgz8486a6WJA0pyb___jzaL4F2dtK4yaJ4Uc1d14uQH2ZLrwdYUlgus_SbPi4seEANUqdzXGKaqtDfW251C_h9hUPz8qbaT991ENC5askGXJXzyR_Id-vqrEo4QU7DkGYW-mI36yY7ZmJjW9MUE5WiTu9FEazyRHznbJpoFlST34xMOViORmlz9L2vs-Z_Zpsx9Tv5ArJLW8C3I8NOyAcPlxLopuN9oEPJuUp03IQbGadNNUVVMQOqf0zU_Wh8TBUvyl-DgXYRaah_fuZTIaIO_qIDL_x7sklCd2seg5P_e1xuFW-5NrS_TtQKhcyev0u8HP2jC8Tzu6Q3jkkW_lWNvIrmp2GsOUanUjoUTLjCTknRzuEApJLHkxgKPsCHMwRwKRESrr2ql10Reohz2-2sYzuHe4JbSY_jO5ohhkj9KQ4_rA9EMfxnfp41oX5_GC83hl_IgtKOKKc8HJTIWTLbpU4OvcRVVdMZ_goHC3stygk8Lui6QOVKFT5DbA9tMWWLqw99XewrYQaK9C-QmodhK74_KBJn2FphG3QzT9uqds_0gO_VyIXexHyFF7OJUXLmY11bWKV_84fdq0JGrJELAFRvLlo4elHSi3UBtaKKMxy89Z3NxCOPwUvSzcbVvfu_XcfaK3reqYdAybvTcudw_fc3B2b1dQVgQ5R985WN9kLVcgooT-n1cwAt0kDXo0dYJsKLm0fCxIn9bBSobjrW6G-2KblUX1J9GmREI0ui_NrpuZ-XEtRypg6osz9c33OAWnkkxdPBGYZ84EWwwYiDNGE0-d1DLQf6a0H7XWVXJ8hoDkmrwA7CMZ_YCYO9R_bZ0enmKTL87g1It_2_4oOEoT6gFZUVYx0LFnPZ36xP0BPuKloUgnwZkDxW-5gFns8dp-6LNyUIJFCuZO91YkT2NBcqtMmgcsFWr0gMwmaLl0KCfhWQjgFjlXHN5hi1-DCDTlK0lOxVi8QLaHliSav5bwRLjPSeRIILDv1uO6etXYlW-OOplX4EfepuiiQFoC-SoLzcI5vA-t_cZrzUL8NTTplm9zrZCFxYcGYMNVIz0tRhqAIx2uKyPOVFUp7_hLjqVmBCwRyfPF7lXpTDvSR4o5YC63pLLlyazWUun1CJ8QvKzahNh6O3B-E49b0hWh8hh_PVuVZz3zOiTfg0uUnwQDQK6UQ0nJWQwNYLIFrjFHC1lxsVzJQ2pRMsDkSw4Q-L7V-CDsvx0j50hejKvf1uWU73CEOzjDoTWKEaec11OFmFWm04meQ5STwLp8qAw9dQx6J8Ya21zhFjKTmFfCIiiXts9BGTRmhMcQcAEAk_cBKBoVNyOQPtDy_ei3B6mzYqkFOEWthH6oK8NT62XTQxdeWrzM19HUJAF3AB_hN9eKTXl54Ws-yy3EvQv6Cg1vFW6UPXWG-BW5aLYCvaEEQb52fxwNl-3U42xzBl_3fB5PEaFkC2F0JhC1ztYQd272dATm4aWi99gNVeOIew-5zG6la6hIP-W_C9Vz7cQQlSXOR5SD7AJfeGQ7zVLhVKy02Oxj3xbDG48pENtmFJB8eI8Dnl2q4chO4ujfsmtifeDWnGMNfy_qnH4B7j6SAV8bPQR5g4NXh_kyYEkW1DUuRgqdB4Hiboi38fKh0nd06J7OPmGykAGgAqKSxdIlaZ95YzpdBYexUy_Uxp20lH-fDiPDrR5R5BL0XKc2c_zBQiwC_gBSI4_3imaf-8psSJSU6E9-_RkFqERGPith3dNLmc21BihQOa8p_1mq9GXT8CxsQIejYvSzqzSOfvW_K2FZ4Vg24UOMPE9H4Cg6UpvB7B5NPJYs0vRdVL6HcEbBR_9fbsetJ6ej1sWlLp-HhizJLJ8JawppwXPgXwXV5YJ6JaVmaxNSuQ4hSzO6dZXJ1ISBy_L8dkGV1_vlq5KW-wRfQcEtlrK0E1xOagUDbZVhXMyqZOAuV67o9KNMxzo9q8-YpnmhzQSV7sSq5xG5nNpH4olR3vd9DbMMEyTaEdlvxMiAU9i-utQ3DZUo_8G1nUOR8Qyd6I58ISNrtQPJn1QPsvQsozSxeW5DbEZmoMmcKzktalW006pm7pFZ-YyEz-ySnHTAeLvP4DGJmdhMdkk1Iothsv91sG7IPuMkNCJdmGCsTEPXfr59OUXW6Ws3JwcNu47v4AUDvqB3kRwpC-jtoihJRyvMNAOjQ_aVNKs161JllNqb3ZMtSs1st0lF-vUlJekQlyantZstqRtpoQin4Tmw5MkMTpOF2ETymXNkhuvBWylCdrDZEyraemUiA0CuBMpq9Cj3Df00HYwyXK2fVmLRK5BSJEAwBvMZDSz1Unc_EFtpliYfP9zMuSBsqT3p6P__ueRl_g51xclZNGOO4kfPo5kJF4hCelSN3ST0lrio8nsuSBiNCdvSz4m57Y3jwRgMHGYoVgw361lm2QX_H1X5uUqgK3HjSlk00Mtp2nBIzZ7Z9lk0_dNEnWNotXTfTgY78Hm6Znv3JJa8W_z7PFSwwQKlyh1ulX2FV-Q1DiHrUKTml5UGiPvZLZwlkLn8WyYCmXZVUOBKRajXZvJg3qbO1oAu-dyKrYhAimCl8xRZfiFXlzjvT45_z4nQeDlpE0yyo_C-cYTcgI0ItUFmy-NVUaqsMGRH0vd1aHfRleV3P1Jk1Q-JB_3Q6jzwIAAlSNIa6v_E5mc-8aYQNn1_LJNjNWv0soJr8tPOf4jVOqWn9fgIPTTuvnwRLL_GOp3zG5mF4aNbsAt4KPar69z1hnYp70kVHpeTyUoDyBwPeBUdqtfU3jjbgOGBpmjHPoPOluie5WcPPIs87js85DBsvDIJr52xtaS2zOEUhEH9dWclYwuspkCVo_op-eu5jW5NQ6pOuey-vBD2f4ipwR91_7gkOH4eA8fKvJstyINOzpcc5ZdUKV7wkgiJDNCbNdd1M08uUwjuvbrI44qbTqunuiYlDQA87Fa4xZtcaaE02_s1EzXg3tgrmnI74Lr9RmcTVQ2VjLetUCMgtI02z-TLDiBcX_ShIQRodemPaEBOvZrjW4pfHsKVI9HQEhNIbzhBskiGo7k--OlPgLar7iuNABGQjgME5yNOc6hHJP_GvN6s7QXTaRzvzkYPly1lowrG_zatggPvu_aKWbqVmvovX0SNbXBunGHUwe4f-uMigBbWJx5ZAgnUf_KY__keMM9QvUTwCpSrGKZeugz5aGvYJtcwsAsSF-exRbHk02yIDBuv0NXMHB1-h3par_MKRJr56epcfidjfpEyEYG6TuGBpxuTYNZaAICO6M57nCygDup6JZBbXb6I895Dx8rYDe82IZMLC1UBHLvhQ0ZydOaTU-LZ7Zpxv0Jde4Dtt6YJdKR1TbKXGqe7dV0C27_6CgsCOYN9x3hTREWyZWuJoBRnsWUXu_nhAw4vARlb878xLRRFsLwLKt9S465RBsy-FFbVWvqDMYyrb0aXat13FBpui-Nc9foQvvfSl5nSbFBO5CeNXV3woLPkHEZns-qW3UN15XeA2d-J24C-B8ZopU6NcvEEx-L-neSHsreBpsKoMdS5j9E&cid=CAASBORozZk&rfl=1%2Chttps%253A%252F%252Fwww.buhoblik.org.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645965425&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426386&bpp=18&bdt=351&idt=122&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&correlator=6049263549741&frm=20&pv=2&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=EtmAHCiu4P&p=https%3A//www.buhoblik.org.ua&dtd=135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7deab4404990ff1ecf888da33a2fb7a62c3b578b675f3e3aab49cc49cdf3846
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645965425&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426386&bpp=18&bdt=351&idt=122&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&correlator=6049263549741&frm=20&pv=2&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=EtmAHCiu4P&p=https%3A//www.buhoblik.org.ua&dtd=135
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10694
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/44184/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:58 GMT
server
nginx
etag
W/"621a6a26-702f"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:56 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/44184/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:58:00 GMT
server
nginx
etag
W/"621a6a28-a793"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:56 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/44184/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:52 GMT
server
nginx
etag
W/"621a6a20-326c"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:56 GMT
182f2d74c34963cea11e.b.js
cdn.admixer.net/scripts3/44184/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/182f2d74c34963cea11e.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:44 GMT
server
nginx
etag
W/"621a6a18-2a79"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:56 GMT
631117330f3e56489daa.b.js
cdn.admixer.net/scripts3/44184/ 		214 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44184/631117330f3e56489daa.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:49 GMT
server
nginx
etag
W/"621a6a1d-3594f"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:56 GMT
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB&am-uid=9c7f0ef13bf14486a3e151c10f1fe840&zone=DAB6BE62-B1E7-4D05-A12C-0A70B3291504&device=6&rule=A115463E-E95D-4D45-91E3-2BE636EF4375&requestId=f357a80f-c90c-4a3d-91f9-e3670346b5c2&hp=-967666016&page=www.buhoblik.org.ua%2F&segments=2%2C496%2C6&ts=637815622267789628&ap=MA%3D%3D&asign=-490373428&sync=98%2C3%2C80%2C96&bt=3&carr=Iomart+Cloud+Services+Limited&connt=1&devt=4&isapp=0&os=Android&osv=11&adtype=0&extpubid=1A4D80BD-B81F-427C-A6F6-12DD363AA495&inst=ADS-EU-3&pxl=0&pvid=6ff338e5-1c0b-4e21-a48f-3c46acb1e078&ip=5.187.21.101&item=7820189B-C54F-4826-BC54-07F445CA7CB2&crid=7820189B-C54F-4826-BC54-07F445CA7CB2&size=350x240&profile=4D635110-335E-4D1A-8435-0328A1BBDC04&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 27 Feb 2022 12:37:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame FA42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Feb 2023 12:37:07 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame FA42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Feb 2023 12:37:07 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame FA42 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 22 Feb 2023 12:37:07 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame FA42 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Wed, 22 Feb 2023 12:37:07 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame FA42 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=nKSx4nFwFQ0OKch9ctWMNFhA2rxTUiWu4dPMsELXHDlOhX3y3ZKndSUHVPrnI5F65w1kszoBAZff1ULHpZgKN0ivesSxgUlWwJ2lSKHi2JzKIyC4LSRhERhkQ8m00n8qPqF77JF2sMggIKJPFoWeMhoIwLuJcRoay7PDO6-ZfpxlxgM3TDX_-0jrhRm7rw3VjEnRLa89zGsf-FZIIWinXg-gh4twMMGtXln3Yjz6fwuxDLXNuCIz15BHZviDAffgKIJ0FHnyM7Jvmp7QZzJtlFLXt8mL1wxIuNZKr8ZuKp29jZN3h8CwKlUwZtZzreRar5OlNuJ9uEvdVila2oiqTtcOO9EpoM2MD8I1TvCi5T0Zwh1dTUFU8dWOq62fT28VZgcSwN11tRFMtZ-FHXvMGGqvUazK_iCdNSGiA3f3cmNglae1RymWi14iUpOH0kxMLzSlSg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:06 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2733225
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
u-ams02.e-planning.net/ Frame 37F9
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D5e0b356b00c796ee
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=5e0b356b00c796ee
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=5e0b356b00c796ee
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=5e0b356b00c796ee
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 37F9 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D5e0b356b00c796ee%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ddv23pf2eu4qckoc772tmc07ll2rm6hl
ptag
a.audrte.com/ Frame 37F9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b52fba8bca5ca47409e89cc4e112997434e9353d0612f5fb6c5e8ea19ad82c32

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1680
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 37F9 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 26 Feb 2027 12:37:06 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 37F9
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D5e0b356b00c796ee
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Sun, 27 Feb 2022 12:37:07 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 37F9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D5e0b356b00c796ee%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=5e0b356b00c796ee&uid=4418958318859421880
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=5e0b356b00c796ee&uid=4418958318859421880
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e76f8564-8c1c-4870-a93e-255f23210706
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=5e0b356b00c796ee&uid=4418958318859421880
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 1709
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Feb 2022 12:37:07 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Sun, 27 Feb 2022 12:37:07 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 07A5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5e0b356b00c796ee%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=83785
expires
Mon, 28 Feb 2022 11:53:32 GMT
date
Sun, 27 Feb 2022 12:37:07 GMT
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 99AA 		1 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-type
text/html
content-length
624
x-cff
B
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:27 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf3
H
cf4age
0
x-cf-tsc
1641922228
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
server
CFS 0215
x-cf1
29080:fA.lon1:co:1585621119:cacheN.lon1-01:H
accept-ranges
bytes
/
onetag-sys.com/usync/ Frame 57F1 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 2ED2 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4981c765154808ec515d06b756dc5eddb67c169c513a0eadf832791504e886f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e4176707f3c71ae-LHR
content-encoding
br
csync
sync.console.adtarget.com.tr/ Frame 585F 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Length
0
Etag
52b2c000b24abaaf
csync
sync.console.adtarget.com.tr/ Frame C7F8 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Length
0
Etag
52b2c000b24abaaf
csync
sync.console.adtarget.com.tr/ Frame B428
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9tR9d801nIrqaqseOqgy&pi=admatic
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9tR9d801nIrqaqseOqgy&pi=admatic
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Length
0
Etag
52b2c000b24abaaf

Redirect headers

date
Sun, 27 Feb 2022 12:37:07 GMT Sun, 27 Feb 2022 12:37:07 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9tR9d801nIrqaqseOqgy&pi=admatic
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
pbsync.html
js.adscale.de/ Frame 9088 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Wed, 23 Feb 2022 09:32:21 GMT
x-amz-version-id
ipecrF9lx7iS7_rfinW1Z6xUgkZqa9cH
server
AmazonS3
content-encoding
gzip
date
Sun, 27 Feb 2022 11:31:20 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
6FxTdDhUArfZj1yjr0Og3ZHpeg_saKowDnS4Rjo9uBuF3K8x8MzAQw==
age
4087
cookie
cm.adform.net/ Frame 5AFA 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:07 GMT
content-type
image/gif
content-length
43
csync
sync.console.adtarget.com.tr/ Frame C447 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Length
0
Etag
52b2c000b24abaaf
csync
sync.console.adtarget.com.tr/ Frame 4B95 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Length
0
Etag
52b2c000b24abaaf
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AF6D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=83785
expires
Mon, 28 Feb 2022 11:53:32 GMT
date
Sun, 27 Feb 2022 12:37:07 GMT
vary
Accept-Encoding
csync
sync.console.adtarget.com.tr/ Frame 77F0 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
52b2c000b24abaaf
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 77F0 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
VertaMedia 1.0
Etag
52b2c000b24abaaf
Content-Length
43
Content-Type
image/gif
widgets-batch.js
w.uptolike.com/widgets/v1/ Frame 28EE 		458 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTQzNTQ5MyUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJ1aG9ibGlrLm9yZy51YSUyRiUyMiU3RCU1RA==&mode=0&callback=callback__utl_cb_share_1645965427222755
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
dbfa2bd61cc30a71987bdd71297f481e0666bd87caad3f5d02b13a1893769541

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 28 Jan 2022 08:03:17 GMT
imp
w.uptolike.com/widgets/v1/ Frame 29EF 		0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.uptolike.com/widgets/v1/imp?pid=1435493&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&vp=cd89c999-6f70-4225-9b3c-7a97ba156034&ttl=JUQwJTkxJUQxJTgzJUQxJTg1JUQxJTgzJUQxJTg3JUQwJUI1JUQxJTgyJTIwJUQwJUIyJTIwJUQwJUEzJUQwJUJBJUQxJTgwJUQwJUIwJUQwJUI4JUQwJUJEJUQwJUI1JTIwJTNBJTIwJUQwJTkxJUQxJTgzJUQxJTg1JUQwJUIzJUQwJUIwJUQwJUJCJUQxJTgyJUQwJUI1JUQxJTgwJUQxJTgxJUQwJUJBJUQwJUI4JUQwJUI5JTIwJUQwJUI4JTIwJUQwJUJEJUQwJUIwJUQwJUJCJUQwJUJFJUQwJUIzJUQwJUJFJUQwJUIyJUQxJThCJUQwJUI5JTIwJUQxJTgzJUQxJTg3JUQwJUI1JUQxJTgy&rnd=0.46852863237272135
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/widgets/v1/impression.html?5e5f39385e9edc9f82706afd51e24398
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
animejs.js
static.criteo.net/animejs/ Frame FA42 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Feb 2023 12:37:07 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=4749&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F4226%2F160614%2Fc8f3ad2d2dcc48bda3759d88e94b5825_logo.jpg&v=3&w=196&s=Xbw3uHD8o_8x44_3tbpgCcHy
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f6f67f34429e4f5b499cf08636daf3d8cd7bb9d719d69dfa1adb356fd4e5373a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28431094
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1392
expires
Sun, 22 Jan 2023 14:08:42 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F321206a%2F321206a-340938941968%2FPhotos%2F321206a-340938941968_1.jpg&v=3&w=400&s=XTA2MfWuAc117z9jAQ9oDCYI&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
04c90b0ba631784a0792ba07d64b32b5ff1bb7da762013ffba5cbdf393486679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29799489
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
89548
expires
Tue, 07 Feb 2023 10:15:17 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F8774a%2F8774a-hvou3o%2FPhotos%2F8774a-hvou3o_1.jpg&v=3&w=400&s=IRwU_6XOtDNRgGew4ZYeXf4n&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0e37b322e72a40e6eb6c777b54ef25476570a4c90cbcbce46870c68378c11776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27646261
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23296
expires
Fri, 13 Jan 2023 12:08:08 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F8713a%2F8713a-Sarande-ALSS310%2FPhotos%2F8713a-Sarande-ALSS310_1.jpg%3F636178365150000000&v=3&w=400&s=rxe8rtzg76B5szd9WR9rj-f9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ea8613c817ac6ecd46330d4b6448e16aceaf10e7c35099314ebb3b4b4e9e132c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28135912
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
25898
expires
Thu, 19 Jan 2023 04:09:00 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F68280a%2F68280a-6338981%2FPhotos%2F68280a-6338981_1.jpg&v=3&w=400&s=rlWXDdTAyK_DoESv0zyLYe37&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1aea81dad83bfd0e177d11efafccddeaac16fcbdc8cefa699d03e7bbbf52ff3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27905979
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
58066
expires
Mon, 16 Jan 2023 12:16:46 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F7135a%2F7135a-6734v%2FPhotos%2F7135a-6734v_1.jpg&v=3&w=400&s=n8dZ8SMV1Eh_hwW-8Z5NkItX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
dbd537d7101cf34603baa6cd6b9f804777edb4a56a57da428cfb939981553e2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28756079
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
41282
expires
Thu, 26 Jan 2023 08:25:06 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F183613a%2F183613a-wship8%2FPhotos%2F183613a-wship8_1.jpg%3F637268608890000000&v=3&w=400&s=IHe2y-x0z1RbVMs36n4yQVvS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b735de9b9bdaa18424e1b72ea3719cc58643bcc4a716ef4277ea2546ae0562eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28699901
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
26770
expires
Wed, 25 Jan 2023 16:48:49 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F769a%2F769a-001B-301374359%2FPhotos%2F769a-001B-301374359_1.jpg%3F637604753590000000&v=3&w=400&s=Tiu74IyyeLmmVJsR7K5os5I5&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
298d09855a457bc16086d83348399bd6c731ba38ec454ebb8da26e20dd70b2c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28036862
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44886
expires
Wed, 18 Jan 2023 00:38:10 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F59745a%2F59745a-ssps-r2638535%2FPhotos%2F59745a-ssps-r2638535_1.jpg&v=3&w=400&s=DgkIznUMCqSBB0VAT-W_ooFo&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
86f12d5c396c1b426187f71edd0a4e757d3f51381bbcad2eab9b0f380aed8387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29132073
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
52450
expires
Mon, 30 Jan 2023 16:51:40 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F57376a%2F57376a-CAS_861%2FPhotos%2F57376a-CAS_861_1.jpg%3F637788906960000000&v=3&w=400&s=Oak9mRBiyXuBOuVf2Zm6URnC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
42768a6b84a7a71d0ea3fc6b4acb685af136e5183ebe96797e0b3cf3d5bf3c1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27577308
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
68746
expires
Thu, 12 Jan 2023 16:58:56 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F64749a%2F64749a-975087%2FPhotos%2F64749a-975087_1.jpg&v=3&w=400&s=4K1Gbn6n0vwJBpcnQrjhqm4Z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
24c64f9acdc0c1aed672b1250839441fb16bd0688faad5e11f88f07a7de9ec4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27972990
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
87408
expires
Tue, 17 Jan 2023 06:53:38 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F321206a%2F321206a-340931329492%2FPhotos%2F321206a-340931329492_1.jpg&v=3&w=400&s=ePFBzG_vIUoOH6kXvpg5s2X_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4e0f7d6cd4d99651989ba65d381ebd0fa32320971b0b89c34545a5b5905fcd2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29736225
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
58584
expires
Mon, 06 Feb 2023 16:40:52 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F184230a%2F184230a-br347%2FPhotos%2F184230a-br347_1.jpg&v=3&w=400&s=2Ng7e8oWiv6tMRujPaBRwh0K&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9d4a77889881ada9156715bad4ef920eb20033e76573a6d0f7046bfdc50ab4da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28741799
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
48020
expires
Thu, 26 Jan 2023 04:27:06 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F44749a%2F44749a-17582-sm1008%2FPhotos%2F44749a-17582-sm1008_1.jpg&v=3&w=400&s=0etVM3CAwngSyhFB54hv92ys&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a98293d4d1a6ae871a36ad4da373c68925c1f14e88d3d8db727e8f742820cff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30045727
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
27500
expires
Fri, 10 Feb 2023 06:39:14 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F15154a%2F15154a-CVBB1228%2FPhotos%2F15154a-CVBB1228_1.jpg%3F637309267680000000&v=3&w=400&s=GZnJWdD3AZXuVXHcmXfO5VR9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
122d6b58b333c8af7efc027b9f273a06ad58f412b10384f3dfe53c9ad796c818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27904116
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
35802
expires
Mon, 16 Jan 2023 11:45:43 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F57764a%2F57764a-2643f2937b012af%2FPhotos%2F57764a-2643f2937b012af_1.jpg&v=3&w=400&s=GQO-77fg1-eaISk8AOa5alcZ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
46f94822c9e2e2862eac657c0481eda56f28b5fb7c60d8c0a44782a1976349e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29797378
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
31404
expires
Tue, 07 Feb 2023 09:40:05 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F38470a%2F38470a-3s21%2FPhotos%2F38470a-3s21_1.jpg%3F637774607470000000&v=3&w=400&s=cF4T9_jYgM11hvMl6dOq353U&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fc65a27b3d731f9eb9d14d541add2a9d706f3be387b3c6d1e050c1da81bc00c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28828759
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
21488
expires
Fri, 27 Jan 2023 04:36:26 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F260558a%2F260558a-35144a-918510%2FPhotos%2F260558a-35144a-918510_1.jpg&v=3&w=400&s=oTGiZ8P5FKPvSVvPYR4qp_Oy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e014e7dceeb622bcfbedaf73c99bd47b9252f8a4575c642ff7533cbd3b0ff7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28658293
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
78952
expires
Wed, 25 Jan 2023 05:15:20 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F212986a%2F212986a-35144a-877079%2FPhotos%2F212986a-35144a-877079_1.jpg&v=3&w=400&s=CxqGjGuOPZDkKrMePiWMstDT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3f7ba43a7daf36caf4c56bf56b9575d17a96703abc0cb44216f3b4b6f447ec43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27544981
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
45772
expires
Thu, 12 Jan 2023 08:00:08 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F33669a%2F33669a-6-671%2FPhotos%2F33669a-6-671_1.jpg%3F637681636440000000&v=3&w=400&s=_nndL11KpAJVHkeBO6CVvTSJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
242981f6fa8a3b8441019f98c71dfe7717a5c7f9e9b46d9126a6b5b8a982e086
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27538561
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
31654
expires
Thu, 12 Jan 2023 06:13:08 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F45150a%2F45150a-658094%2FPhotos%2F45150a-658094_1.jpg&v=3&w=400&s=RwDDhqOn9kPQZjav-1hXc74B&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fd1aa5b4be8b21532f3bd6273986d67e89fcaa61412ac143c28d49d41ccc6bae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29022593
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
29858
expires
Sun, 29 Jan 2023 10:27:01 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F45150a%2F45150a-658093%2FPhotos%2F45150a-658093_1.jpg&v=3&w=400&s=FIVW8iV0siByvpeGosINcT-9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
43a96ef996cc66db1c3b6cc8f901c3a32a60e211a375b643e6c97eccf9a29b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27891606
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
28244
expires
Mon, 16 Jan 2023 08:17:13 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F228663a%2F228663a-35144a-920356%2FPhotos%2F228663a-35144a-920356_1.jpg&v=3&w=400&s=B4jmOPCLMEpJeAdklC9slA_J&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0f52c390172a9fab0048f48d3f39a67a379d27d8732713abf9b0a53627d9fe95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28065400
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
76194
expires
Wed, 18 Jan 2023 08:33:48 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F36472a%2F36472a-6346%2FPhotos%2F36472a-6346_1.jpg&v=3&w=400&s=u_HOaa9U1btmD-eeiMTPxAZD&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3bbeaab1c83e939c9b2c5a1a229424e3f3df77c006316d2bbb8e4acb0e590639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28060144
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
75356
expires
Wed, 18 Jan 2023 07:06:11 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F244428a%2F244428a-AGNI550%2FPhotos%2F244428a-AGNI550_1.jpg%3F637722621750000000&v=3&w=400&s=OAW1YBsXt_fnFxV9DptDmpQP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
8d7dda5241b0d8ed74e8c166f09df11b1cd1df29ddc0c4f738d80b5a963ad0de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28939148
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
41820
expires
Sat, 28 Jan 2023 11:16:16 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F213001a%2F213001a-35144a-879008%2FPhotos%2F213001a-35144a-879008_1.jpg&v=3&w=400&s=brQY6uZSO9N9uO-qQwGwd3kE&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4743f2ef01932050c5df8ba6f03838be97b81a13a321821c20dbb25cf85ccdb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29623264
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
24896
expires
Sun, 05 Feb 2023 09:18:11 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F56959a%2F56959a-5903648%2FPhotos%2F56959a-5903648_1.jpg&v=3&w=400&s=EemLx3Q1A_ROwFWc8ZG0rkb3&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c17f151fd60c41040675f971088a27c74af61947031761835c4953518e972ac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30079431
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
73520
expires
Fri, 10 Feb 2023 16:00:58 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F278376a%2F278376a-m0019vm%2FPhotos%2F278376a-m0019vm_1.jpg&v=3&w=400&s=18ALBl0l44nUleU_rWuTBxir&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fa5b8b694f7f4d9a486ca2b5aef7ffeadf37b02f9e3b0d83e564551e0506af31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27719112
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
65402
expires
Sat, 14 Jan 2023 08:22:19 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F15947a%2F15947a-7373lr1%2FPhotos%2F15947a-7373lr1_1.jpg%3F637805232580000000&v=3&w=400&s=SW4nFSwU3EiC4oxzYiCT7M01&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e0346cc1e49850292b40d7ecbf1a35a78c362476640781830ac342e20162e702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29226168
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
48602
expires
Tue, 31 Jan 2023 18:59:56 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F51875a%2F51875a-v10002403%2FPhotos%2F51875a-v10002403_1.jpg&v=3&w=400&s=uZNgUP0GtN3IyLPZRAiyYoc_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0d368a3f4de2702ff7f83e290a3805103d9115dcec00c9eb8d0e554a22c5360c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29772375
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
84466
expires
Tue, 07 Feb 2023 02:43:22 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F262412a%2F262412a-eat1593%2FPhotos%2F262412a-eat1593_1.jpg%3F637806187900000000&v=3&w=400&s=2_KAiT8qnbNMiI4SFuefGB7s&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f7f94ac32deb285513cdf9b998e0d9fb1bcbc548fe2f3c95da38c6b2970518e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29306063
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
57286
expires
Wed, 01 Feb 2023 17:11:30 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F56597a%2F56597a-7187_6225%2FPhotos%2F56597a-7187_6225_1.jpg&v=3&w=400&s=UVoBZ6DawxdUB3U7zB_dw7dO&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d0c7c00b9ede97cb54cc4452bd754f9c78fa157842beb9ef770c29b154bcafa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29620568
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
37014
expires
Sun, 05 Feb 2023 08:33:16 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F321206a%2F321206a-340932202737%2FPhotos%2F321206a-340932202737_1.jpg&v=3&w=400&s=Nsn0lni6DcS37b5hoxMhc3tB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
47562c2764c531648d14e409561f3356736bbe3ed2db8a8be2c8beac26ee0fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29736228
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
59740
expires
Mon, 06 Feb 2023 16:40:55 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F212953a%2F212953a-35144a-908772%2FPhotos%2F212953a-35144a-908772_1.jpg&v=3&w=400&s=336tXjoh3kOkV48SCKHL4LUf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
61677a3f2ff6ec220eae2b4fc8e33ef34d88e8d02fd64361ce0a7d5ec0d381c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27817086
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
21940
expires
Sun, 15 Jan 2023 11:35:13 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F232479a%2F232479a-240028%2FPhotos%2F232479a-240028_1.jpg%3F637782264620000000&v=3&w=400&s=TIZsKxTIGKymGJCeZSu6ezon&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
189e086179829589e7fa5318e47729233188aac3d5750c6947c0f639d3c8eb91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29609812
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
56404
expires
Sun, 05 Feb 2023 05:33:59 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F31303a%2F31303a-CB-285-4-B%2FPhotos%2F31303a-CB-285-4-B_1.jpg%3F637763691510000000&v=3&w=400&s=M-oPgKFoRa0kVKBfc6v3YSXa&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
12320029514bb6d4a30b39f5b4676d304ad251db3ebcc3b0c2e4940c11892791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27836650
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
41418
expires
Sun, 15 Jan 2023 17:01:18 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F12791a%2F12791a-1922%2FPhotos%2F12791a-1922_1.jpg&v=3&w=400&s=PRHriSl21NeTnw5UtvuPlfBY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0fb81bc5ede47e8d0090ad3d00c4f88cb5cd73418675820b9c6f5532cc001c91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28037430
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
39372
expires
Wed, 18 Jan 2023 00:47:37 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F263151a%2F263151a-35144a-921130%2FPhotos%2F263151a-35144a-921130_1.jpg&v=3&w=400&s=3IvfszYFJgYOQI9OOHXkM7jI&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4056b8e90cd0620319a93b3b313f2429e2c5bd2e35b6cf71ef25a69e6f6c7035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28584164
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
43960
expires
Tue, 24 Jan 2023 08:39:51 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F37042a%2F37042a-46386%2FPhotos%2F37042a-46386_1.jpg&v=3&w=400&s=ZiwqblKtwk3Jc0327i0l-YWh&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
451dd6e4f595e6dc51f0aa21c7e44219004bcc154d7c724bdbb52ac76325899e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28577358
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
60612
expires
Tue, 24 Jan 2023 06:46:25 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F213042a%2F213042a-35144a-864529%2FPhotos%2F213042a-35144a-864529_1.jpg&v=3&w=400&s=a0xxRCbUdaASUBOQxijfYI4z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3697414b3557c1ae429623cdd979e8b21f4c933e9bba38164223ea0c8f2ebc27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27578515
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
69922
expires
Thu, 12 Jan 2023 17:19:03 GMT
img
pix.eu.criteo.net/img/ Frame FA42 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4749&q=80&r=2&u=https%3A%2F%2Fcdn-eu.green-acres.com%2F691a%2F691a-1869%2FPhotos%2F691a-1869_1.jpg%3F637782656410000000&v=3&w=400&s=xmKKyEYCxNYqyRlFyevUBAho&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
319fdadf6d1c781c0eebbefde3ce1dfab1ee3c8ae1aa0b41ca34a45cded31af3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29609812
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
60378
expires
Sun, 05 Feb 2023 05:33:59 GMT
all
csm.eu.criteo.net/ Frame FA42 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=_KVvLpA1nEyV2X7HShDPCOeierSLa7z2Q0cqAvm-eAkq8h2rIp3vDZJtPJAPSu1Z5bVaht4QL3MkmggXyHXNYV1V5hMm3URln2Hv58oeBsz1ByE3vlTKI8eQcQ-i1MLuewnN2vE1z8a5C5480gMQJpqzZUv_6mRDnXa05H9AIEZJYWrqYVCu8XEaM5BDXS6zV_KZDwzv6gpodJqjVH_-X4EGbmQYwaTeXF5vHUVbzlKEL_M3a8ZK0RDflfYVPCpHJVi2QA&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 27 Feb 2022 12:37:07 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FA42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Feb 2023 12:37:07 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame FA42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Feb 2023 12:37:07 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 6A7D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 20 Feb 2022 16:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Feb 2023 16:15:51 GMT
file.mp4
r1---sn-aigzrney.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677501427/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 6A7D
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677501427/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-aigzrney.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677501427/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-aigzrney.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677501427/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5EA415A9A2655C7E764DA5CF22342B8CCEBDA09F.39075E8BCE6BBBDFCCFAAD9FB4D5DE61409CF09F/key/cms1/cms_redirect/yes/mh/fH/mip/2a02:8c8:c10:30::15/mm/42/mn/sn-aigzrney/ms/onc/mt/1645965075/mv/u/mvi/1/pl/32/file/file.mp4
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4009:2::7 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4478842
Last-Modified
Wed, 16 Feb 2022 00:43:27 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 27 Feb 2022 12:37:07 GMT

Redirect headers

date
Sun, 27 Feb 2022 12:37:07 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r1---sn-aigzrney.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677501427/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5EA415A9A2655C7E764DA5CF22342B8CCEBDA09F.39075E8BCE6BBBDFCCFAAD9FB4D5DE61409CF09F/key/cms1/cms_redirect/yes/mh/fH/mip/2a02:8c8:c10:30::15/mm/42/mn/sn-aigzrney/ms/onc/mt/1645965075/mv/u/mvi/1/pl/32/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F299 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sun, 27 Feb 2022 05:53:44 GMT
expires
Mon, 28 Feb 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
24203
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
dsum-sec.casalemedia.com/ Frame A372
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJSungIQ7LaeAhie9cu_ATAB&v=APEucNVl-aiRGge1CYkiNg1yjRCTtObKrBHrejKv7RVPvpYqJQswKbuOCEA4_8_QvJnUkPciYXVnKa1ZtrVxsKHZVKtx_4iAfUWFdkAdwhZlUN-xVF3mxnFzn5-6BTpYp10I1iIau-Ga32lzxhBu__venPmk8aHTQ8lPXW3FI7wm5UBhLH-pZeU
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 27 Feb 2022 12:37:07 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A372
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJSungIQ7LaeAhie9cu_ATAB&v=APEucNVl-aiRGge1CYkiNg1yjRCTtObKrBHrejKv7RVPvpYqJQswKbuOCEA4_8_QvJnUkPciYXVnKa1ZtrVxsKHZVKtx_4iAfUWFdkAdwhZlUN-xVF3mxnFzn5-6BTpYp10I1iIau-Ga32lzxhBu__venPmk8aHTQ8lPXW3FI7wm5UBhLH-pZeU
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 27 Feb 2022 12:37:07 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A372
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDCTXaHPXu9cHgfdrN8MFO0&google_cver=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDCTXaHPXu9cHgfdrN8MFO0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJSungIQ7LaeAhie9cu_ATAB&v=APEucNVl-aiRGge1CYkiNg1yjRCTtObKrBHrejKv7RVPvpYqJQswKbuOCEA4_8_QvJnUkPciYXVnKa1ZtrVxsKHZVKtx_4iAfUWFdkAdwhZlUN-xVF3mxnFzn5-6BTpYp10I1iIau-Ga32lzxhBu__venPmk8aHTQ8lPXW3FI7wm5UBhLH-pZeU
Protocol
HTTP/1.1
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
996bf475-b52a-44da-80d2-e16e1e342601
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDCTXaHPXu9cHgfdrN8MFO0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A372
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxODk1ODMxODg1OTQyMTg4MA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxODk1ODMxODg1OTQyMTg4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJSungIQ7LaeAhie9cu_ATAB&v=APEucNVl-aiRGge1CYkiNg1yjRCTtObKrBHrejKv7RVPvpYqJQswKbuOCEA4_8_QvJnUkPciYXVnKa1ZtrVxsKHZVKtx_4iAfUWFdkAdwhZlUN-xVF3mxnFzn5-6BTpYp10I1iIau-Ga32lzxhBu__venPmk8aHTQ8lPXW3FI7wm5UBhLH-pZeU
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
45968826-6e4a-48c0-9931-a8d658dc084d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxODk1ODMxODg1OTQyMTg4MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4209 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgfsK7X6ksHC-hxs3XqvjRaFBCBsi7e_HE4170aZVaX-7yoRIQaQBzTSmQFgFJMk5eTvvhzJX2zv4ffSoZkpJEPggTNaubmz9FlN8mgV7CZtKxEEMpixpkDWZEatK4qpNgPEjeesa2EQUIpzJsoJ8ogMQmbQ&cry=1&dbm_d=AKAmf-DhsQns_u0-0BPJnVgWTbOLRprLmFHxJqdDEUwZIvgVD_-9sTyFSVW-1yqMW9gdnb-_WRNavi4uWDF8LQcYVi1Sk7E0yVa4QTlcq4qyM8PDL_Aw0zy9zlaqB1AfxJf-9V_ba6KHnvDK7kBN-cBrJdOM3GTGl2DAkFfs0sARvygL_FHJIQbp-BTkqPTYf7Xs2z8MQ52SyrNwBxQIsztoUOkW12eogVQ305A4kT3h7cihCq5qf0ySsDM7KWzenrcuJ0wB4FQ0Go2GxwMiGge0lhPuwmiZw48rt7sKMEF0NljDvaEiwEsrUGbAq6H8B5kUzVBk4tM688pEGs-JKZwB8ne7wgz8486a6WJA0pyb___jzaL4F2dtK4yaJ4Uc1d14uQH2ZLrwdYUlgus_SbPi4seEANUqdzXGKaqtDfW251C_h9hUPz8qbaT991ENC5askGXJXzyR_Id-vqrEo4QU7DkGYW-mI36yY7ZmJjW9MUE5WiTu9FEazyRHznbJpoFlST34xMOViORmlz9L2vs-Z_Zpsx9Tv5ArJLW8C3I8NOyAcPlxLopuN9oEPJuUp03IQbGadNNUVVMQOqf0zU_Wh8TBUvyl-DgXYRaah_fuZTIaIO_qIDL_x7sklCd2seg5P_e1xuFW-5NrS_TtQKhcyev0u8HP2jC8Tzu6Q3jkkW_lWNvIrmp2GsOUanUjoUTLjCTknRzuEApJLHkxgKPsCHMwRwKRESrr2ql10Reohz2-2sYzuHe4JbSY_jO5ohhkj9KQ4_rA9EMfxnfp41oX5_GC83hl_IgtKOKKc8HJTIWTLbpU4OvcRVVdMZ_goHC3stygk8Lui6QOVKFT5DbA9tMWWLqw99XewrYQaK9C-QmodhK74_KBJn2FphG3QzT9uqds_0gO_VyIXexHyFF7OJUXLmY11bWKV_84fdq0JGrJELAFRvLlo4elHSi3UBtaKKMxy89Z3NxCOPwUvSzcbVvfu_XcfaK3reqYdAybvTcudw_fc3B2b1dQVgQ5R985WN9kLVcgooT-n1cwAt0kDXo0dYJsKLm0fCxIn9bBSobjrW6G-2KblUX1J9GmREI0ui_NrpuZ-XEtRypg6osz9c33OAWnkkxdPBGYZ84EWwwYiDNGE0-d1DLQf6a0H7XWVXJ8hoDkmrwA7CMZ_YCYO9R_bZ0enmKTL87g1It_2_4oOEoT6gFZUVYx0LFnPZ36xP0BPuKloUgnwZkDxW-5gFns8dp-6LNyUIJFCuZO91YkT2NBcqtMmgcsFWr0gMwmaLl0KCfhWQjgFjlXHN5hi1-DCDTlK0lOxVi8QLaHliSav5bwRLjPSeRIILDv1uO6etXYlW-OOplX4EfepuiiQFoC-SoLzcI5vA-t_cZrzUL8NTTplm9zrZCFxYcGYMNVIz0tRhqAIx2uKyPOVFUp7_hLjqVmBCwRyfPF7lXpTDvSR4o5YC63pLLlyazWUun1CJ8QvKzahNh6O3B-E49b0hWh8hh_PVuVZz3zOiTfg0uUnwQDQK6UQ0nJWQwNYLIFrjFHC1lxsVzJQ2pRMsDkSw4Q-L7V-CDsvx0j50hejKvf1uWU73CEOzjDoTWKEaec11OFmFWm04meQ5STwLp8qAw9dQx6J8Ya21zhFjKTmFfCIiiXts9BGTRmhMcQcAEAk_cBKBoVNyOQPtDy_ei3B6mzYqkFOEWthH6oK8NT62XTQxdeWrzM19HUJAF3AB_hN9eKTXl54Ws-yy3EvQv6Cg1vFW6UPXWG-BW5aLYCvaEEQb52fxwNl-3U42xzBl_3fB5PEaFkC2F0JhC1ztYQd272dATm4aWi99gNVeOIew-5zG6la6hIP-W_C9Vz7cQQlSXOR5SD7AJfeGQ7zVLhVKy02Oxj3xbDG48pENtmFJB8eI8Dnl2q4chO4ujfsmtifeDWnGMNfy_qnH4B7j6SAV8bPQR5g4NXh_kyYEkW1DUuRgqdB4Hiboi38fKh0nd06J7OPmGykAGgAqKSxdIlaZ95YzpdBYexUy_Uxp20lH-fDiPDrR5R5BL0XKc2c_zBQiwC_gBSI4_3imaf-8psSJSU6E9-_RkFqERGPith3dNLmc21BihQOa8p_1mq9GXT8CxsQIejYvSzqzSOfvW_K2FZ4Vg24UOMPE9H4Cg6UpvB7B5NPJYs0vRdVL6HcEbBR_9fbsetJ6ej1sWlLp-HhizJLJ8JawppwXPgXwXV5YJ6JaVmaxNSuQ4hSzO6dZXJ1ISBy_L8dkGV1_vlq5KW-wRfQcEtlrK0E1xOagUDbZVhXMyqZOAuV67o9KNMxzo9q8-YpnmhzQSV7sSq5xG5nNpH4olR3vd9DbMMEyTaEdlvxMiAU9i-utQ3DZUo_8G1nUOR8Qyd6I58ISNrtQPJn1QPsvQsozSxeW5DbEZmoMmcKzktalW006pm7pFZ-YyEz-ySnHTAeLvP4DGJmdhMdkk1Iothsv91sG7IPuMkNCJdmGCsTEPXfr59OUXW6Ws3JwcNu47v4AUDvqB3kRwpC-jtoihJRyvMNAOjQ_aVNKs161JllNqb3ZMtSs1st0lF-vUlJekQlyantZstqRtpoQin4Tmw5MkMTpOF2ETymXNkhuvBWylCdrDZEyraemUiA0CuBMpq9Cj3Df00HYwyXK2fVmLRK5BSJEAwBvMZDSz1Unc_EFtpliYfP9zMuSBsqT3p6P__ueRl_g51xclZNGOO4kfPo5kJF4hCelSN3ST0lrio8nsuSBiNCdvSz4m57Y3jwRgMHGYoVgw361lm2QX_H1X5uUqgK3HjSlk00Mtp2nBIzZ7Z9lk0_dNEnWNotXTfTgY78Hm6Znv3JJa8W_z7PFSwwQKlyh1ulX2FV-Q1DiHrUKTml5UGiPvZLZwlkLn8WyYCmXZVUOBKRajXZvJg3qbO1oAu-dyKrYhAimCl8xRZfiFXlzjvT45_z4nQeDlpE0yyo_C-cYTcgI0ItUFmy-NVUaqsMGRH0vd1aHfRleV3P1Jk1Q-JB_3Q6jzwIAAlSNIa6v_E5mc-8aYQNn1_LJNjNWv0soJr8tPOf4jVOqWn9fgIPTTuvnwRLL_GOp3zG5mF4aNbsAt4KPar69z1hnYp70kVHpeTyUoDyBwPeBUdqtfU3jjbgOGBpmjHPoPOluie5WcPPIs87js85DBsvDIJr52xtaS2zOEUhEH9dWclYwuspkCVo_op-eu5jW5NQ6pOuey-vBD2f4ipwR91_7gkOH4eA8fKvJstyINOzpcc5ZdUKV7wkgiJDNCbNdd1M08uUwjuvbrI44qbTqunuiYlDQA87Fa4xZtcaaE02_s1EzXg3tgrmnI74Lr9RmcTVQ2VjLetUCMgtI02z-TLDiBcX_ShIQRodemPaEBOvZrjW4pfHsKVI9HQEhNIbzhBskiGo7k--OlPgLar7iuNABGQjgME5yNOc6hHJP_GvN6s7QXTaRzvzkYPly1lowrG_zatggPvu_aKWbqVmvovX0SNbXBunGHUwe4f-uMigBbWJx5ZAgnUf_KY__keMM9QvUTwCpSrGKZeugz5aGvYJtcwsAsSF-exRbHk02yIDBuv0NXMHB1-h3par_MKRJr56epcfidjfpEyEYG6TuGBpxuTYNZaAICO6M57nCygDup6JZBbXb6I895Dx8rYDe82IZMLC1UBHLvhQ0ZydOaTU-LZ7Zpxv0Jde4Dtt6YJdKR1TbKXGqe7dV0C27_6CgsCOYN9x3hTREWyZWuJoBRnsWUXu_nhAw4vARlb878xLRRFsLwLKt9S465RBsy-FFbVWvqDMYyrb0aXat13FBpui-Nc9foQvvfSl5nSbFBO5CeNXV3woLPkHEZns-qW3UN15XeA2d-J24C-B8ZopU6NcvEEx-L-neSHsreBpsKoMdS5j9E&cid=CAASBORozZk&rfl=1%2Chttps%253A%252F%252Fwww.buhoblik.org.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sat, 26 Feb 2022 18:07:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66603
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Feb 2023 18:07:04 GMT
impl_v85.js
www.googletagservices.com/dcm/ Frame 4209 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 21 Feb 2022 17:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
501327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Feb 2023 17:21:40 GMT
truncated
/ Frame 9E97 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4565f4c6f59851be31514e8cc34781d3238b46053b33cc9fb160b4bc68f1edb6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 3AC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6tv8YCEMKMrJYDGMmh-cIBMAE&v=APEucNWqB8fSWlnhk3hmv_y_-jkaq_XyOc-v8sWQs39WZ-z0XcLB2xHYqhZhwSzMx7HtbHFc6kvGSa0HHRMz4qT4NoGcTpa8Hh7tXF_ziqJjeQr8Z1vo8YGcMHDj3xjyGzqfUTBK1EggtmuY2szBO6_lEGCaIzB7aima4Arqa_ASODlsDKis64w
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 27 Feb 2022 12:37:07 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3AC8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6tv8YCEMKMrJYDGMmh-cIBMAE&v=APEucNWqB8fSWlnhk3hmv_y_-jkaq_XyOc-v8sWQs39WZ-z0XcLB2xHYqhZhwSzMx7HtbHFc6kvGSa0HHRMz4qT4NoGcTpa8Hh7tXF_ziqJjeQr8Z1vo8YGcMHDj3xjyGzqfUTBK1EggtmuY2szBO6_lEGCaIzB7aima4Arqa_ASODlsDKis64w
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 27 Feb 2022 12:37:07 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIJXoAri2nEnrlL0YO51rVE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3AC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDCTXaHPXu9cHgfdrN8MFO0&google_cver=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDCTXaHPXu9cHgfdrN8MFO0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6tv8YCEMKMrJYDGMmh-cIBMAE&v=APEucNWqB8fSWlnhk3hmv_y_-jkaq_XyOc-v8sWQs39WZ-z0XcLB2xHYqhZhwSzMx7HtbHFc6kvGSa0HHRMz4qT4NoGcTpa8Hh7tXF_ziqJjeQr8Z1vo8YGcMHDj3xjyGzqfUTBK1EggtmuY2szBO6_lEGCaIzB7aima4Arqa_ASODlsDKis64w
Protocol
HTTP/1.1
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4eb9b71e-e20b-4b04-90a3-29a23ed68711
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDCTXaHPXu9cHgfdrN8MFO0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3AC8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxODk1ODMxODg1OTQyMTg4MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxODk1ODMxODg1OTQyMTg4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6tv8YCEMKMrJYDGMmh-cIBMAE&v=APEucNWqB8fSWlnhk3hmv_y_-jkaq_XyOc-v8sWQs39WZ-z0XcLB2xHYqhZhwSzMx7HtbHFc6kvGSa0HHRMz4qT4NoGcTpa8Hh7tXF_ziqJjeQr8Z1vo8YGcMHDj3xjyGzqfUTBK1EggtmuY2szBO6_lEGCaIzB7aima4Arqa_ASODlsDKis64w
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a8c8254b-1d57-4b8a-ad01-ffe79e0f543a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQxODk1ODMxODg1OTQyMTg4MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
ib.adnxs.com/ Frame 2ED2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 2ED2 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=6c0ced92-214c-4ca6-be3c-da9ec837c836&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a...
95 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6c0ced92-214c-4ca6-be3c-da9ec837c836&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e4176734aff71ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=6c0ced92-214c-4ca6-be3c-da9ec837c836&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 2ED2 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Df...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7388-17f3-4901-6016-e1f77c543494%26reqId%3Df...
  • https://mwzeom.zeotap.com/mw?cid=27c6900a-cee8-43c7-9df9-2ddc4dabbe41&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=27c6900a-cee8-43c7-9df9-2ddc4dabbe41&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e4176738b5571ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=27c6900a-cee8-43c7-9df9-2ddc4dabbe41&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 2ED2 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-vcl-time-ms
10
date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1645965428.574687,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-lhr7321-LHR
u
dmp.v.fwmrm.net/ad/ Frame 2ED2 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:6235:8475:2669:58c5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c6...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e4176765f5571ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
date
Sun, 27 Feb 2022 12:37:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=8a4920dd-277f-4dac-8660-00336f8a4069&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=8a4920dd-277f-4dac-8660-00336f8a4069&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e417673fbef71ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=8a4920dd-277f-4dac-8660-00336f8a4069&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f6be7388-17f3-4901-6016-e1f77c543494&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f6be7388-17f3-4901-6016-e1f77c543494&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=29053329692172150550491571047363694804&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=29053329692172150550491571047363694804&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e417673fbf271ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v028-02ad794db.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
qpvHWkOiQqA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=29053329692172150550491571047363694804&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 2ED2 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7069367679324256399&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7069367679324256399&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e4176734b0071ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7069367679324256399&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 2ED2 		95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=f6be7388-17f3-4901-6016-e1f77c543494
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f6be7388-17f3-4901-6016-e1f77c543494&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f6be7388-17f3-4901-6016-e1f77c543494&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=j67zJTsuqaLu2mDawiHdgO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=j67zJTsuqaLu2mDawiHdgO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e4176746c9371ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
last-modified
Sun, 27 Feb 2022 12:37:07 GMT
server
nginx/1.18.0
location
https://mwzeom.zeotap.com/mw?webouuid=j67zJTsuqaLu2mDawiHdgO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e4176748cd171ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f6be7388-17f3-4901-6016-e1f77c543494?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=f6be7388-17f3-4901-6016-e1f77c543494?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=6d5d579c15eba577a4d9ce916bc9f447&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-69...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=6d5d579c15eba577a4d9ce916bc9f447&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e417674cd2471ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=6d5d579c15eba577a4d9ce916bc9f447&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
cache-control
no-cache
x-server
10.45.27.233
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-7dI839VE2oqUJxtjZImhACrCQm3kiUVSew--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-7dI839VE2oqUJxtjZImhACrCQm3kiUVSew--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e4176747caa71ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-7dI839VE2oqUJxtjZImhACrCQm3kiUVSew--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=5MW5g7YHHbnOXmsldmVjT14Oz%2FyLfPFH%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=5MW5g7YHHbnOXmsldmVjT14Oz%2FyLfPFH%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e4176745c7571ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=5MW5g7YHHbnOXmsldmVjT14Oz%2FyLfPFH%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 2ED2 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=f6be7388-17f3-4901-6016-e1f77c543494&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 2ED2 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.14.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-14-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1645965427
x-served-by
beacon-n019-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 2ED2 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=f6be7388-17f3-4901-6016-e1f77c543494&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YhtwcwAJTJiYUAAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-602...
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YhtwcwAJTJiYUAAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361&_test=YhtwcwAJTJiYUAAy
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e417675eeb671ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1645965428.072659,VS0,VE0
x-served-by
cache-lhr7339-LHR
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YhtwcwAJTJiYUAAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361&_test=YhtwcwAJTJiYUAAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame 2ED2 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.220.99.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-99-171.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
server
nginx/1.20.1
usermatch.gif
beacon.krxd.net/ Frame 2ED2
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
79.125.14.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-14-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1645965428
x-served-by
beacon-n014-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
date
Sun, 27 Feb 2022 12:37:08 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a008-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2ED2
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f6be7388-17f3-4901-6016-e1f77c543494&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-601...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f6be7388-17f3-4901-6016-e1f77c543494&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-601...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f6be7388-17f3-4901-6016-e1f77c543494&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:08 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FPMMVH6XKSDCSYCHKV8A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:08 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1H3R4ZQ2EVBP8QMYMPW4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f6be7388-17f3-4901-6016-e1f77c543494&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 2ED2 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=f6be7388-17f3-4901-6016-e1f77c543494&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:08 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 2ED2
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6be7...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e4176762f1a71ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
date
Sun, 27 Feb 2022 12:37:08 GMT
cross-origin-resource-policy
cross-origin
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 0375 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90164682&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
de9d6d150bc2f51be3d9c5fe8d3bb9d2fc12410697b9ad0dd7ea466f8b0697ba

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 945F 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 21:09:58 GMT
expires
Mon, 20 Feb 2023 21:09:58 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
574029
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
B27306636.329323117;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=2923430905;ord=u0tvoo;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCk-cwcnAbYtPlIrie7_UPlsmU-Au0t-rMaImV0PDd...
ad.doubleclick.net/ddm/adj/N5547.612085REGITAL.COM/ Frame 4209 		46 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N5547.612085REGITAL.COM/B27306636.329323117;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=2923430905;ord=u0tvoo;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCk-cwcnAbYtPlIrie7_UPlsmU-Au0t-rMaImV0PDdD_AuEAEg5-TyFmC7BsgBCakCp0rGnZOBtj6oAwGqBJACT9C8_lcrX_MxAX9lBwLSvqFxSrkp38umZYwle5-U0XJyDKkmPAndnKfCQ15Zias_BfftEpgNndEWJEb0JanI2M4OfRLttjM2LkpVEXVifIgaGFSxHGKFSN528diuEGu4vdjyEkdjl5RccSbv-zj8dL1lI0SAtFlp5OdRviXqIZ7SdUru20wkPpNT38zroFdYeuTs9qqxPES-Aj5vrQExWKvu4p9OZ1eNQ9EphIlr7z3-Hl-vDTnmjQKgfvwCTRrI2e3mc_qyRiuTsFLoijrrSde3hV8imynAoiPHJtBCblxzNJkEAU0mMlaWt8sNX543EGmct6g2-aueP5e-uCIStjSSS9WDggMflLvIaeZpGQbABL-T1ub8A-AEA4gF7Jno-TyQBgGgBk3YBgKAB8TkgZQDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcAoAiKFrAIAtIICQiA4YAQEAEYH4AKAZgLAcgLAYAMAbATtLipDtgTCoIUFRoTd3d3LmJ1aG9ibGlrLm9yZy51YdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASBORozZk%26sig%3DAOD64_2FQLIPMqbdZ1y0csBPF-xl_Lr-Qw%26client%3Dca-pub-5630956766216465%26dbm_c%3DAKAmf-B5-nrSZZFXGXfs7oMWcfOXWGSYPxht0ysnF77J6Ea9YN4c4BhXXRLJ_qUF8ATDLChTpy9S1bwVNFR-qscfr8w6tMthz4CORq0FuggBIHg3R4xPBE6-7Sv5465uj7pDtd7U0XVqcLjK5WMZHX-u0d8qSOAFYA%26cry%3D1%26dbm_d%3DAKAmf-DHVQ92K5M450vYVeKysv2ULdvcALIWsVv4_qSZQzY8d5ouF1px_eA-NC_d1Dx8scXC5gCDilOJ7A0xMSQF_daBF1sjTCfRA7sk69CBUm4l8aLipLGW3PBkVZOu4EDB08q5pywG45apbgLdT0GGTLokqyBiofMk-WDNfPb61tHpxENUK2jAio_KbFSO7URHK7NCpKY7XQKqqDEq3sh-BTsh1GlfJcOa3a3CoYRsSYrHBKVqnCT9m5NVvba5RyMHnfLhk6j-TPdE-04P0qz7_YJ7ETAxfM2qDW9Z_cfi6rocv4XznrxHveaTHNbjn3X9_1JRfcHOG4R81C1YmbtTKDjIpdfqUtnnvux1-ESkJii0DiCw6k39Euwbz7oV_OLpAg-rHVaFwe40myjcru3Q0nyAUlGmQpF_2AHnlnTPBfKcUOuMcTlk0JmVyJibFCqC6thv1G0Mr7b4mhQ0r78IcAf7SC_sbQ%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.buhoblik.org.ua%2F$0;xdt=1;crlt=e7fP0-FmMq;sttr=138;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
aa2af225ec93f0e37c04e93c2b5047f0fe755c01f737bb4b32b7661afe88ad50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24035
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
uu
ih.adscale.de/ Frame 9088
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1645965427
  • https://ih.adscale.de/uu?cbfn=receive&t=1645965427&nut&uu=82130a575f9b48f79038e1fa8ec040ca
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1645965427&nut&uu=82130a575f9b48f79038e1fa8ec040ca
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b5e583a9f3d2a7736c83798ee35eb3f12f34525fe62275c2a02b21b19c5cde9e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1645965427&nut&uu=82130a575f9b48f79038e1fa8ec040ca
date
Sun, 27 Feb 2022 12:37:07 GMT
content-length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B982 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 26 Feb 2022 18:07:04 GMT
expires
Sun, 26 Feb 2023 18:07:04 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
66603
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
extra.js
w.uptolike.com/widgets/v1/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/extra.js?rnd=0.06299263200335092
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e6972fe2e229ab6115456a139aa95cd8ba67c16ff866efcc1bd6e0cce6407c91

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Expires
Fri, 28 Jan 2022 08:03:17 GMT
watch.js
mc.yandex.ru/metrika/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
d8fbad75e931316d854b870fc239f47d04ec576146f5ee6ef580e9459223e9a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-encoding
br
last-modified
Fri, 18 Feb 2022 11:36:57 GMT
etag
"620f5aa9-c3b1"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
50097
expires
Sun, 27 Feb 2022 13:37:07 GMT
usync.js
eus.rubiconproject.com/ Frame 377C 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
38b480f40774eaa74499488cd393080f9921e5b0a90ac8910e012c96089d3711

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 19:52:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37707
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9762
Expires
Sun, 27 Feb 2022 23:05:34 GMT
usync.js
eus.rubiconproject.com/ Frame 1709 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
38b480f40774eaa74499488cd393080f9921e5b0a90ac8910e012c96089d3711

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 19:52:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37707
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9762
Expires
Sun, 27 Feb 2022 23:05:34 GMT
css
fonts.googleapis.com/ Frame 6518 		5 KB
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: tttttt.me
URL: https://tttttt.me/buhoblik_org_ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
def453926bf1e0d62bf8a4cf5c409dd333a049f547e470a509cc738bede438c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tttttt.me/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Feb 2022 12:15:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 27 Feb 2022 12:37:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Feb 2022 12:37:07 GMT
bootstrap.min.css
tlgr.org/css/ Frame 6518 		42 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/css/bootstrap.min.css?3
Requested by
Host: tttttt.me
URL: https://tttttt.me/buhoblik_org_ua
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tttttt.me/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:08 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
text/css
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 03 Mar 2022 12:37:08 GMT
telegram.css
tlgr.org/css/ Frame 6518 		108 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/css/telegram.css?215
Requested by
Host: tttttt.me
URL: https://tttttt.me/buhoblik_org_ua
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
36a8cc71b8c024b285afdf588deb67f2f3ae0b44bb438c65bb9b62a1247c3e3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tttttt.me/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:11 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
text/css
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 03 Mar 2022 12:37:08 GMT
dpixel
cms.quantserve.com/ Frame F299 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDyc8_sq3Hw-CDnOOydIjwk&google_cver=1&google_push=AYg5qPKD3azPR1p-m-ETUDKvkF9hwGhUZ9jDnwGVDG8gsDX3evZZrqiOz3WuYDdWd_71tlLlAxiq-A_3kswOPpSR1bLBlNSK_ks
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F299
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENoReFYZ69myImzb0IgK8MQ&google_cver=1&google_push=AYg5qPKJ9p4PNA7GRBgJghFtQjjvxUgQu4nxEkZKN5YJi0ZOB10ImbGScOyBxUF_ceTDK0xN8YYzSN7hENu5psNuPvNj7-bN6Zc
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKJ9p4PNA7GRBgJghFtQjjvxUgQu4nxEkZKN5YJi0ZOB10ImbGScOyBxUF_ceTDK0xN8YYzSN7hENu5psNuPvNj7-bN6Zc&google_hm=Q0FFU0VOb1JlRllaNjlteU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKJ9p4PNA7GRBgJghFtQjjvxUgQu4nxEkZKN5YJi0ZOB10ImbGScOyBxUF_ceTDK0xN8YYzSN7hENu5psNuPvNj7-bN6Zc&google_hm=Q0FFU0VOb1JlRllaNjlteUltemIwSWdLOE1R
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKJ9p4PNA7GRBgJghFtQjjvxUgQu4nxEkZKN5YJi0ZOB10ImbGScOyBxUF_ceTDK0xN8YYzSN7hENu5psNuPvNj7-bN6Zc&google_hm=Q0FFU0VOb1JlRllaNjlteUltemIwSWdLOE1R
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F299
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKflsj6a0PaWQ7C8TWVarr-L3N84Zm8EaLUy3xfvGb2fN8FGqSpEXlINghpcF0F-KgQRU8qYA4McOnsrJpLEAtCXytF98eg&google_gid=CAESEDB-yGyJ7GS22uV5btQ60TM&goo...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPPg7ZAGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBLZmxzajZhMFBhV1E3QzhUV1ZhcnItTDNOODRabThFYUxVeTN4ZnZHYjJmTjhGR3FTcEVYbElOZ2hwY0YwRi1LZ1FSVThxWUE0TWNPbnNySn...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwY1VVcDA0cmVfXzhnOF9CUllEUUdtdWJsS01OZTc3elplVUlwOU4tODFaVQ==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwY1VVcDA0cmVfXzhnOF9CUllEUUdtdWJsS01OZTc3elplVUlwOU4tODFaVQ==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 27 Feb 2022 12:37:07 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwY1VVcDA0cmVfXzhnOF9CUllEUUdtdWJsS01OZTc3elplVUlwOU4tODFaVQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
dds
rtb.openx.net/sync/ Frame F299 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHQ_AIEn2XrNB27lF39RBws&google_cver=1&google_push=AYg5qPJaHZlVt6ARBTnLwXO9SfTe5Vym5FAdk8Q0Mr1xGFlkab-ELNql-i0Xb4HrDEz1snK8oRGI7gPxSsJpnum_1S3wYplVLfYn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:06 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
jtr7ho3t2oqh0b91ga5vmeaotin1ug38
pixel
cm.g.doubleclick.net/ Frame F299
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xGlwQbyzSm2Tm1zdH7Faew%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xGlwQbyzSm2Tm1zdH7Faew%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLDrkGeW1BL_X-pQNfJVWkA677Fxwily5VY8mQya4rsWKIvmpG7fKMYY1YhhB4aOxVDMg8q8aQly95VAstmG9Eiwu8V1fAm
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xGlwQbyzSm2Tm1zdH7Faew%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLDrkGeW1BL_X-pQNfJVWkA677Fxwily5VY8mQya4rsWKIvmpG7fKMYY1YhhB4aOxVDMg8q8aQly95VAstmG9Eiwu8V1fAm
date
Sun, 27 Feb 2022 12:37:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame F299
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGHr1Bcupi00t5fX1HYN8lw&google_cver=1&google_push=AYg5qPKQ8iAxpA8VQDxqRhdCxKAMRYZGCxasKwSAz97--bK6Xwr-xwtDE0ZGyitqX-IEXYwgQ3G...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDA1OUJHQTgtNC1KVVZS&google_push=AYg5qPKQ8iAxpA8VQDxqRhdCxKAMRYZGCxasKwSAz97--bK6Xwr-xwtDE0ZGyitqX-IEXYwgQ3GKxmwM0aEpLsk188oA1RVNPkLs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDA1OUJHQTgtNC1KVVZS&google_push=AYg5qPKQ8iAxpA8VQDxqRhdCxKAMRYZGCxasKwSAz97--bK6Xwr-xwtDE0ZGyitqX-IEXYwgQ3GKxmwM0aEpLsk188oA1RVNPkLs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDA1OUJHQTgtNC1KVVZS&google_push=AYg5qPKQ8iAxpA8VQDxqRhdCxKAMRYZGCxasKwSAz97--bK6Xwr-xwtDE0ZGyitqX-IEXYwgQ3GKxmwM0aEpLsk188oA1RVNPkLs
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame F299
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5A...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame F299 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ju5wc170zl45RZIT8YKFCBJC1R5x05ZJLeAfsVkGvWcVGrbwc7Gy3oTCVt25LIKph3MSms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645965425&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426431&bpp=1&bdt=396&idt=167&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C336x280&prev_slotnames=9743280908&nras=1&correlator=6049263549741&frm=20&pv=1&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=nzMGA9ruse&p=https%3A//www.buhoblik.org.ua&dtd=170
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
U5D2RVqZ1PRjVXB30NjW_eGY8d3xtAEXQJvJ3b52R2Q.js
pagead2.googlesyndication.com/bg/ Frame 945F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U5D2RVqZ1PRjVXB30NjW_eGY8d3xtAEXQJvJ3b52R2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5390f6455a99d4f463557077d0d8d6fde198f1ddf1b40117409bc9ddbe764764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sat, 26 Feb 2022 16:09:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
73684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Feb 2023 16:09:03 GMT
SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
pagead2.googlesyndication.com/bg/ Frame B982 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:16:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
1259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13759
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Feb 2023 12:16:08 GMT
khaos.jpg
token.rubiconproject.com/ Frame 1709 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 377C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
/
jaclick.ru/plus1/ 		0
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jaclick.ru/plus1/
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.06299263200335092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.109.14.161 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
belesta1007.ru
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Last-Modified
Sunday, 27-Feb-2022 12:37:07 GMT
Server
nginx/1.13.12
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
/
grsync.ru/cdn/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grsync.ru/cdn/
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.06299263200335092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.63.105.49 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
belesta1010.ru
Software
nginx/1.13.12 /
Resource Hash
a52796ef339ed1f412652a5d8b44162c56a4600e2142bd7997280b8fbc1d19bd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sunday, 27-Feb-2022 12:37:07 GMT
Server
nginx/1.13.12
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
smart.js
static.tnsis.ru/c82up/ 		172 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tnsis.ru/c82up/smart.js
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.06299263200335092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
33f9b37b3d213f4a58930a3fa37c70bf2aa96478c2a82862d7bbe25e1452f11f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
mode
no-cors
server
nginx/1.20.1
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
collect_stat.js
af.click.ru/ 		621 B
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://af.click.ru/collect_stat.js
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.06299263200335092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.197.112.80 Moscow, Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS
seopult.ru
Software
nginx /
Resource Hash
35c77074524fa5705ce81fb0cea86d0ec3af63e64d8219d9722e8b947d09323f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
Last-Modified
Mon, 17 Jan 2022 12:43:51 GMT
Server
nginx
ETag
"61e56487-26d"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
621
cc.js
tags.crwdcntrl.net/c/15238/ Frame 37F9 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 27 Feb 2022 04:08:56 GMT
content-encoding
gzip
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
30492
etag
W/"2b2f816f40499d384e118ce88a266e02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
7KjGXjUr1FE6mavZ3_WVJONvOHGMRPdhDHkD2FI2AF63yq8Q-jQMqg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 76F1 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Sun, 27 Feb 2022 12:37:07 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Fri, 26 Feb 2027 12:37:07 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.adtelligent.com/ Frame A1AB 		0
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AK8Muliy-wRda6Lv
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Length
0
Etag
b7234acbe79ee4e9
file.mp4
r1---sn-aigzrney.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677501427/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 6A7D 		161 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-aigzrney.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1677501427/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5EA415A9A2655C7E764DA5CF22342B8CCEBDA09F.39075E8BCE6BBBDFCCFAAD9FB4D5DE61409CF09F/key/cms1/cms_redirect/yes/mh/fH/mip/2a02:8c8:c10:30::15/mm/42/mn/sn-aigzrney/ms/onc/mt/1645965075/mv/u/mvi/1/pl/32/file/file.mp4
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:2::7 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 27 Feb 2022 12:37:07 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 0-4478841/4478842
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4478842
Last-Modified
Wed, 16 Feb 2022 00:43:27 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://googleads.g.doubleclick.net
Expires
Sun, 27 Feb 2022 12:37:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame 4209 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5547.612085REGITAL.COM/B27306636.329323117;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=2923430905;ord=u0tvoo;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCk-cwcnAbYtPlIrie7_UPlsmU-Au0t-rMaImV0PDdD_AuEAEg5-TyFmC7BsgBCakCp0rGnZOBtj6oAwGqBJACT9C8_lcrX_MxAX9lBwLSvqFxSrkp38umZYwle5-U0XJyDKkmPAndnKfCQ15Zias_BfftEpgNndEWJEb0JanI2M4OfRLttjM2LkpVEXVifIgaGFSxHGKFSN528diuEGu4vdjyEkdjl5RccSbv-zj8dL1lI0SAtFlp5OdRviXqIZ7SdUru20wkPpNT38zroFdYeuTs9qqxPES-Aj5vrQExWKvu4p9OZ1eNQ9EphIlr7z3-Hl-vDTnmjQKgfvwCTRrI2e3mc_qyRiuTsFLoijrrSde3hV8imynAoiPHJtBCblxzNJkEAU0mMlaWt8sNX543EGmct6g2-aueP5e-uCIStjSSS9WDggMflLvIaeZpGQbABL-T1ub8A-AEA4gF7Jno-TyQBgGgBk3YBgKAB8TkgZQDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcAoAiKFrAIAtIICQiA4YAQEAEYH4AKAZgLAcgLAYAMAbATtLipDtgTCoIUFRoTd3d3LmJ1aG9ibGlrLm9yZy51YdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASBORozZk%26sig%3DAOD64_2FQLIPMqbdZ1y0csBPF-xl_Lr-Qw%26client%3Dca-pub-5630956766216465%26dbm_c%3DAKAmf-B5-nrSZZFXGXfs7oMWcfOXWGSYPxht0ysnF77J6Ea9YN4c4BhXXRLJ_qUF8ATDLChTpy9S1bwVNFR-qscfr8w6tMthz4CORq0FuggBIHg3R4xPBE6-7Sv5465uj7pDtd7U0XVqcLjK5WMZHX-u0d8qSOAFYA%26cry%3D1%26dbm_d%3DAKAmf-DHVQ92K5M450vYVeKysv2ULdvcALIWsVv4_qSZQzY8d5ouF1px_eA-NC_d1Dx8scXC5gCDilOJ7A0xMSQF_daBF1sjTCfRA7sk69CBUm4l8aLipLGW3PBkVZOu4EDB08q5pywG45apbgLdT0GGTLokqyBiofMk-WDNfPb61tHpxENUK2jAio_KbFSO7URHK7NCpKY7XQKqqDEq3sh-BTsh1GlfJcOa3a3CoYRsSYrHBKVqnCT9m5NVvba5RyMHnfLhk6j-TPdE-04P0qz7_YJ7ETAxfM2qDW9Z_cfi6rocv4XznrxHveaTHNbjn3X9_1JRfcHOG4R81C1YmbtTKDjIpdfqUtnnvux1-ESkJii0DiCw6k39Euwbz7oV_OLpAg-rHVaFwe40myjcru3Q0nyAUlGmQpF_2AHnlnTPBfKcUOuMcTlk0JmVyJibFCqC6thv1G0Mr7b4mhQ0r78IcAf7SC_sbQ%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.buhoblik.org.ua%2F$0;xdt=1;crlt=e7fP0-FmMq;sttr=138;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Mar 2022 12:36:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4209 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDv7zkXtZyaMDIFkHRvaX8utErI_J91E1yqw2kDBp-swYYfqfPmm7e2skjAYY7dlIqaSPJtBKBlOXHuD8NjKKQl3bNUVTyiVF2fpTIG6KWftLokPd-3N_5mqZVMrhspBYxgW1sGXVsVwVLd6G4q6fJPq0-4Q&sig=Cg0ArKJSzK8GrcUHnHiREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220223.86831&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5547.612085REGITAL.COM/B27306636.329323117;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=2923430905;ord=u0tvoo;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCk-cwcnAbYtPlIrie7_UPlsmU-Au0t-rMaImV0PDdD_AuEAEg5-TyFmC7BsgBCakCp0rGnZOBtj6oAwGqBJACT9C8_lcrX_MxAX9lBwLSvqFxSrkp38umZYwle5-U0XJyDKkmPAndnKfCQ15Zias_BfftEpgNndEWJEb0JanI2M4OfRLttjM2LkpVEXVifIgaGFSxHGKFSN528diuEGu4vdjyEkdjl5RccSbv-zj8dL1lI0SAtFlp5OdRviXqIZ7SdUru20wkPpNT38zroFdYeuTs9qqxPES-Aj5vrQExWKvu4p9OZ1eNQ9EphIlr7z3-Hl-vDTnmjQKgfvwCTRrI2e3mc_qyRiuTsFLoijrrSde3hV8imynAoiPHJtBCblxzNJkEAU0mMlaWt8sNX543EGmct6g2-aueP5e-uCIStjSSS9WDggMflLvIaeZpGQbABL-T1ub8A-AEA4gF7Jno-TyQBgGgBk3YBgKAB8TkgZQDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcAoAiKFrAIAtIICQiA4YAQEAEYH4AKAZgLAcgLAYAMAbATtLipDtgTCoIUFRoTd3d3LmJ1aG9ibGlrLm9yZy51YdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASBORozZk%26sig%3DAOD64_2FQLIPMqbdZ1y0csBPF-xl_Lr-Qw%26client%3Dca-pub-5630956766216465%26dbm_c%3DAKAmf-B5-nrSZZFXGXfs7oMWcfOXWGSYPxht0ysnF77J6Ea9YN4c4BhXXRLJ_qUF8ATDLChTpy9S1bwVNFR-qscfr8w6tMthz4CORq0FuggBIHg3R4xPBE6-7Sv5465uj7pDtd7U0XVqcLjK5WMZHX-u0d8qSOAFYA%26cry%3D1%26dbm_d%3DAKAmf-DHVQ92K5M450vYVeKysv2ULdvcALIWsVv4_qSZQzY8d5ouF1px_eA-NC_d1Dx8scXC5gCDilOJ7A0xMSQF_daBF1sjTCfRA7sk69CBUm4l8aLipLGW3PBkVZOu4EDB08q5pywG45apbgLdT0GGTLokqyBiofMk-WDNfPb61tHpxENUK2jAio_KbFSO7URHK7NCpKY7XQKqqDEq3sh-BTsh1GlfJcOa3a3CoYRsSYrHBKVqnCT9m5NVvba5RyMHnfLhk6j-TPdE-04P0qz7_YJ7ETAxfM2qDW9Z_cfi6rocv4XznrxHveaTHNbjn3X9_1JRfcHOG4R81C1YmbtTKDjIpdfqUtnnvux1-ESkJii0DiCw6k39Euwbz7oV_OLpAg-rHVaFwe40myjcru3Q0nyAUlGmQpF_2AHnlnTPBfKcUOuMcTlk0JmVyJibFCqC6thv1G0Mr7b4mhQ0r78IcAf7SC_sbQ%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.buhoblik.org.ua%2F$0;xdt=1;crlt=e7fP0-FmMq;sttr=138;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Feb 2022 12:37:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
6927578841484093519
s0.2mdn.net/simgad/ Frame 4209 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6927578841484093519
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645965425&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645965426386&bpp=18&bdt=351&idt=122&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&correlator=6049263549741&frm=20&pv=2&ga_vid=1015733277.1645965426&ga_sid=1645965426&ga_hid=469687113&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31062423%2C31064857%2C31065252%2C44757586&oid=2&pvsid=1252731358478569&pem=607&tmod=511167297&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=EtmAHCiu4P&p=https%3A//www.buhoblik.org.ua&dtd=135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
902b3d837f74b6e15fec7697c020b7213161452ba5dc70b257b646fb70f6ac0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 24 Feb 2022 22:35:50 GMT
x-content-type-options
nosniff
age
223277
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37602
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 15:35:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Feb 2023 22:35:50 GMT
truncated
/ Frame 4209 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b792352f321b7f3e1c7b0880264ff80763fff0d50d9ab390524f8a293f2c1ae8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 39AB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 26 Feb 2022 18:07:04 GMT
expires
Sun, 26 Feb 2023 18:07:04 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
66603
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sync.php
pixel.rubiconproject.com/exchange/ Frame 377C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1709 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
GS.d
js.cookieless-data.com/ Frame 76F1 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1645965427899
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.12 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-12.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:07 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
1
mc.yandex.ru/watch/23414332/
Redirect Chain
  • https://mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuacwhkv%3Afp%3A922%3Afu%3A0%3Aen%3Autf-8%3A...
  • https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuacwhkv%3Afp%3A922%3Afu%3A0%3Aen%3Autf-8%...
338 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuacwhkv%3Afp%3A922%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A452696730693%3Ahid%3A140422185%3Az%3A0%3Ai%3A20220227123707%3Aet%3A1645965428%3Ac%3A1%3Arn%3A235461099%3Arqn%3A1%3Au%3A1645965428340091172%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1645965425315%3Ads%3A0%2C0%2C296%2C1%2C354%2C0%2C%2C375%2C10%2C%2C%2C%2C1094%3Aco%3A0%3Arqnl%3A1%3Ast%3A1645965428%3At%3A%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7eb61e8b34f5dc6e65454562fc59107335bce8f97f69958143d5b679be7fccbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 27-Feb-2022 12:37:08 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.buhoblik.org.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Sun, 27-Feb-2022 12:37:08 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Sun, 27-Feb-2022 12:37:07 GMT
location
/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuacwhkv%3Afp%3A922%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A452696730693%3Ahid%3A140422185%3Az%3A0%3Ai%3A20220227123707%3Aet%3A1645965428%3Ac%3A1%3Arn%3A235461099%3Arqn%3A1%3Au%3A1645965428340091172%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1645965425315%3Ads%3A0%2C0%2C296%2C1%2C354%2C0%2C%2C375%2C10%2C%2C%2C%2C1094%3Aco%3A0%3Arqnl%3A1%3Ast%3A1645965428%3At%3A%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.buhoblik.org.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 27-Feb-2022 12:37:07 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
last-modified
Fri, 18 Feb 2022 11:36:57 GMT
etag
"620f5aa9-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 27 Feb 2022 13:37:07 GMT
HLR3.js
umagnet.ru/cli/cdn/ 		113 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://umagnet.ru/cli/cdn/HLR3.js
Requested by
Host: static.tnsis.ru
URL: https://static.tnsis.ru/c82up/smart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
d55d7104a0d0ff35d25e1a137a9aab4df566ceb08866807e019434ac45bcc704

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
mode
no-cors
last-modified
Tue, 04 Jan 2022 20:05:26 GMT
server
nginx/1.20.1
etag
"61d4a886-1c309"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
115465
view
googleads4.g.doubleclick.net/pcs/ Frame 4209 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDv7zkXtZyaMDIFkHRvaX8utErI_J91E1yqw2kDBp-swYYfqfPmm7e2skjAYY7dlIqaSPJtBKBlOXHuD8NjKKQl3bNUVTyiVF2fpTIG6KWftLokPd-3N_5mqZVMrhspBYxgW1sGXVsVwVLd6G4q6fJPq0-4Q&sig=Cg0ArKJSzK8GrcUHnHiREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=180&vt=11&dtpt=179&dett=2&cstd=0&cisv=r20220223.86831&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5547.612085REGITAL.COM/B27306636.329323117;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=2923430905;ord=u0tvoo;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCk-cwcnAbYtPlIrie7_UPlsmU-Au0t-rMaImV0PDdD_AuEAEg5-TyFmC7BsgBCakCp0rGnZOBtj6oAwGqBJACT9C8_lcrX_MxAX9lBwLSvqFxSrkp38umZYwle5-U0XJyDKkmPAndnKfCQ15Zias_BfftEpgNndEWJEb0JanI2M4OfRLttjM2LkpVEXVifIgaGFSxHGKFSN528diuEGu4vdjyEkdjl5RccSbv-zj8dL1lI0SAtFlp5OdRviXqIZ7SdUru20wkPpNT38zroFdYeuTs9qqxPES-Aj5vrQExWKvu4p9OZ1eNQ9EphIlr7z3-Hl-vDTnmjQKgfvwCTRrI2e3mc_qyRiuTsFLoijrrSde3hV8imynAoiPHJtBCblxzNJkEAU0mMlaWt8sNX543EGmct6g2-aueP5e-uCIStjSSS9WDggMflLvIaeZpGQbABL-T1ub8A-AEA4gF7Jno-TyQBgGgBk3YBgKAB8TkgZQDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcAoAiKFrAIAtIICQiA4YAQEAEYH4AKAZgLAcgLAYAMAbATtLipDtgTCoIUFRoTd3d3LmJ1aG9ibGlrLm9yZy51YdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASBORozZk%26sig%3DAOD64_2FQLIPMqbdZ1y0csBPF-xl_Lr-Qw%26client%3Dca-pub-5630956766216465%26dbm_c%3DAKAmf-B5-nrSZZFXGXfs7oMWcfOXWGSYPxht0ysnF77J6Ea9YN4c4BhXXRLJ_qUF8ATDLChTpy9S1bwVNFR-qscfr8w6tMthz4CORq0FuggBIHg3R4xPBE6-7Sv5465uj7pDtd7U0XVqcLjK5WMZHX-u0d8qSOAFYA%26cry%3D1%26dbm_d%3DAKAmf-DHVQ92K5M450vYVeKysv2ULdvcALIWsVv4_qSZQzY8d5ouF1px_eA-NC_d1Dx8scXC5gCDilOJ7A0xMSQF_daBF1sjTCfRA7sk69CBUm4l8aLipLGW3PBkVZOu4EDB08q5pywG45apbgLdT0GGTLokqyBiofMk-WDNfPb61tHpxENUK2jAio_KbFSO7URHK7NCpKY7XQKqqDEq3sh-BTsh1GlfJcOa3a3CoYRsSYrHBKVqnCT9m5NVvba5RyMHnfLhk6j-TPdE-04P0qz7_YJ7ETAxfM2qDW9Z_cfi6rocv4XznrxHveaTHNbjn3X9_1JRfcHOG4R81C1YmbtTKDjIpdfqUtnnvux1-ESkJii0DiCw6k39Euwbz7oV_OLpAg-rHVaFwe40myjcru3Q0nyAUlGmQpF_2AHnlnTPBfKcUOuMcTlk0JmVyJibFCqC6thv1G0Mr7b4mhQ0r78IcAf7SC_sbQ%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fwww.buhoblik.org.ua%2F$0;xdt=1;crlt=e7fP0-FmMq;sttr=138;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Feb 2022 12:37:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 945F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BWWlzc3AbYqjCDpGGzQbPr4yIBAAAAAA4AeAEAg&bg=!TU6lTgrNAAas2QJZrNk7ACkAdvg8WnAnjOOPmVAwITKXO97YKRnJxrpFBh-3ifCemmPwRjJr6tiuEAIAAAEIUgAAAANoAQcKAI5r2ZWRfy0e4qcb62SBNzKdA6xMzwUuLRuRtY5_J0hTePBG3VPqJ6VQLyZ-JZy3As_VLdKlX-_TFfx3ou17w3BpGr8OfUKC-LEb-afQChP4uL2rbdYoeMmzMErzf-nfZhPQeGTeE7a3Bh7FzWpwRde8ukaTJcw7ewDi2no9ZwK49MfxVWtxffjjo3dAdXCfmQLC2Szwck_jd_vAN8uGCcpCQOjOHO-LXBLX4_z7quP7NuG_7YmUQTk2wI2N2InD1x2Ox_HdcwjH3n6kdFRBGHU-aAVDoJG5DRx0LGGob4zwtTlbPWQN-YkDye1ZKBdghLf4fME8Wq3KOFvugxplvrhSAe_z5Uc8KDJwWgHr5kLBZS8ZC-0DmfGEqZrbugRGBPAp6qnqcS2heOhkI4N8DU78Ajt4u-OJqfu2ul3w_ldxzKwUeAilafFZ6rEC8f9DS9d79lfrbwkWOF8KZehKWpsrIfiHzYPTfE0LvtZgqZGSZ0Y6H2Ht5Qz0UpNqZB3Vm_yZOPM8ylXtiW9TWiWwCJU9p5mNdEWE34nZrZjWcSzWbu1zC1F5Huoq0JkzFXH-InSti5kJLvp16mRUOUaZrx8MEyoBKmaKWaxBo8CNhno_4vlzXMqCHjki764LXkkjVqeKRcopBU3W3YvhHqkTZ3IGBe36WDpxDvCP4fyYDUW8-RLnYCKde5oo6FabfpsgNJVwUgzUr-8pg_nT5hIh7qm4qUjvhqsSrYH20LbcEJbTRXj73-vjgC4SBlMJa9wueNbqyrD5Y3L-sSBvzFV-PBnchxWLUx-a6Cm-zLIHmw2MOgtuAXucytBKHROeZpDNVzsQyV0J9ynpZUrWCDHJJIrTfH53o45AK5cWRQgE2IKGciQv3_hsnCuXi75G9NnWcfiqtMSjNuIEDaEA2Hx4usrySQ4iqnW-matnQukTNERx9jIb5zAzzW6HXIhg56_5A9xZKRlvoH4-1iXu6IL64CjlVgqx9MjyxahpqJg30yE7Krf-lBUvXYOx1c7R9djU1c8nwxk0zuLVUtIF0fPAfq86mVsjc-P4093SmzP4g4VXAH9Qcj6aqpZ2oIywqo9B-r_ZZEwdFkQkYzUt2HPB0XCd0obvZZZyJVy-ieWOzpRs3nrxNg
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
U5D2RVqZ1PRjVXB30NjW_eGY8d3xtAEXQJvJ3b52R2Q.js
pagead2.googlesyndication.com/bg/ Frame 39AB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U5D2RVqZ1PRjVXB30NjW_eGY8d3xtAEXQJvJ3b52R2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5390f6455a99d4f463557077d0d8d6fde198f1ddf1b40117409bc9ddbe764764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sat, 26 Feb 2022 16:09:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
73684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Feb 2023 16:09:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B982 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6-AOc3AbYv2YDLyU7_UPuNmLsAsAAAAAOAHgBAI&bg=!RUalRgLNAAas2QJZrNk7ACkAdvg8Wm8nIh63TddZsUQQK36kG2iae70HB4ZMFWtg7TyjyuMdKmDPugIAAAD7UgAAAAFoAQeZAswI6uGt7UddUMQPGEIXg7_nyuKS6WmZ7eCOy8sabB8Acu1qQid6dk8_VhD79g4uYndSzpeAZbMqKZAF5owA-S5f2whvvbjRa3ykTPyRVS1AMoNMwksHUos5g_Dgw-7tnnS7mtaXRADJEbIdEhYxpoZXlFP0a4v_avkZxqlZeyEJ7osKeiXYp67dqcXKZH7Tf7_pR11tIuLII0brNKWsjk-FPHcPGkvKXipfa0szU07eihgqvy4KFZKR-SxlaXqbGPXZ1KoG9_ZVFXhDp2L1xGvpS6WtGNKohMG4udY2DaL7p_okis-IhqMe5uP7tdtlMOSxtI0fPZB6qypoo2pUWOPyB7x2O60TRkFnMNaafOHdigZIuOosOX4IpmX_X4ViF1cIHzyNJI-V82bB2YOzDb5VzcEIa9zIcJlA8G1bDjTDFTOYPX4YZqixynP9jGzRPEVnvEAJxwAwgtINIVLg4t6TNZHAsfrJB5eAde6ml3gxu_XAmylzmw-dp-aKKlLLwA37ju-TeXue9fZnjQUgs-_7KGbyuIJxYiXtVifA_zI51CFL9RQorDaVzLBU8ukJ7P9eUiRZrf-zY6NRgRFfi6II2tfIjzPm0v_4u3BfuTNwH8FkQ_Av_a2ZFtq5GKFY5s5u3RaaP10uuBbGOfco4uOZjXeq-T1qQWXNJ5LFSEgrmK7wYSz-IZA8oi3D9-1CHApeXX2LKtsOkftdn0mZTCVJj3RaSg4novCTM2ipsNcJlg99PusxhYicqdHPKv-LwD4szoYsva3icjSRhI0jBLNoQy6_OgteqrYwYKw7uX-W0Oia1cpavbqkEJzmUfc5LPtG2g2eZe_57kNI01FYvd8HcPzJNld8mFA9CRKNWarbQI51b7uQwTFUf9Xo8-bKaLtQWBCv75o0t7I2DgaKhGkBIRF07-f1xHtKVIS889ORN0aJR54vvJQ_bwwNaw
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 3966
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:08 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sun, 27 Feb 2022 12:37:08 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame E4C2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhtwdAAJVqlBjABB&gdpr=0&gdpr_consent=&_test=YhtwdAAJVqlBjABB
1 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhtwdAAJVqlBjABB&gdpr=0&gdpr_consent=&_test=YhtwdAAJVqlBjABB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:08 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug016:0:479
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YhtwdAAJVqlBjABB&gdpr=0&gdpr_consent=&_test=YhtwdAAJVqlBjABB
accept-ranges
bytes
date
Sun, 27 Feb 2022 12:37:08 GMT
via
1.1 varnish
x-served-by
cache-lhr7339-LHR
x-cache
HIT
x-cache-hits
0
x-timer
S1645965428.171579,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame DCBD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3e4a621b-7073-4400-b55d-fec87dfdb1e5&gdpr=0&gdpr_consent=
42 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3e4a621b-7073-4400-b55d-fec87dfdb1e5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:08 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug030:0:733
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Sun, 27 Feb 2022 12:37:08 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4172 645ee8c master zrh-pixel-x31 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3e4a621b-7073-4400-b55d-fec87dfdb1e5&gdpr=0&gdpr_consent=
Expires
Sun, 27 Feb 2022 12:37:07 GMT
bridge
cm.adgrx.com/ Frame 6827 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Sun, 27 Feb 2022 12:37:08 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
adx
match.prod.bidr.io/cookie-sync/ Frame FBB9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFMUJrN0VOdUVBQUFNYmY0eVd0dw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.16.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-16-91.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sun, 27 Feb 2022 12:37:08 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sun, 27 Feb 2022 12:37:08 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usersync.aspx
dis.criteo.com/dis/ Frame D957 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Sun, 27 Feb 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
465382
strict-transport-security
max-age=31536000; preload;
141
match.deepintent.com/usersync/ Frame 212B 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Sun, 27 Feb 2022 12:37:08 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 2510
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=650334208010
42 B
204 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=650334208010
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:08 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug025:0:404
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

content-length
0
access-control-allow-origin
*
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=650334208010
Pug
simage2.pubmatic.com/AdServer/ Frame 6240
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Dn9tcXnO1NoiNu5&gdpr=0&gdpr_consent=
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Dn9tcXnO1NoiNu5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:08 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug006:0:499
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Sun, 27 Feb 2022 12:37:07 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Dn9tcXnO1NoiNu5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
i.match
s.tribalfusion.com/z/ Frame 9F79
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e4176773de00656-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sun, 27 Feb 2022 12:37:08 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
11679
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e4176761c1e0656-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
noop
px.owneriq.net/ Frame 435A
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
0
Content-Type
image/gif
Date
Sun, 27 Feb 2022 12:37:08 GMT
Connection
keep-alive

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sun, 27 Feb 2022 12:37:08 GMT
Connection
keep-alive
Pug
image2.pubmatic.com/AdServer/ Frame 446F
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=f4160edd-d830-44aa-8346-f3071a4ea177
1 B
271 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=f4160edd-d830-44aa-8346-f3071a4ea177
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:07 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug020:0:481
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Sun, 27 Feb 2022 12:37:08 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=f4160edd-d830-44aa-8346-f3071a4ea177
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
usersync
match.bnmla.com/ Frame 2750 		0
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 27 Feb 2022 12:37:08 GMT
Content-Length
0
Connection
keep-alive
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 9DA8
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=a8f54778-bdc6-42f7-8ac2-831a3a82fb04&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
42 B
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.71.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-71-171.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
content-type
image/gif
content-length
42
server
Kestrel

Redirect headers

server
nginx
date
Sun, 27 Feb 2022 12:37:08 GMT
x-lat
lhrpug025:0:1079
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
Pug
simage2.pubmatic.com/AdServer/ Frame B130
Redirect Chain
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=ae4a4d29-f74c-4365-9a48-0327b8509eb6
42 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=ae4a4d29-f74c-4365-9a48-0327b8509eb6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:08 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug001:0:543
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Date
Sun, 27 Feb 2022 12:37:08 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=ae4a4d29-f74c-4365-9a48-0327b8509eb6
Content-Length
0
Connection
keep-alive
csync
sync.adtelligent.com/ Frame B316 		0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
VertaMedia 1.0
Date
Sun, 27 Feb 2022 12:37:07 GMT
Content-Length
0
Etag
b7234acbe79ee4e9
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0375
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xGlwQbyzSm2Tm1zdH7Faew%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=83784
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Mon, 28 Feb 2022 11:53:32 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
420486.gif
idsync.rlcdn.com/ Frame 0375 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/420486.gif?partner_uid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
via
1.1 google
alt-svc
clear
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=14b9621b-7074-4700-b2b7-e8effa70f27c
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=14b9621b-7074-4700-b2b7-e8effa70f27c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 27 Feb 2022 12:37:08 GMT
Server
MT3 4172 645ee8c master zrh-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=14b9621b-7074-4700-b2b7-e8effa70f27c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 27 Feb 2022 12:37:07 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQ2OTcwNDEtQkNCMy00QTZELTkzOUItNUNERDFGQjE1QTdC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:06 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:338
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELVkCeXf2tVkPs6BYHi1NQE&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELVkCeXf2tVkPs6BYHi1NQE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:433
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELVkCeXf2tVkPs6BYHi1NQE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 0375 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 26 Feb 2022 12:37:08 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7453319797025266452&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7453319797025266452&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug026:0:628
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7453319797025266452&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=27c6900a-cee8-43c7-9df9-2ddc4dabbe41
42 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=27c6900a-cee8-43c7-9df9-2ddc4dabbe41
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:525
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=27c6900a-cee8-43c7-9df9-2ddc4dabbe41
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0375 		43 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C4697041-BCB3-4A6D-939B-5CDD1FB15A7B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:21e5:efde:30c9:e168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rXS467xE2uUBOlUW3ocd.CeNQ3eQMYg-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rXS467xE2uUBOlUW3ocd.CeNQ3eQMYg-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rXS467xE2uUBOlUW3ocd.CeNQ3eQMYg-~A&gdpr=0&gdpr_consent=
date
Sun, 27 Feb 2022 12:37:08 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4418958318859421880&gdpr=0&gdpr_consent=
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4418958318859421880&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:353
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:08 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7f6b11e7-ee2b-4f46-833f-aca70910934c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4418958318859421880&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 0375 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:462
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:07 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=fa3d3b1f-97c9-11ec-8681-7f9b9a30e98b&gdpr=0&gdpr_consent=
1 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=fa3d3b1f-97c9-11ec-8681-7f9b9a30e98b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug021:0:433
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=fa3d3b1f-97c9-11ec-8681-7f9b9a30e98b&gdpr=0&gdpr_consent=
Date
Sun, 27 Feb 2022 12:37:08 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
fa3d3b20-97c9-11ec-8681-7f9b9a30e98b
Pug
simage2.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=95e8d83a-fe79-43ad-91a3-e598c0ed80d2
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=95e8d83a-fe79-43ad-91a3-e598c0ed80d2
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b4e5a64a-cae4-4f24-8433-cf119ae27d3f&user_group=1&ssp=pubmatic&bsw_param=95e8d83a-fe79-43ad-91a3-e598c0ed80d2
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=95e8d83a-fe79-43ad-91a3-e598c0ed80d2&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=95e8d83a-fe79-43ad-91a3-e598c0ed80d2&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:550
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=95e8d83a-fe79-43ad-91a3-e598c0ed80d2&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 27 Feb 2022 12:37:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6bf6T-i1_B7y5_8Z6LzmHO-z_BTy5_oZ6OaIbeOt
42 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6bf6T-i1_B7y5_8Z6LzmHO-z_BTy5_oZ6OaIbeOt
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:07 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:509
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6bf6T-i1_B7y5_8Z6LzmHO-z_BTy5_oZ6OaIbeOt
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4005301367276200709
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4005301367276200709
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug030:0:426
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4005301367276200709
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sn.ashx
pmp.mxptint.net/ Frame 0375
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B331_EBF2A9E7_B9CA815&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Server
4.78.226.233 Mobile, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-328952228; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:08 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-328952228; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sun, 27 Feb 2022 12:37:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:454
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 0375
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4418958318859421880
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4418958318859421880
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:393
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:08 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5ece1255-135a-4400-b9cd-6c2660ffb878
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4418958318859421880
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F0A7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsum4aM7BvGtdsA0RtsGdcLzH44nrt158AJzc8TbbuI-0vckfDo9keOsThioVMYwmvKLdfQE2Wc-MI4vXrOA292hGw&sig=Cg0ArKJSzJEgQQX6GLrGEAE&id=lidar2&mcvt=1013&p=0,0,280,730&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20220223&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3078983205&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645965426547&rpt=507&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
m.aliexpress.com/ Frame A092
Redirect Chain
  • https://s.click.aliexpress.com/e/_9i9ptp
  • https://sale.aliexpress.com/September_fashion_new_lianmeng.htm?aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=...
  • https://www.aliexpress.com/?aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc7684764...
  • https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9p...
22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Requested by
Host: grsync.ru
URL: https://grsync.ru/cdn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.246.208 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-208.deploy.static.akamaitechnologies.com
Software
Tengine/Aserver /
Resource Hash
c3e63ad6bd6cb434f1bc88eb5edcd200091ed2211a0e0271e1499cfc37c53d26
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

content-type
text/html;charset=UTF-8
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
x-application-context
ae-msite:prod,de:7001
analyticdomain
ae.mmstat.com
pageid
7ad05515-c755-45eb-b275-b9680e2bf61b
resin-trace
ali_resin_trace=cv=1|aeu_cid=1954d60e8e2f45578465b75f3541ec85-1645964906540-02673-_9i9ptp|tp1=|ws_ab_test=|af=|cpt=|aep_usuc_f=site=glo&c_tp=TRY&region=TR&b_locale=en_US
ali_apache_track
content-security-policy
upgrade-insecure-requests
content-language
en-US
content-encoding
gzip
server
Tengine/Aserver
eagleeye-traceid
2100bdca16459649072078060e3697
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
6772
date
Sun, 27 Feb 2022 12:37:08 GMT

Redirect headers

content-type
text/html
content-length
258
location
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
access-control-allow-origin
https://hz.aliexpress.com
server
Tengine/Aserver
eagleeye-traceid
0bb0623616459654288138808e5331
strict-transport-security
max-age=31536000
timing-allow-origin
*
date
Sun, 27 Feb 2022 12:37:08 GMT
link
<https://assets.alicdn.com>;rel="preconnect"
server-timing
cdn-cache; desc=MISS edge; dur=87 origin; dur=4
gen_204
pagead2.googlesyndication.com/pagead/ Frame 39AB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHnvCc3AbYsfOKbaH7_UPmM-0iA8AAAAAOAHgBAI&bg=!a2ilaCzNAAas2QJZrNk7ACkAdvg8WgIJDrQiK420oVTSqlaQeZ3dUG3JydcwXIAY2nDrGBxMPgw5pQIAAABgUgAAAAJoAQeZAsrHPMYU8B7PCDPjgbMmNOeENNFjNo3k4N6S4uW_CzXcUbnmoJDTcmqqkDkc-u0K9qIaRGbmw09ezm9RFXxBZS4NI1jm6FUvvWULWqKkzpzEpnrCR_PvPkhe1ru4VvQspiE9wMxtHnQVaBN7bSjb7jYVmAEZLrLk3Lto7QrvFcHMvG2JrtylG1pzTXCcc4mLEIe5Tw6-A3Wz_O3aYl5AbS12zkNlWnctsjvT8AqV1cjRVYXpagGyzCSzMPev5Q1g-XYHarMDf_Q5270jkjKHRc92o1Gigmx2itd6SmaMHINOYzd6_CTrxUU89iTvMOfrsjyf6ys0iuSHlsjOur8afqz2snwo2etalOgLrWbKakmP0f70BWWHKxsZi6iW74v0S6nUxMnJTwhaMxq0CzpYEHuJecZWjYu6i5CUszp2neNZkmOeq6Mm71u6Kw8FIx6W_N1K8JyD443tsEt1mae32kcxEfohTcX-XXNbZQVbu646boy9Hi-L60fUz-FMekBzNNz_qyhEHH_Ysi71AiPVUF6W-2FuvWEit3vgqXOH6Z6H1uK1W2afwndn9j-U8G4CvO14GCnHrXw8Qd66kPbgiG_LzyVkqdGyzEOJiK5tbNZbRUqA96HznohQrCzPl_C2cdjsC_fN19XTHBY2dWeWK94I_OoN0QV2QxI1_lqy5lf_JXppQK61bnH1sD2c46V69EXwsS2kPFNtsrg0Dy8isZY-Hdq4c_Kvp-Gt4iYtq-06S7kw9Vf5UNyX6QKMEj4saOZhX9opHXpHXrix0y09IvBzOs9D0qIcS9oNIWmEDqbL_eHWHcQRXNeps88WTTMiTvyd7hQfsysVPxodLOBHztenaHCb9pONrEmHkNtjpRLg2jRjj15dJw9CP9bVwKtulJpUtDkIIXCZaEDKre1eaN0IPcGGsRBUB30Y-KiWx4ke-G1wOHUy3prBNxg
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
userconnect.js
js.adscale.de/ Frame 9088 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-amz-version-id
E3f4fnDzYQuR6tv4jJsHHlW.gMOxmlV_
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 09:32:21 GMT
server
AmazonS3
age
2740
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Sun, 27 Feb 2022 11:51:29 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
0tZ6N0HoTFtCOlyEDxzaybjpqb00ZqMD9ewODV6slcL-LdAJDuSU0Q==
csync
sync.console.adtarget.com.tr/ Frame 9088 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=82130a575f9b48f79038e1fa8ec040ca
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:08 GMT
Server
VertaMedia 1.0
Etag
52b2c000b24abaaf
Content-Length
0
userconnect
ih.adscale.de/ Frame 9088 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1645965428259&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame D6CC 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
02e56f5bcfacdf85d37dc3bebb529b7d2ed1b3fffa6bc2ec9cc1901aaf511003

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
csi
csi.gstatic.com/ Frame 6A7D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l059bfri&c=3857411053197&slotId=1928705526598.5&qqid=CPvJwoTzn_YCFZjBOwIdiSUM0Q&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=500&br=471&mt=video%2Fmp4&vs=720x406&ulv=1&cll=0&vmfc=9&vhc=0&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C344%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4002:814::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match.js
js.adscale.de/ Frame D6CC 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2457f1105373752b385b0c0263ce46b21d60c9aa05ecbf30c150543d6c23ebb5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-amz-version-id
wFCIaxqzFhzmkgPh8kSpcYtCILV.SPPV
content-encoding
br
last-modified
Wed, 23 Feb 2022 09:32:21 GMT
server
AmazonS3
age
3885
etag
W/"c5b02d77a0a14517ae6436b36ad52878"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Sun, 27 Feb 2022 11:32:25 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
HT0GjkphxjPGre_FGqZOpScY-_xSDid19-3dU1CyFaYa5FFyo2fv5w==
img
ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/ Frame D6CC
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=82130a575f9b48f79038e1fa8ec040ca&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646e0960bba3f253c31ae%2F1645965428326%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?tpid=101&tpuid=BBID-01-03206794285498474-16536888
49 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?tpid=101&tpuid=BBID-01-03206794285498474-16536888
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Sun, 27 Feb 2022 12:37:08 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?tpid=101&tpuid=BBID-01-03206794285498474-16536888
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
all
csm.eu.criteo.net/ Frame FA42 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=_KVvLpA1nEyV2X7HShDPCOeierSLa7z2Q0cqAvm-eAkq8h2rIp3vDZJtPJAPSu1Z5bVaht4QL3MkmggXyHXNYV1V5hMm3URln2Hv58oeBsz1ByE3vlTKI8eQcQ-i1MLuewnN2vE1z8a5C5480gMQJpqzZUv_6mRDnXa05H9AIEZJYWrqYVCu8XEaM5BDXS6zV_KZDwzv6gpodJqjVH_-X4EGbmQYwaTeXF5vHUVbzlKEL_M3a8ZK0RDflfYVPCpHJVi2QA&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhtwcgAJHEgKm4HuAAF1NU-0BuHVVoGTN_TNbg&u=%7CzVZPTHW9ilJrPImAQI0Q8hiLTFTxFlbDWr9WjS0wIMk%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qltZ6n3aHkjZn4D4xpZxK44a5GUsAXKLbQ9lokH4L4XK3tIMpcSDWwObcAem361v1_jbGAEAZQRtEj5J4RG3syBUPFsJGGsVL3wHErkS9yVKADq-MG1SKFBkjMBMwFIDeybx7IPht029ysmmu9_tSjx5TbmoXzMkigoM-YcbnOMtRqsPPQc6NKHmF8Kzqd_D-hKbHJ-Ya5UYapWsxIn0DCryb9hK80GShOERENwvxy4iaID7EZXBwMEKf7H4x6hzn_WUo48S_OPNhZaPdWnQ1pFybtIvI9PPe35sMZNAxQhjuFVXIEa1edJAd-wuSDZaG0J9Pb0zOhihLPmwNkjESm1UgOBatSxyMfpYjvYyJNWPxsJisZ__e-Ti-emQCFnZuZDdn5-2Ei8Q90PtrARGCRZqLbaazGTPFTHGZDzWLN8jWcwqyKNyojcFpTFDRtpPyQPHfxlWiBrzE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCj5yncnAbYsi4JO6D7gS16oWwAeSP0rFcp-C09IgBwI23ARABIABguwaCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaABvdSI6wPIAQmpAqdKxp2TgbY-qAMBqgTjAU_Qwg6gsS26-DGojpjSn65HW9uaS9IYb7OBCzqZ500FKlkIKVj-Uib4PwfolLR1a4cUqn6szSXFJvkbxzexQC-4Zv074KQjlfOG45Xpzw8qCErt_n2ufrsltX7ZspWEkQ8m5ERLkRP5MrpHq4Gh0mtq6Zrf6QF5Ew_wW0uStNEji-_RDc8V9TpYRLhWsZIwkX2BZKMXIDWq6LyCY5mhcaob6LBiCzir9_CH0r7FmiVKTzQ88kq092qde9yq8WZVIbTWCD82wWj52TnswhN-yZ06Q6zVj8iYJjXIbg05bKFVF910gAapxaqunNCghymgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2aoUfeGC0LrQQ1BZ3R7hCO7kH0EA%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 27 Feb 2022 12:37:07 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=dab6be62-b1e7-4d05-a12c-0a70b3291504
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 27 Feb 2022 12:37:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ptrack
a.audrte.com/ Frame 37F9 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=5.187.21.101&p=M1353665098&artime=2022-02-27T12:37:08.515Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b4da382f3b34b73d6fc49ecdf47e7d2b2a7e1f6d443a67bad1ba596c8cfcd482

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:08 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
share.php
vk.com/ Frame 28EE 		21 B
478 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&format=json&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&callback=callback__utl_cb_share_164596542854760
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv194-139-240-87.vk.com
Software
kittenx / KPHP/7.4.110257
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
content-encoding
gzip
x-frontend
front623304
server
kittenx
x-powered-by
KPHP/7.4.110257
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
41
share.php
vk.com/ Frame 28EE 		21 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&format=json&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F%3F_utl_t%3Dvk&callback=callback__utl_cb_share_1645965428547524
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv194-139-240-87.vk.com
Software
kittenx / KPHP/7.4.110257
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
content-encoding
gzip
x-frontend
front623304
server
kittenx
x-powered-by
KPHP/7.4.110257
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
41
dk
connect.ok.ru/ Frame 28EE 		25 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fwww.buhoblik.org.ua&callback=callback__utl_cb_share_1645965428548269
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.147.3 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
ip3.147.odnoklassniki.ru
Software
apache /
Resource Hash
1ceec8e1180b36a40742677a5e18cb3c7c441cede741dd89342255ac52826d19
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=63072000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
content-encoding
br
vary
Accept-Encoding
rendered-blocks
WidgetExtLike
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection
1; mode=block
pragma
no-cache
server
apache
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
dk
connect.ok.ru/ Frame 28EE 		25 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fwww.buhoblik.org.ua%2F%3F_utl_t%3Dok&callback=callback__utl_cb_share_1645965428548622
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.147.3 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
ip3.147.odnoklassniki.ru
Software
apache /
Resource Hash
48c9d4c7de428659c0bf883ab5abff3388164c16a1018775bb9310b483fd2112
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=63072000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
content-encoding
br
vary
Accept-Encoding
rendered-blocks
WidgetExtLike
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection
1; mode=block
pragma
no-cache
server
apache
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
count.json
api.pinterest.com/v1/urls/ Frame 28EE 		89 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&callback=callback__utl_cb_share_1645965428548915
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
38d66f6deda717910858b961474a7d146dca5a004e34c0b02a31093786aae24b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.a4247e68.1645965428.325266c7
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
x-pinterest-rid
1711602167336963
content-length
89
expires
Sun, 27 Feb 2022 12:52:08 GMT
count.json
api.pinterest.com/v1/urls/ Frame 28EE 		99 B
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F%3F_utl_t%3Dps&callback=callback__utl_cb_share_1645965428548625
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
75bd1f81af15637152a8cd0c38b2f71b346f7000c3401ddef0a71b9d04963e41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.a4247e68.1645965428.325266c8
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-pinterest-rid
3765674242429689
content-length
99
expires
Sun, 27 Feb 2022 12:52:08 GMT
share_count
connect.mail.ru/ Frame 28EE 		86 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.mail.ru/share_count?func=mrc__shareInit303&url_list=https%3A%2F%2Fwww.buhoblik.org.ua%2F&callback=callback__utl_cb_share_1645965428548440
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.100.180.55 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
connect.mail.ru
Software
nginx /
Resource Hash
83347cadda078bd6fac74dee71deaa2cea28e5abcd538796c2613cbc525034a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:08 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-WebKit-CSP-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options
DENY
P3P
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control
no-cache, no-store, must-revalidate, private
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
86
X-XSS-Protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
share_count
connect.mail.ru/ Frame 28EE 		96 B
683 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.mail.ru/share_count?func=mrc__shareInit643&url_list=https%3A%2F%2Fwww.buhoblik.org.ua%2F%3F_utl_t%3Dmr&callback=callback__utl_cb_share_1645965428549223
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.100.180.55 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
connect.mail.ru
Software
nginx /
Resource Hash
b1f8d546d6bab8c3c218725bd914e0ee71c8487cafb78a3a1b37ca32aac2f613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:08 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-WebKit-CSP-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options
DENY
P3P
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control
no-cache, no-store, must-revalidate, private
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
96
X-XSS-Protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
support.html
w.uptolike.com/widgets/v1/zp/ Frame 901B 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/zp/support.html
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

Server
nginx
Date
Sun, 27 Feb 2022 12:37:08 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=1800
Expires
Sun, 27 Feb 2022 13:07:08 GMT
Content-Encoding
gzip
g
a.audrte.com/ Frame 37F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a66-KRB3chpSkOEirx-pvIuuQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a66-KRB3chpSkOEirx-pvIuuQ&gdpr=0&gdpr_consent=&google_gid=CAESEK9J4WAvga8tWavco6cQPmw&google_cver=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a66-KRB3chpSkOEirx-pvIuuQ&gdpr=0&gdpr_consent=&google_gid=CAESEK9J4WAvga8tWavco6cQPmw&google_cver=1
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a66-KRB3chpSkOEirx-pvIuuQ&gdpr=0&gdpr_consent=&google_gid=CAESEK9J4WAvga8tWavco6cQPmw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
408
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ps.eyeota.net/ Frame 37F9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=a66-KRB3chpSkOEirx-pvIuuQ&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:08 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
a
a.audrte.com/ Frame 37F9
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4005301367276200709
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/a?adform_uid=4005301367276200709
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
server
nginx
location
https://a.audrte.com/a?adform_uid=4005301367276200709
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame D6CC
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=0bab807e0ea0672c3c59a9cad...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Yhtwcl5ycqmpYOSz6UUk4AAA%26208
49 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Yhtwcl5ycqmpYOSz6UUk4AAA%26208
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Yhtwcl5ycqmpYOSz6UUk4AAA%26208
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
309
Expires
Sun, 27 Feb 2022 12:37:08 GMT
img
ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/ Frame D6CC
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=e418a2d802df894811fc8682b99c78430ab1399cc05187ad7718935408d6e81c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646e0960bba...
  • https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?tpid=42&gdpr=0&tpuid=4005301367276200709
49 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?tpid=42&gdpr=0&tpuid=4005301367276200709
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
server
nginx
location
https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?tpid=42&gdpr=0&tpuid=4005301367276200709
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
upd
w.uptolike.com/widgets/v1/ Frame 28EE 		0
154 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/upd?id=ok&pid=1435493&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F%3F_utl_t%3Dok&c=6&callback=callback__utl_cb_share_1645965428858421
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 27 Feb 2022 12:37:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame D6CC
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=cd985754-8bf2-44a2-93fe-6f2ddd7cfa7e&gdpr=0
49 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=cd985754-8bf2-44a2-93fe-6f2ddd7cfa7e&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:08 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:08 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=cd985754-8bf2-44a2-93fe-6f2ddd7cfa7e&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2339445
content-length
0
expires
Sun, 27 Feb 2022 00:00:00 GMT
index.js
assets.alicdn.com/g/ae-fe/global/0.0.3/ Frame A092 		154 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/global/0.0.3/index.js
Requested by
Host: m.aliexpress.com
URL: https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
1e589330bfeb3738300c3c79d0bd373cd6f17cd8904927c7b99a06de2d1e647e

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
62019D9EA021C5353183C036
content-md5
prkhmRt0YCJQUoclmKII8Q==
x-swift-cachetime
44
x-oss-hash-crc64ecma
16903611061583817401
x-swift-savetime
Mon, 07 Feb 2022 23:30:10 GMT
content-length
43798
x-oss-object-type
Normal
last-modified
Fri, 25 Feb 2022 10:44:55 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1644273054
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=899645, s-maxage=3600
served-from
96.17.149.77
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SEATTLE_35994, GB_LONDON_20860
eagleid
0830559c16442766104368577e
x-oss-server-time
8
expires
Wed, 09 Mar 2022 22:31:14 GMT
index.css
assets.alicdn.com/g/ae-fe/home-msite/0.0.75/ Frame A092 		48 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/home-msite/0.0.75/index.css
Requested by
Host: m.aliexpress.com
URL: https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
dfb51a77a70ed38db9330f3c37cbb927f065a9a19b2ccd0edccc98dc6fd734ae

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6214F5F4DE9FFC32370AFB4E
content-md5
jE8dtvb5QedsOcOhiHdsHA==
x-swift-cachetime
86400
x-oss-hash-crc64ecma
4023521864408267460
x-swift-savetime
Tue, 22 Feb 2022 14:40:52 GMT
content-length
8419
x-oss-object-type
Normal
last-modified
Tue, 22 Feb 2022 14:40:53 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645540852
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2167466, s-maxage=86400
served-from
23.76.156.108
x-oss-storage-class
Standard
timing-allow-origin
*
network_info
US_SANJOSE_35994, GB_LONDON_20860
eagleid
a3b5109e16455408522298472e
x-oss-server-time
34
expires
Thu, 24 Mar 2022 14:41:35 GMT
index.js
assets.alicdn.com/g/ae-fe/home-msite/0.0.75/ Frame A092 		213 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/home-msite/0.0.75/index.js
Requested by
Host: m.aliexpress.com
URL: https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7bb3346371cffae91e494ffea471d08ebeaeac780114953e17419eb9bf93ff95

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6213681361234138394D2955
content-md5
Ldauj0XbqnMWuHASADR+Dg==
x-swift-cachetime
15258
x-oss-hash-crc64ecma
6052376766372896209
x-swift-savetime
Tue, 22 Feb 2022 06:08:57 GMT
content-length
53220
x-oss-object-type
Normal
last-modified
Tue, 22 Feb 2022 06:09:19 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645438995
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2065463, s-maxage=86400
served-from
104.98.3.60
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_CHICAGO_35994, GB_LONDON_20860
eagleid
2ff62a9616455101369732843e
x-oss-server-time
25
expires
Wed, 23 Mar 2022 10:21:32 GMT
index.css
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.css
Requested by
Host: m.aliexpress.com
URL: https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
0f84bd73c88c389d112f8ed3e53a66e76486943f3642de33d6df1c853f735a60

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216FB838B66A33638CA9366
content-md5
/vUwpIqh/7EwELYOWRtfNQ==
x-swift-cachetime
86371
x-oss-hash-crc64ecma
10559745788541521590
x-swift-savetime
Thu, 24 Feb 2022 03:29:36 GMT
content-length
1573
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 03:29:36 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645673347
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2300006, s-maxage=86400
served-from
23.58.92.165
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_ASHBURN_20940, GB_LONDON_20860
eagleid
2ff6179d16456733761532299e
x-oss-server-time
78
expires
Sat, 26 Mar 2022 03:30:35 GMT
index.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		68 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Requested by
Host: m.aliexpress.com
URL: https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
51016ca52f4b5ea24337df4e3555e8982a386b8cbf81d3064a5022d856688a62

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216F31791A6D33538675A38
content-md5
n9xDFwTpru3KjxbDG5ETsw==
x-swift-cachetime
86351
x-oss-hash-crc64ecma
16072047797213094646
x-swift-savetime
Thu, 24 Feb 2022 02:54:00 GMT
content-length
18313
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:54:01 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671191
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2297703, s-maxage=86400
served-from
23.216.148.151
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SEATTLE_35994, GB_LONDON_20860
eagleid
2ff6179916456712405426055e
x-oss-server-time
7
expires
Sat, 26 Mar 2022 02:52:12 GMT
fetch
m.aliexpress.com/api/home/ Frame A092 		18 B
1014 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.aliexpress.com/api/home/fetch?moduleId=glo_msite_home&sceneId=MSiteHome&new_locale=true&tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Requested by
Host: m.aliexpress.com
URL: https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.246.208 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-208.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
2f5b2833db1493d3cf56c173ea1bbebb6e07b2871466493c41e9c683f0485188
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-type
application/json;charset=UTF-8
server
Tengine
date
Sun, 27 Feb 2022 12:37:09 GMT
p3p
CP="CAO PSA OUR"
x-robots-tag
noindex
timing-allow-origin
*
content-length
18
eagleeye-traceid
2101d4a716459654290173567e7ca6
x-application-context
ae-msite:prod,us:7001
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame D6CC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=9063491132bf5b26ebf07ce4...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=14b9621b-7074-4700-b2b7-e8effa70f27c&gdpr=0&gdpr_consent=
49 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=14b9621b-7074-4700-b2b7-e8effa70f27c&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Sun, 27 Feb 2022 12:37:09 GMT
Server
MT3 4172 645ee8c master zrh-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=14b9621b-7074-4700-b2b7-e8effa70f27c&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 27 Feb 2022 12:37:08 GMT
img
ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/ Frame D6CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=390ca4ba8c3d51fb7164fd410342add6e5e93b08ff5921b64b2fda9a40190eec&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a...
  • https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?uid=390ca4ba8c3d51fb7164fd410342add6e5e93b08ff5921b64b2fda9a40190eec&tpid=38&gdpr=0&tpuid=CAESEBxUmhEwp5DLsmGzLkjCocY...
49 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?uid=390ca4ba8c3d51fb7164fd410342add6e5e93b08ff5921b64b2fda9a40190eec&tpid=38&gdpr=0&tpuid=CAESEBxUmhEwp5DLsmGzLkjCocY&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?uid=390ca4ba8c3d51fb7164fd410342add6e5e93b08ff5921b64b2fda9a40190eec&tpid=38&gdpr=0&tpuid=CAESEBxUmhEwp5DLsmGzLkjCocY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
assets.alicdn.com/g/ae-fe/static-ui/open-sans/ Frame A092 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/static-ui/open-sans/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Request headers

Referer
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.css
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
x-oss-request-id
61FD682C82DB30363372046E
content-md5
jj+XinfRkann+U/55wkAhQ==
x-swift-cachetime
3600
x-source-scheme
https
x-swift-savetime
Fri, 04 Feb 2022 17:53:48 GMT
content-length
8892
x-oss-object-type
Normal
x-oss-hash-crc64ecma
838915909867765876
server
Tengine
ali-swift-global-savetime
1643997228
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=623794, s-maxage=3600
served-from
2.16.187.13
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
network_info
GB_LONDON_20860
eagleid
2ff62b1a16439987284425248e
x-oss-server-time
6
img
ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/ Frame D6CC
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646e0960bba3f253c31ae%2F1645965428326%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?tpid=75&tpuid=4418958318859421880&gdpr=0
49 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?tpid=75&tpuid=4418958318859421880&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 27 Feb 2022 12:37:09 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 886.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d7f1d405-9467-40aa-9435-718889c7d949
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/img?tpid=75&tpuid=4418958318859421880&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
H2111329c7f0e475aac3930a727edf058z.png
ae01.alicdn.com/kf/ Frame A092 		0
0
7.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		495 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/7.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
9dfa629f6e589820f635505baf15af345cb6b3d6fb89126f5bf75cba3046630e

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216F36B82509230344597D7
content-md5
05nLxTjQjulP5lv0ieNBhQ==
x-swift-cachetime
86400
x-source-scheme
https
x-oss-hash-crc64ecma
7776564705461933740
x-swift-savetime
Thu, 24 Feb 2022 02:54:35 GMT
content-length
262
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 03:20:01 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671275
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2297816, s-maxage=86400
served-from
189.247.166.85
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
network_info
US_CHICAGO_35994, GB_LONDON_20860
eagleid
2ff6149816456712753511320e
x-oss-server-time
35
expires
Sat, 26 Mar 2022 02:54:05 GMT
mtop.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/mtop.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
971fdcab3ba510789903db0ad9ef8e1cfa1c549774ae463b6098c9c5ef8b0132

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216F31842284534328BEC8B
content-md5
d+CMDhQsyg7na1P1QAmn/w==
x-swift-cachetime
86400
x-oss-hash-crc64ecma
1445891712086061596
x-swift-savetime
Thu, 24 Feb 2022 02:53:12 GMT
content-length
7700
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:53:55 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671192
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2297750, s-maxage=86400
served-from
23.216.148.143
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SANJOSE_35994, GB_LONDON_20860
eagleid
4f85b09516456712347853826e
x-oss-server-time
6
expires
Sat, 26 Mar 2022 02:52:59 GMT
truncated
/ Frame A092 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/webp
promote.htm
mbest.aliexpress.com/m/ Frame A092 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mbest.aliexpress.com/m/promote.htm?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/home-msite/0.0.75/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.246.208 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-208.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0

Response headers

content-type
text/html;charset=UTF-8
server
Tengine
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
x-application-context
ae-traffic-affiliateweb-f:prod,us:7001
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
0
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
content-language
en-US
content-encoding
gzip
eagleeye-traceid
210318cd16459636989978710e0b46
timing-allow-origin
*
content-length
5667
date
Sun, 27 Feb 2022 12:37:09 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
assets.alicdn.com/g/ae-fe/static-ui/open-sans/ Frame A092 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/static-ui/open-sans/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/home-msite/0.0.75/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Request headers

Referer
https://assets.alicdn.com/g/ae-fe/home-msite/0.0.75/index.css
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
x-oss-request-id
61FD682C82DB30363372046E
content-md5
jj+XinfRkann+U/55wkAhQ==
x-swift-cachetime
3600
x-source-scheme
https
x-swift-savetime
Fri, 04 Feb 2022 17:53:48 GMT
content-length
8892
x-oss-object-type
Normal
x-oss-hash-crc64ecma
838915909867765876
server
Tengine
ali-swift-global-savetime
1643997228
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=623794, s-maxage=3600
served-from
2.16.187.13
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
network_info
GB_LONDON_20860
eagleid
2ff62b1a16439987284425248e
x-oss-server-time
6
loader.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/loader.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
3f13c18a72dbb2df0bec3bab6ed0bf00ae54cd5ab23f21a412cda735ee4e1fda

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216F318794E7E3835963A56
content-md5
d4WepMlnnFin2BMOxralJQ==
x-swift-cachetime
86332
x-oss-hash-crc64ecma
16413354651580683994
x-swift-savetime
Thu, 24 Feb 2022 02:54:20 GMT
content-length
3031
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:54:20 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671192
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2297954, s-maxage=86400
served-from
23.216.148.143
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_ASHBURN_20940, GB_LONDON_20860
eagleid
2ff6179e16456712603922413e
x-oss-server-time
5
expires
Sat, 26 Mar 2022 02:56:23 GMT
/
acs.aliexpress.com/h5/mtop.relationrecommend.aliexpressrecommend.recommend/1.0/ Frame A092 		0
0
/
assets.alicdn.com/g/alilog/ Frame A092 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
f1a47e61dfbe2a0ba893af1d972ab9dafc04d96f5e816f7516f4c5414bd8b849

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
gzip
x-oss-request-id
621B6526D86EC13330CB0739
content-md5
gygBRN2M4MlVRBr7rF/+vA==
x-swift-cachetime
429
x-swift-savetime
Sun, 27 Feb 2022 12:11:45 GMT
content-length
9983
x-oss-object-type
Normal
x-oss-hash-crc64ecma
15290110112012039273
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1645962534
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=670, s-maxage=1800
served-from
2.16.187.13
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
GB_LONDON_20860
eagleid
4f85b19b16459639051156917e
x-oss-server-time
4
gep-sdk~pop-layer.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		45 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/gep-sdk~pop-layer.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
e2d9112492a92b8c963f9ded23ac179a118b82c32fe8d6d28c218abc5a076173

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216F31922BE81353918BDEB
content-md5
uPAgX7Crj6Pxq5JuU1BAeQ==
x-swift-cachetime
86351
x-oss-hash-crc64ecma
10055567954015575217
x-swift-savetime
Thu, 24 Feb 2022 02:54:02 GMT
content-length
5856
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:54:03 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671193
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2297879, s-maxage=86400
served-from
23.216.148.151
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SEATTLE_35994, GB_LONDON_20860
eagleid
800e749d16456712427333713e
x-oss-server-time
9
expires
Sat, 26 Mar 2022 02:55:08 GMT
gep-sdk.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		87 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/gep-sdk.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216F34A3C4CC4353601103A
content-md5
/2ST5FURtZcoRd5GOxSvyg==
x-swift-cachetime
86400
x-oss-hash-crc64ecma
8021045107571583846
x-swift-savetime
Thu, 24 Feb 2022 02:54:03 GMT
content-length
25907
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:54:04 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671243
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2297699, s-maxage=86400
served-from
23.216.148.151
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SEATTLE_35994, GB_LONDON_20860
eagleid
2ff6179716456712428398669e
x-oss-server-time
4
expires
Sat, 26 Mar 2022 02:52:08 GMT
gallery-9g91h~list-88mY4~pop-layer~scene-login~slider-kTGCl~waterfall-VLHdM.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		13 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/gallery-9g91h~list-88mY4~pop-layer~scene-login~slider-kTGCl~waterfall-VLHdM.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216F3237577B03231DD8587
content-md5
N7lTnXOUv3WdNtDcNt25ig==
x-swift-cachetime
86363
x-oss-hash-crc64ecma
10965153901739082496
x-swift-savetime
Thu, 24 Feb 2022 02:54:00 GMT
content-length
3324
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:55:55 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671203
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2297756, s-maxage=86400
served-from
23.44.170.40
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SANJOSE_35994, GB_LONDON_20860
eagleid
2ff6189d16456712405988259e
x-oss-server-time
5
expires
Sat, 26 Mar 2022 02:53:05 GMT
4.css
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		518 B
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/4.css
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
9528347301e7b95c857e757982f0df2c444f3634bec61131eef9fa34c6da3e53

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216F319375B4E37353B5F15
content-md5
RPdlw6HdB80il2qD3h87fw==
x-swift-cachetime
85934
x-source-scheme
https
x-oss-hash-crc64ecma
9611587766294743555
x-swift-savetime
Thu, 24 Feb 2022 03:00:59 GMT
content-length
175
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 03:01:21 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671193
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2297705, s-maxage=86400
served-from
23.216.148.143
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
network_info
US_ASHBURN_20940, GB_LONDON_20860
eagleid
2ff6189f16456716592644624e
x-oss-server-time
3
expires
Sat, 26 Mar 2022 02:52:14 GMT
4.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/4.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216F34B19BE14323393A077
content-md5
vIrjPNT/86mYGDjJyNfPPA==
x-swift-cachetime
86400
x-oss-hash-crc64ecma
3837914497509824151
x-swift-savetime
Thu, 24 Feb 2022 02:54:03 GMT
content-length
3468
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:54:04 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671243
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2297783, s-maxage=86400
served-from
23.216.148.151
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SEATTLE_35994, GB_LONDON_20860
eagleid
4f85b09616456712430944114e
x-oss-server-time
7
expires
Sat, 26 Mar 2022 02:53:32 GMT
scene-login.css
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		10 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/scene-login.css
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
5c5be8d9643a9a669eb68411e6afb121aac57f140a775b972ec356a003a9ff13

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216F31978A46B32320B5F3E
content-md5
xaYQqEE4tNliDBX/AtJJ7A==
x-swift-cachetime
86400
x-oss-hash-crc64ecma
14493398711007681113
x-swift-savetime
Thu, 24 Feb 2022 02:53:13 GMT
content-length
5134
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:59:55 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671193
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2297789, s-maxage=86400
served-from
23.216.148.143
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_ASHBURN_20940, GB_LONDON_20860
eagleid
800e74a616456715745154843e
x-oss-server-time
4
expires
Sat, 26 Mar 2022 02:53:38 GMT
scene-login.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		26 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/scene-login.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216F373A71DA93636053705
content-md5
tiPlm2LzkWctkS9+ObBnyg==
x-swift-cachetime
86400
x-oss-hash-crc64ecma
8633513145969039844
x-swift-savetime
Thu, 24 Feb 2022 02:54:43 GMT
content-length
9386
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:54:45 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671283
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2297784, s-maxage=86400
served-from
104.102.248.39
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_ASHBURN_20940, GB_LONDON_20860
eagleid
4f85b09916456712831397214e
x-oss-server-time
5
expires
Sat, 26 Mar 2022 02:53:33 GMT
gdpr.css
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		502 B
742 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/gdpr.css
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
0b9c1ce7a0c734069cb1851b786baae966be5d2adbe767af8beb058c7abfc663

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp&terminal_id=613ea6ac684841029686c639709275a0
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-encoding
br
x-oss-request-id
6216F31903A8F930301EEDDA
content-md5
eNHJuVIzGEvEApt1IL6eMQ==
x-swift-cachetime
86400
x-source-scheme
https
x-oss-hash-crc64ecma
12842677085001688290
x-swift-savetime
Thu, 24 Feb 2022 02:53:13 GMT
content-length
188
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:59:08 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671193
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2297687, s-maxage=86400
served-from
23.216.148.143
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
network_info
US_ASHBURN_20940, GB_LONDON_20860
eagleid
800e749c16456715216072028e
x-oss-server-time
2
expires
Sat, 26 Mar 2022 02:51:56 GMT
gdpr.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		0
0
analytics.js
www.google-analytics.com/ Frame A092 		0
0
gtm.js
www.googletagmanager.com/ Frame A092 		0
0
tags
us.creativecdn.com/ Frame 02C1 		0
0
pop-layer.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		0
0
gallery-9g91h~list-88mY4~slider-kTGCl~smart-banner~waterfall-VLHdM.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		0
0
smart-banner.css
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		0
0
smart-banner.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame A092 		0
0
/
assets.alicdn.com/g/alilog/ Frame A092 		0
0
/
assets.alicdn.com/g/alilog/ Frame A092 		0
0
js
ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/ Frame D6CC
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=231f96a00abb43d4eccc2d8fe4d80031f09eb903702dc34d6b87a95455b02c93&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=231f96a00abb43d4eccc2d8fe4d80031f09eb903702dc34d6b87a95455b02c93&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb5a20e233f6646...
  • https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/js?tpid=48&tpuid=dd7335c7f01b654fe560394598aef8ba
44 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/js?tpid=48&tpuid=dd7335c7f01b654fe560394598aef8ba
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
19e6154985fea8e850ee60b4a3f1f8d13f6443c9bec5f09bb2c629f3fd618f8a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Sun, 27 Feb 2022 12:37:09 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/b5a20e233f6646e0960bba3f253c31ae/1645965428326/0/js?tpid=48&tpuid=dd7335c7f01b654fe560394598aef8ba
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
sium
ih.adscale.de/ Frame D6CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Sun, 27 Feb 2022 12:37:09 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
SPug
simage4.pubmatic.com/AdServer/ Frame 0375 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
sonar.semantiqo.com/i/ Frame 33DF 		166 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sonar.semantiqo.com/i/
Requested by
Host: umagnet.ru
URL: https://umagnet.ru/cli/cdn/HLR3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
eb67f0a083db90b7da9b98a8a8a78ac8ab2c5c7f813126927f7282a16a8abc0f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

server
nginx/1.20.1
date
Sun, 27 Feb 2022 12:37:10 GMT
content-type
text/html
last-modified
Tue, 04 Jan 2022 20:05:26 GMT
etag
W/"61d4a886-a6"
content-encoding
gzip
mode
no-cors
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control
no-cache
b.js
sonar.semantiqo.com/i/ Frame 33DF 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sonar.semantiqo.com/i/b.js
Requested by
Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/i/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
a5999cec348d9c44155de3607778eab37958803f0e379211a327cb5b5f69b2db

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://sonar.semantiqo.com/i/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:10 GMT
mode
no-cors
last-modified
Tue, 04 Jan 2022 20:05:26 GMT
server
nginx/1.20.1
etag
"61d4a886-1bba"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
7098
sls_new.php
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ 		486 B
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/sls_new.php
Requested by
Host: umagnet.ru
URL: https://umagnet.ru/cli/cdn/HLR3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
7285b8c32c9483640548695c65632dc011de983749565ac77bd3e204d68092f0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 27 Feb 2022 12:37:10 GMT
mode
no-cors
server
nginx/1.20.1
content-type
application/javascript
ces.php
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ces.php?spid=5e86154933854d3aad90e5affddd0142
Requested by
Host: umagnet.ru
URL: https://umagnet.ru/cli/cdn/HLR3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 27 Feb 2022 12:37:10 GMT
mode
no-cors
referrer-policy
no-referrer
server
nginx/1.20.1
content-type
application/javascript
analize.js
umagnet.ru/c82up/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://umagnet.ru/c82up/analize.js
Requested by
Host: umagnet.ru
URL: https://umagnet.ru/cli/cdn/HLR3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Referer
https://www.buhoblik.org.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 27 Feb 2022 12:37:10 GMT
content-encoding
gzip
server
nginx/1.20.1
mode
no-cors
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
data_sess_sync.php
sonar.semantiqo.com/fbfli/
Redirect Chain
  • https://counter.yadro.ru/id127/reff-id.gif?sid=5e86154933854d3aad90e5affddd0142
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=5e86154933854d3aad90e5affddd0142
0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=5e86154933854d3aad90e5affddd0142
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:10 GMT
content-encoding
gzip
server
nginx/1.20.1
mode
no-cors
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=5e86154933854d3aad90e5affddd0142
Date
Sun, 27 Feb 2022 12:37:10 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
364
Strict-Transport-Security
max-age=86400
Content-Type
text/html; charset=iso-8859-1
PugMaster
image6.pubmatic.com/AdServer/ Frame AF6D 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41055556&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 07A5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30476847&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5e0b356b00c796ee%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9737cc5ec6da98d55f817723b2b1feda5365be989c02249118437032a1997f0c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1724
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame EECC
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5e0b356b00c796ee%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:10 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug009:2:348
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Sun, 27 Feb 2022 12:37:10 GMT
server
_
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 927A
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7f53ff30-64b6-44f4-a963-1b81ddd63fb8-tuct914f5f6&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7f53ff30-64b6-44f4-a963-1b81ddd63fb8-tuct914f5f6&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5e0b356b00c796ee%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sun, 27 Feb 2022 12:37:10 GMT
via
1.1 varnish
x-served-by
cache-lcy19267-LCY
x-cache
MISS
x-cache-hits
0
x-timer
S1645965431.771361,VS0,VE8
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7f53ff30-64b6-44f4-a963-1b81ddd63fb8-tuct914f5f6&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sun, 27 Feb 2022 12:37:10 GMT
via
1.1 varnish
x-served-by
cache-lhr7321-LHR
x-cache
MISS
x-cache-hits
0
x-timer
S1645965431.684601,VS0,VE11
x-vcl-time-ms
11
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame FE54
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1645965430758
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6801522309
  • https://sync.1rx.io/usersync/tradedesk/27c6900a-cee8-43c7-9df9-2ddc4dabbe41
  • https://sync.targeting.unrulymedia.com/csync/RX-72e88b04-b8e8-421f-8585-88b85cbe05d8-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-72e88b04-b8e8-421f-8585-88b85cbe05d8-003
42 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-72e88b04-b8e8-421f-8585-88b85cbe05d8-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5e0b356b00c796ee%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:10 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug016:0:773
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sun, 27 Feb 2022 12:37:10 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-72e88b04-b8e8-421f-8585-88b85cbe05d8-003
etag
RX72e88b04b8e8421f858588b85cbe05d8003
Pug
simage2.pubmatic.com/AdServer/ Frame 7782
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:755BE3F1940749AAA01EF15FFD42AA6F
1 B
144 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:755BE3F1940749AAA01EF15FFD42AA6F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5e0b356b00c796ee%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:10 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug018:0:308
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Sun, 27 Feb 2022 12:37:10 GMT
content-type
text/html
content-length
138
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:755BE3F1940749AAA01EF15FFD42AA6F
expires
Sat, 26 Feb 2022 12:37:10 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
image2.pubmatic.com/AdServer/ Frame 2C51
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=iQNgnEpnCke1T01nd3AbYg
42 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=iQNgnEpnCke1T01nd3AbYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5e0b356b00c796ee%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:11 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug001:0:631
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Sun, 27 Feb 2022 12:37:11 GMT
content-type
text/html; charset=utf-8
content-length
153
cache-control
no-store
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=iQNgnEpnCke1T01nd3AbYg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pug
simage2.pubmatic.com/AdServer/ Frame A4F2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=G37fesFgSfJfNRzRp8nIfAW7FWU
42 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=G37fesFgSfJfNRzRp8nIfAW7FWU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5e0b356b00c796ee%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:11 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug014:0:460
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Sun, 27 Feb 2022 12:37:11 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=G37fesFgSfJfNRzRp8nIfAW7FWU
Content-Length
159
Connection
keep-alive
um
u-ams02.e-planning.net/ Frame A85A 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=5e0b356b00c796ee&uid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5e0b356b00c796ee%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
openresty
date
Sun, 27 Feb 2022 12:37:10 GMT
content-type
image/gif
/
spl.zeotap.com/ Frame 07A5
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ed4b3944472496857416b44296b66658
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=27c6900a-cee8-43c7-9df9-2ddc4dabbe41&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=6d5d579c15eba577a4d9ce916bc9f447
  • https://spl.zeotap.com/?zdid=1332&zcluid=0448051f5661928c
95 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=0448051f5661928c
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:11 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6e41768b4b4d71ae-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=0448051f5661928c
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 07A5
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&addseg=11,34,40
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&addseg=11,34,40
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Redirect headers

date
Sun, 27 Feb 2022 12:37:10 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B&addseg=11,34,40
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
g.pixel
aa.agkn.com/adscores/ Frame 07A5 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.150.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-178-150-13.eu-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:10 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
/
io.narrative.io/ Frame 07A5
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
  • https://io.narrative.io/?io.narrative.guid.v2=fbaa37a0-97c9-11ec-a833-0aa6849ebafd&companyId=673&id=pubmatic_id:C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=fbaa37a0-97c9-11ec-a833-0aa6849ebafd&companyId=673&id=pubmatic_id:C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
52.50.195.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-195-14.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:10 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=fbaa37a0-97c9-11ec-a833-0aa6849ebafd&companyId=673&id=pubmatic_id:C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Date
Sun, 27 Feb 2022 12:37:10 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
d1ba4609
rtb.gumgum.com/getuid/ Frame 07A5 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.66.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-66-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:10 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 07A5 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.143.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-143-160.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=758950941/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/ Frame D3B2 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=758950941/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
47700e2d5c3b715c8e53b53121b15b0aa12abd63838dcdf4a440f2401486c819

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Sun, 27 Feb 2022 12:37:10 GMT
content-type
text/html;charset=utf-8
content-length
1299
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.12.222
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
watch.js
intercollectcontact.ru/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intercollectcontact.ru/watch.js
Requested by
Host: cdn3.caltat.com
URL: https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/sls_new.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.95.131.196 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
4a8a58134ab0ffbb7251e7015612cdc8633a8c663ef5e2bb94328c3ba53dd390

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:10 GMT
last-modified
Fri, 02 Jul 2021 08:09:09 GMT
server
nginx
etag
"60dec9a5-ab6"
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
2742
gdpr=1
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7453319797025266452/ Frame D3B2
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/6d5d579c15eba577a4d9ce916bc9f447/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=1
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7453319797025266452/gdpr=1
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7453319797025266452/gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=758950941/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Protocol
H2
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.15.21
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7453319797025266452/gdpr=1
pragma
no-cache
date
Sun, 27 Feb 2022 12:37:10 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
5907
tags.bluekai.com/site/ Frame D3B2 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=231ef23621d8290fab4b6301f64f438c
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=758950941/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:11 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
tpid=6c0ced92-214c-4ca6-be3c-da9ec837c836
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame D3B2
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=6d5d579c15eba577a4d9ce916bc9f447&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=6c0ced92-214c-4ca6-be3c-da9ec837c836
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=6c0ced92-214c-4ca6-be3c-da9ec837c836
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=758950941/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Protocol
H2
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.173
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=6c0ced92-214c-4ca6-be3c-da9ec837c836
date
Sun, 27 Feb 2022 12:37:10 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
bsTd8NdE
sync-tm.everesttech.net/upi/pid/ Frame D3B2 		85 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=758950941/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:10 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1645965431.839207,VS0,VE79
x-served-by
cache-lhr7339-LHR
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame D3B2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=758950941/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ibs:dpid=121998&dpuuid=6d5d579c15eba577a4d9ce916bc9f447&gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=1
dpm.demdex.net/ Frame D3B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=6d5d579c15eba577a4d9ce916bc9f447&gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=758950941/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.233.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-233-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers
pixel
intercollectcontact.ru/pxa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://intercollectcontact.ru/pxa/pixel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.95.131.196 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.buhoblik.org.ua
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 27 Feb 2022 12:37:11 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept
content-length
0
content-type
text/plain
pixel
intercollectcontact.ru/pxa/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intercollectcontact.ru/pxa/pixel
Requested by
Host: intercollectcontact.ru
URL: https://intercollectcontact.ru/watch.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.95.131.196 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buhoblik.org.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 27 Feb 2022 12:37:11 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Origin,Content-Type,Accept
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
SPug
simage4.pubmatic.com/AdServer/ Frame 07A5 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5e0b356b00c796ee%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
7pcZWCh8tW
promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/ Frame 6061 		36 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Requested by
Host: grsync.ru
URL: https://grsync.ru/cdn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.246.100.37 -, , ASN (),
Reverse DNS
Software
Tengine/Aserver /
Resource Hash
4c8e4d438e09aaf31dde6966bf4cbc44567ad930c8a172d7bb42dc9f1c8d8ff8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

Content-Type
text/html; charset=utf-8
x-server-id
28c3d6b2523ca52c32ad72931842b19ac3b8a084a970a1b987503de1fa9bf393
x-air-hostname
air-ual033027083003.de81
x-air-trace-id
2100bb4c16459653885633764e127e
x-readtime
68
x-air-source
proxy
x-xss-protection
1; mode=block
Server
Tengine/Aserver
EagleEye-TraceId
2100bb4c16459653885633764e127e
Strict-Transport-Security
max-age=31536000
Timing-Allow-Origin
*
Content-Encoding
gzip
Content-Length
10324
Cache-Control
max-age=0, s-maxage=142
Date
Sun, 27 Feb 2022 12:37:14 GMT
Connection
keep-alive
Vary
Accept-Encoding
Object-Status
ttl=142,age=31,gip=72.246.100.37
header.css
i.alicdn.com/ae-header/20180730191310/buyer/front/mobile/ Frame 6061 		21 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.alicdn.com/ae-header/20180730191310/buyer/front/mobile/header.css
Requested by
Host: promotion.aliexpress.ru
URL: https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.214.74 -, , ASN (),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
c2b11e588d432e134f26de8fac2e3e00a09926f0787a483027eede5999226c09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
x-swift-cachetime
24104052
fw_ip
23.54.74.64, 104.111.214.74
x-server-id
b0381a5e42020db0072a77127f27bf153d66bc610203bcda930364046bd2f301f1442cd4e182044e
x-swift-savetime
Tue, 14 Dec 2021 21:47:13 GMT
network_info
US_ASHBURN_20940, GB_LONDON_20860
x-readtime
349
server-timing
rt;dur=0.352,eagleid;desc=a3b53e9e16320864840383272e
content-length
11981
x-xss-protection
1; mode=block
last-modified
Sun, 19 Dec 2021 09:36:01 GMT
server
Akamai Resource Optimizer
date
Sun, 27 Feb 2022 12:37:15 GMT
x-download-options
noopen
ali-swift-global-savetime
1632086485
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
FW_IP
cache-control
max-age=17657041
served-from
104.78.67.14
timing-allow-origin
*, *
x-new-origin
1
eagleid
a3b53e9e16320864840383272e, a3b5399516395184332672453e
expires
Mon, 19 Sep 2022 21:21:16 GMT
font-face.css
i.alicdn.com/ams-static/3.0.0/common/css/ Frame 6061 		93 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.alicdn.com/ams-static/3.0.0/common/css/font-face.css
Requested by
Host: promotion.aliexpress.ru
URL: https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.214.74 -, , ASN (),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
d5c69343f17def5f178ebc0445c80f25da743b7f53322c65fbb894324145399d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
x-swift-cachetime
29698948
fw_ip
23.38.159.248, 104.111.214.74
x-server-id
b0381a5e42020db0072a77127f27bf1584e267672cf7c85d5efd296e851b8cb18ccf041454c3613c
x-swift-savetime
Tue, 10 Aug 2021 21:03:29 GMT
network_info
US_SANJOSE_35994, GB_LONDON_20860
x-readtime
541
server-timing
rt;dur=0.546,eagleid;desc=a3b53e9816267923567718929e
content-length
4489
x-xss-protection
1; mode=block
last-modified
Fri, 27 Aug 2021 00:06:06 GMT
server
Akamai Resource Optimizer
date
Sun, 27 Feb 2022 12:37:15 GMT
x-download-options
noopen
ali-swift-global-savetime
1626792357
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
FW_IP
cache-control
max-age=12362994
served-from
72.246.216.144
timing-allow-origin
*, *
x-new-origin
1
eagleid
a3b53e9816267923567718929e, 2ff6149916286294089568316e
expires
Wed, 20 Jul 2022 14:47:09 GMT
style.css
g.alicdn.com/ae-fe-ru/ae-ru-campaign-solution-assets/1.0.6/mobile/styles/ Frame 6061 		1 KB
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/ae-fe-ru/ae-ru-campaign-solution-assets/1.0.6/mobile/styles/style.css
Requested by
Host: promotion.aliexpress.ru
URL: https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.52.250 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
94a3b97e6641533ac08a62974b3a281bcced3e00b53b11356a50499ac265a38f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sat, 26 Feb 2022 18:23:46 GMT
content-encoding
gzip
x-oss-request-id
621A7032FF9A926AE6B85C46
content-md5
7oCp/VCxAAOUwGFAgf4VCQ==
age
65609
x-cache
HIT TCP_MEM_HIT dirn:10:216437030
x-swift-cachetime
86362
x-swift-savetime
Sat, 26 Feb 2022 18:24:24 GMT
content-length
428
x-bucket-code
4
x-oss-object-type
Normal
access-control-allow-origin
*
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1645899826
content-type
text/css
via
cache53.l2ot7[0,-1,200-0,H], cache5.l2ot7[0,0], cache5.l2ot7[0,0], cache5.us8[0,0,200-0,H], cache5.us8[1,0]
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
3879151712340986114
eagleid
082d349916459654353448937e
x-oss-server-time
42
HTB1FLbfHFXXXXbkapXX760XFXXXs.png
ae01.alicdn.com/kf/ Frame 6061 		890 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae01.alicdn.com/kf/HTB1FLbfHFXXXXbkapXX760XFXXXs.png
Requested by
Host: promotion.aliexpress.ru
URL: https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.214.74 -, , ASN (),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a8a1c2515e0a3440fe696cc38f430fbbefc90619234c8f2e9b93310b74c43f2b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:14 GMT
last-modified
Tue, 26 Oct 2021 13:03:05 GMT
server
Akamai Image Manager
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, no-transform, max-age=43200
served-from
2.16.187.92
content-length
890
timing-allow-origin
*
network_info
GB_LONDON_20860
from-req-dns-type
NA
expires
Mon, 28 Feb 2022 00:37:14 GMT
/
g.alicdn.com/ Frame 6061 		439 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/??mui/feloader/5.0.5/feloader-min.js,rax-pkg/rax/1.2.0/index.js,code/npm/@ali/pnpm-uni--env/1.0.6/index.js,rax-pkg/universal-env/3.3.3/index.js,rax-pkg/rax-view/2.0.5/index.js,rax-pkg/rax-get-element-by-id/1.0.0/index.js,code/npm/@ali/gcom-gcp-hoist-non-react-statics/1.0.3/index.js,rax-pkg/rax-view/1.0.1/index.js,rax-pkg/rax-find-dom-node/1.0.0/index.js,rax-pkg/rax-refreshcontrol/1.0.0/index.js,rax-pkg/rax-scrollview/2.0.0/index.js,rax-pkg/rax-children/1.0.0/index.js,rax-pkg/rax-proptypes/1.0.0/index.js,rax-pkg/rax-recyclerview/1.1.2/index.js,code/npm/@ali/pcom-gcp-dom-driver/0.0.3/index.js,code/npm/@ali/gcom-gcp-core-render-v2/0.0.33/index.js,code/npm/@ali/pcom-fetch/2.0.9/index.js,code/npm/@ali/universal-tracker/3.0.7/index.js,code/npm/@ali/universal-mtop/5.2.2/index.js,code/npm/@ali/gfe-base-mtop/2.0.0/index.js,code/npm/@ali/gcom-core-render-helper/2.0.4/index.js,code/npm/@ali/gcom-gcp-ae-render-v2/0.0.22/index.js,code/npm/@ali/pcom-regenerator-runtime/1.0.2/index.js,mui/mtb-windvane/5.1.2/index.js
Requested by
Host: promotion.aliexpress.ru
URL: https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.52.250 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
8b1bd3302e48da84dcfd582c50ae0816b6dec5eaf83a8ce4dcc788618c9a222b

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Origin
https://promotion.aliexpress.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:00:47 GMT
content-encoding
gzip
x-oss-request-id
621B67EFC60405422AEAE0C2
content-md5
yY5cFPUgf3Bvj0QC0lvxNA==
age
2188
x-cache
HIT TCP_MEM_HIT dirn:9:137834369
x-swift-cachetime
3584
x-swift-savetime
Sun, 27 Feb 2022 12:01:03 GMT
content-length
150519
x-bucket-code
4
x-oss-object-type
Normal
access-control-allow-origin
*
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1645963247
content-type
application/javascript
via
cache60.l2ot7[0,0,200-0,H], cache9.l2ot7[0,0], cache9.l2ot7[2,0], cache2.us8[0,0,200-0,H], cache2.us8[2,0]
cache-control
max-age=2592000,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
16791710692182623202
eagleid
082d349616459654353521709e
x-oss-server-time
1
header.js
i.alicdn.com/ae-header/20180730191310/buyer/front/mobile/ Frame 6061 		147 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.alicdn.com/ae-header/20180730191310/buyer/front/mobile/header.js
Requested by
Host: promotion.aliexpress.ru
URL: https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.214.74 -, , ASN (),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
7926e7c0bfde1a0464ced343534d773e12bf3a68bfde1ad6a1a49689da448565
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
x-swift-cachetime
240481
fw_ip
23.40.0.14, 104.111.214.74
x-server-id
b0381a5e42020db0072a77127f27bf150f96abadfeb38bef16a2e7d22898a1418ccf041454c3613c
x-swift-savetime
Thu, 13 Jan 2022 22:10:56 GMT
network_info
US_SEATTLE_35994, GB_LONDON_20860
x-readtime
1229
server-timing
rt;dur=1.238,eagleid;desc=2ff62c9b16108163358116556e
content-length
42138
x-xss-protection
1; mode=block
last-modified
Thu, 13 Jan 2022 22:10:57 GMT
server
Akamai Resource Optimizer
date
Sun, 27 Feb 2022 12:37:15 GMT
x-download-options
noopen
ali-swift-global-savetime
1610816337
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
FW_IP
cache-control
max-age=27682350
served-from
2.20.243.48
timing-allow-origin
*, *
x-new-origin
1
eagleid
2ff62c9b16108163358116556e, 4f85b09c16421118567236428e
expires
Fri, 13 Jan 2023 22:09:45 GMT
/
assets.alicdn.com/g/aes/ Frame 6061 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/aes/??tracker/1.0.10/index.js,tracker-plugin-jserror/1.0.8/index.js,tracker-plugin-api/1.0.16/index.js,tracker-plugin-perf/1.1.3/index.js
Requested by
Host: promotion.aliexpress.ru
URL: https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
3462b221efc9a61e307181739415363c06e7b4502f274c976aa1bcf8293c88d9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:14 GMT
content-encoding
gzip
x-oss-request-id
620F328AA72C903334B8BE9C
content-md5
oedAWbF27dpujME65EiDMg==
x-swift-cachetime
60658
x-swift-savetime
Fri, 18 Feb 2022 12:54:49 GMT
content-length
9209
x-oss-object-type
Normal
x-oss-hash-crc64ecma
4225381312364204314
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1645163147
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1789644, s-maxage=86400
served-from
2.16.110.198
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
GB_LONDON_20860
eagleid
4f85b19516451888893457079e
x-oss-server-time
5
index.js
assets.alicdn.com/g/ae-fe/g-loader/ Frame 6061 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/g-loader/index.js
Requested by
Host: promotion.aliexpress.ru
URL: https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
58b4190d6003b87e433cf7f59d6443ffdc502abea85c5d5e59901f7a99976574

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Origin
https://promotion.aliexpress.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:14 GMT
content-encoding
gzip
x-oss-request-id
621B6F7C0F58D93133CCD8F5
content-md5
xm7bjw4FHdfiAqjZ0scLaQ==
x-swift-cachetime
300
x-swift-savetime
Sun, 27 Feb 2022 12:33:00 GMT
content-length
3962
x-oss-object-type
Normal
x-oss-hash-crc64ecma
14554246805459894126
server
Tengine
cache-control
max-age=300,s-maxage=300
vary
Accept-Encoding
ali-swift-global-savetime
1645965180
content-type
application/javascript
access-control-allow-origin
*
object-status
ttl=300,age=251
served-from
2.16.110.165
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
GB_LONDON_20860
eagleid
2ff62b2016459651801953408e
x-oss-server-time
5
/
assets.alicdn.com/g/alilog/ Frame 6061 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Requested by
Host: promotion.aliexpress.ru
URL: https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
f1a47e61dfbe2a0ba893af1d972ab9dafc04d96f5e816f7516f4c5414bd8b849

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:15 GMT
content-encoding
gzip
x-oss-request-id
621B6526D86EC13330CB0739
content-md5
gygBRN2M4MlVRBr7rF/+vA==
x-swift-cachetime
429
x-swift-savetime
Sun, 27 Feb 2022 12:11:45 GMT
content-length
9983
x-oss-object-type
Normal
x-oss-hash-crc64ecma
15290110112012039273
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1645962534
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=664, s-maxage=1800
served-from
2.16.187.13
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
GB_LONDON_20860
eagleid
4f85b19b16459639051156917e
x-oss-server-time
4
bl.js
assets.alicdn.com/g/retcode/cloud-sdk/ Frame 6061 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/retcode/cloud-sdk/bl.js
Requested by
Host: promotion.aliexpress.ru
URL: https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:15 GMT
content-encoding
br
x-oss-request-id
6217F50A6BA8D13538375A54
content-md5
4x6tcG5Vt8TBANh6WSjwmQ==
x-swift-cachetime
60
x-oss-hash-crc64ecma
7956181089051082725
x-swift-savetime
Thu, 24 Feb 2022 21:13:46 GMT
content-length
12983
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 22:23:16 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645737226
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=16111, s-maxage=60
served-from
23.0.162.18
x-oss-storage-class
Standard
timing-allow-origin
*
network_info
US_SEATTLE_35994, GB_LONDON_20860
eagleid
2ff6019516457372262883473e
x-oss-server-time
6
expires
Sun, 27 Feb 2022 17:05:46 GMT
start-render.png
ae01.alicdn.com/wimg/monitor/ Frame 6061 		949 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae01.alicdn.com/wimg/monitor/start-render.png
Requested by
Host: promotion.aliexpress.ru
URL: https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.214.74 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
56d989eabce7e1f6ba7b90ccae9a241398f2f92e80315d15a48f9c12ac0f36fa

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:15 GMT
x-swift-cachetime
172746
x-swift-savetime
Sun, 07 Feb 2021 08:10:41 GMT
content-length
949
last-modified
Thu, 22 Jun 2017 10:28:30 GMT
server
Tengine
cdn-type
alibaba
ali-swift-global-savetime
1598584224
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=71931
served-from
2.16.187.141
accept-ranges
bytes
timing-allow-origin
*, *
network_info
GB_LONDON_20860
from-req-dns-type
NA
eagleid
2ff6199e16128071679506152e
expires
Mon, 28 Feb 2022 08:36:06 GMT
tmall_logo.png
g.alicdn.com/ae-fe-ru/ae-ru-campaign-solution-assets/1.0.6/mobile/images/ Frame 6061 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.alicdn.com/ae-fe-ru/ae-ru-campaign-solution-assets/1.0.6/mobile/images/tmall_logo.png
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/ae-fe-ru/ae-ru-campaign-solution-assets/1.0.6/mobile/styles/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.52.250 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
4253fe42887769f5f1418000c895e4cccbf80965d7ff486df74907f83b0e3271

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://g.alicdn.com/ae-fe-ru/ae-ru-campaign-solution-assets/1.0.6/mobile/styles/style.css
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 02:55:12 GMT
via
cache22.l2ot7[235,38,200-0,C], cache15.l2ot7[40,0], cache15.l2ot7[41,0], cache10.us8[0,0,200-0,H], cache5.us8[1,0]
x-oss-request-id
621AE810FF9A926AE650E4DC
content-md5
ZmA5iBRhYD++mj5hvpOr0A==
age
34924
x-cache
HIT TCP_MEM_HIT dirn:11:184538211
x-swift-cachetime
86400
x-swift-savetime
Sun, 27 Feb 2022 02:55:12 GMT
content-length
21772
x-bucket-code
4
x-oss-object-type
Normal
server
Tengine
ali-swift-global-savetime
1645930512
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
16080019064037866933
eagleid
082d349916459654360212211e
x-oss-server-time
87
bg.png
i.alicdn.com/ae-header/20180730191310/buyer/front/mobile/src/img/ Frame 6061 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.alicdn.com/ae-header/20180730191310/buyer/front/mobile/src/img/bg.png
Requested by
Host: i.alicdn.com
URL: https://i.alicdn.com/ae-header/20180730191310/buyer/front/mobile/header.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.214.74 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
5b37c6289564e9724a454126196e3a307e20141dae4efdf2071d521c4076c4fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://i.alicdn.com/ae-header/20180730191310/buyer/front/mobile/header.css
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
x-content-type-options
nosniff
x-swift-cachetime
7032290
fw_ip
104.111.214.74
x-server-id
b0381a5e42020db0072a77127f27bf1584e267672cf7c85df68de1dd51172d668ccf041454c3613c
x-readtime
369
server-timing
rt;dur=0.372,eagleid;desc=2ff60f9516091471750227789e
x-new-origin
1
content-length
20326
x-xss-protection
1; mode=block
x-swift-savetime
Thu, 07 Oct 2021 23:54:45 GMT
server
Tengine
date
Sun, 27 Feb 2022 12:37:15 GMT
x-download-options
noopen
ali-swift-global-savetime
1609147175
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
FW_IP
cache-control
max-age=23100086
served-from
2.16.110.126
timing-allow-origin
*, *, *
network_info
GB_LONDON_20860
eagleid
2ff60f9516091471750227789e, 4f85b19f16375295763006833e
expires
Mon, 21 Nov 2022 21:18:41 GMT
truncated
/ Frame 6061 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61a94f7e2a0d91c354bb6ec664ffd12df241169facc846d4a9b6bfb150237804

Request headers

Referer
Origin
https://promotion.aliexpress.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
open-sans-v13-cyrillic_latin-600.woff
i.alicdn.com/ams-static/3.0.0/common/css/font-face/fonts/open-sans-v13-cyrillic_latin/ Frame 6061 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.alicdn.com/ams-static/3.0.0/common/css/font-face/fonts/open-sans-v13-cyrillic_latin/open-sans-v13-cyrillic_latin-600.woff
Requested by
Host: i.alicdn.com
URL: https://i.alicdn.com/ams-static/3.0.0/common/css/font-face.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.214.74 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
a3b4dc4c2ed28128fe6f558edf9050b776aa6f5b804d67a6a1ed7a2bff815b2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://i.alicdn.com/ams-static/3.0.0/common/css/font-face.css
Origin
https://promotion.aliexpress.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
x-content-type-options
nosniff
x-swift-cachetime
7334142
fw_ip
104.111.214.74
x-readtime
678
server-timing
rt;dur=0.680,eagleid;desc=a3b5399816093849109722993e
x-new-origin
1
content-length
28072
x-xss-protection
1; mode=block
x-swift-savetime
Thu, 07 Oct 2021 06:06:09 GMT
server
Tengine
date
Sun, 27 Feb 2022 12:37:16 GMT
x-download-options
noopen
ali-swift-global-savetime
1609384911
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
FW_IP
cache-control
max-age=23337923
served-from
2.16.187.101
timing-allow-origin
*, *, *
network_info
GB_LONDON_20860
eagleid
a3b5399816093849109722993e, 4f85b19916375051979375864e
x-server-id
b0381a5e42020db0072a77127f27bf1584e267672cf7c85df68de1dd51172d668ccf041454c3613c
/
acs.aliexpress.ru/h5/mtop.relationrecommend.aliexpressrecommend.recommend/1.0/ Frame 6061 		127 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://acs.aliexpress.ru/h5/mtop.relationrecommend.aliexpressrecommend.recommend/1.0/?jsv=2.6.1&appKey=24815441&t=1645965435926&sign=860bcf0f4bda4f0fd7363c53726fa7f8&api=mtop.relationrecommend.AliexpressRecommend.recommend&v=1.0&jsonpIncPrefix=kangaroo&timeout=10000&type=originaljson&dataType=jsonp&isMajorRequest=true
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/??mui/feloader/5.0.5/feloader-min.js,rax-pkg/rax/1.2.0/index.js,code/npm/@ali/pnpm-uni--env/1.0.6/index.js,rax-pkg/universal-env/3.3.3/index.js,rax-pkg/rax-view/2.0.5/index.js,rax-pkg/rax-get-element-by-id/1.0.0/index.js,code/npm/@ali/gcom-gcp-hoist-non-react-statics/1.0.3/index.js,rax-pkg/rax-view/1.0.1/index.js,rax-pkg/rax-find-dom-node/1.0.0/index.js,rax-pkg/rax-refreshcontrol/1.0.0/index.js,rax-pkg/rax-scrollview/2.0.0/index.js,rax-pkg/rax-children/1.0.0/index.js,rax-pkg/rax-proptypes/1.0.0/index.js,rax-pkg/rax-recyclerview/1.1.2/index.js,code/npm/@ali/pcom-gcp-dom-driver/0.0.3/index.js,code/npm/@ali/gcom-gcp-core-render-v2/0.0.33/index.js,code/npm/@ali/pcom-fetch/2.0.9/index.js,code/npm/@ali/universal-tracker/3.0.7/index.js,code/npm/@ali/universal-mtop/5.2.2/index.js,code/npm/@ali/gfe-base-mtop/2.0.0/index.js,code/npm/@ali/gcom-core-render-helper/2.0.4/index.js,code/npm/@ali/gcom-gcp-ae-render-v2/0.0.22/index.js,code/npm/@ali/pcom-regenerator-runtime/1.0.2/index.js,mui/mtb-windvane/5.1.2/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
62.128.97.18 -, , ASN (),
Reverse DNS
Software
Tengine/Aserver / m.taobao.com
Resource Hash
999c516b768f9e07bbfc4cc22032bf7170a14489d42e11b7e132928b129f07d0

Request headers

Accept
application/json
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 27 Feb 2022 12:37:16 GMT
x-powered-by
m.taobao.com
s-rt2
0.002
s-rt
6
x-node
f5e8d882d5d7edbe776b9d1a7a16856b
pragma
no-cache
x-aserver-sret
SUCCESS
server
Tengine/Aserver
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://promotion.aliexpress.ru
access-control-expose-headers
x-eagleeye-id
cache-control
no-cache
access-control-allow-credentials
true
x-eagleeye-id
211d460516459654367148163eedc1
content-length
127
timing-allow-origin
*
eagleeye-traceid
211d460516459654367148163eedc1
analytics.js
www.google-analytics.com/ Frame 6061 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: i.alicdn.com
URL: https://i.alicdn.com/ae-header/20180730191310/buyer/front/mobile/header.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1943
date
Sun, 27 Feb 2022 12:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 27 Feb 2022 14:04:52 GMT
/
assets.alicdn.com/g/alilog/ Frame 6061 		175 KB
67 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/alilog/??s/8.15.20/plugin/aplus_client.js,aplus_cplugin/0.7.11/toolkit.js,aplus_cplugin/0.7.11/monitor.js,s/8.15.20/plugin/aplus_ae.js,s/8.15.20/plugin/aplus_ac.js,s/8.15.20/aplus_int.js,s/8.15.20/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20220215204924
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
13f503cf4ddfcfbd2c6ae6d2c91efe80ab888b1e1a8da4de8fbcf33e62e9434a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:15 GMT
content-encoding
gzip
x-oss-request-id
620BAA97DFCFF23335E4F787
content-md5
33ruDq3z7IL1fiUckkP4mA==
x-swift-cachetime
86399
x-swift-savetime
Tue, 15 Feb 2022 13:28:56 GMT
content-length
67537
x-oss-object-type
Normal
x-oss-hash-crc64ecma
3489933451820366119
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1644931735
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1558343, s-maxage=86400
served-from
2.16.187.103
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
GB_LONDON_20860
eagleid
2ff62b1a16449317353391026e
x-oss-server-time
1
ec.js
www.google-analytics.com/plugins/ua/ Frame 6061 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
1685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 27 Feb 2022 13:09:11 GMT
eg.js
ru.mmstat.com/ Frame 6061 		91 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.mmstat.com/eg.js?t=1645965436022
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.128.97.27 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c9383630e500a2bb009e1035ef32d000b8d7651b00c886a6d2152906a9a9276d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:16 GMT
stag
2
server
nginx
etag
"fF6iGqDyRm0CAQW7FWWOrWZd"
content-type
application/javascript
cache-control
no-cache
content-length
91
expires
Thu, 01 Jan 1970 00:00:01 GMT
r.png
retcode-us-west-1.arms.aliyuncs.com/ Frame 6061 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://retcode-us-west-1.arms.aliyuncs.com/r.png?t=pv&times=1&page=unknown_msite_aer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&tag=&release=&environment=prod&begin=1645965436289&uid=dUl5a06O5pm932b9Lmm5v4I66ehm&dt=HomePage&dr=https%3A%2F%2Fwww.buhoblik.org.ua%2F&dpr=1.00&de=utf-8&ul=&sr=1600x1200&vp=15x15&ct=4g&sid=zglR10am5aj9R2bXhmzUvX86hv89&pid=f1fxt4k42w%407fd6d410b732d6b&_v=1.8.30&pv_id=splzd0Xb5n5969bRgm69mXh36aUp&sampling=1&dl=https%3A%2F%2Fpromotion.aliexpress.ru%2Fwow%2Fgcp%2Faer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&z=l059bmm3
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/retcode/cloud-sdk/bl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.254.80.221 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:16 GMT
last-modified
Tue, 20 Oct 2020 13:00:34 GMT
server
nginx
etag
"5f8edf72-0"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
0
index.js
assets.alicdn.com/g/sd/baxia-entry/ Frame 6061 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/sd/baxia-entry/index.js?t=228606
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
7c8898172b879d771a77be7f5b2133f8ccdd26eaafb36f653a0ca0ebce0216fb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:16 GMT
content-encoding
gzip
x-oss-request-id
61FF9CEBDA062D3232A0C03D
content-md5
uYfEYSicLJQePdry/LZh7Q==
x-swift-cachetime
900
x-oss-hash-crc64ecma
13547624062769674599
x-swift-savetime
Sun, 06 Feb 2022 10:03:23 GMT
content-length
1097
x-oss-object-type
Normal
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1644141803
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=299, s-maxage=900
served-from
23.47.58.155
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
RU_MOSCOW_12389, GB_LONDON_20860
eagleid
2ff6149716441418032265610e
x-oss-server-time
3
expires
Sun, 27 Feb 2022 12:42:15 GMT
g.gif
ru.mmstat.com/ Frame 6061 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ru.mmstat.com/g.gif?logtype=0&title=HomePage&pre=https%3A%2F%2Fwww.buhoblik.org.ua%2F&scr=1600x1200&_p_url=https%3A%2F%2Fpromotion.aliexpress.ru%2Fwow%2Fgcp%2Faer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&cna=fF6iGqDyRm0CAQW7FWWOrWZd&spm-cnt=0.0.0.0.540a7bdayYjw2I&aplus=&sidx=aplusSidx&pageid=17f3b2f64354331f21a1bb8e38191ec62068e162ec&dmtrack_b=%7Bifm%3D1%7Clogin%3D0%7D&dmtrack_c=%7Baep_usuc_f%3D-%7Caeu_cid%3D-%7D&ali_beacon_id=-&ali_apache_id=-&ali_apache_track=-&ali_apache_tracktmp=-&_p_uid=-&p=1&o=android&b=chrome86&s=1600x1200&w=webkit&ism=android&cache=9d11149&lver=8.15.20&jsver=aplus_int&pver=0.7.11&_pw=15&_ph=15&tag=0&stag=2&lstag=0&_slog=0
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.128.97.27 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:16 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control
no-cache
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
index.js
assets.alicdn.com/g/secdev/entry/ Frame 6061 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/secdev/entry/index.js?t=228606
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
5ae832fce3a62e8ca665034351571312bcf0e165109a303f27d44a18e1bc1f24

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:16 GMT
content-encoding
gzip
x-oss-request-id
61FD268A11785A3938CB8185
content-md5
uX76p9ACMtkK1QyA7NPH6w==
x-swift-cachetime
3600
x-oss-hash-crc64ecma
5804250900312149111
x-swift-savetime
Fri, 04 Feb 2022 13:13:46 GMT
content-length
2958
x-oss-object-type
Normal
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1643980426
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=680, s-maxage=3600
served-from
23.47.58.155
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
NL_AMSTERDAM_174, GB_LONDON_20860
eagleid
2ff6149a16439804265528940e
x-oss-server-time
3
expires
Sun, 27 Feb 2022 12:48:36 GMT
baxiaCommon.js
assets.alicdn.com/g/sd/baxia/2.0.50/ Frame 6061 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/sd/baxia/2.0.50/baxiaCommon.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia-entry/index.js?t=228606
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
0a40dea2ad8c38d54437a638dc460a19581857e6d8cf1883b5df58896bfa2489

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Origin
https://promotion.aliexpress.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:16 GMT
content-encoding
br
x-oss-request-id
61E6C4AE39899C3431D8018F
content-md5
RbR3KfKCEtEd6Zppk3ZhZg==
x-swift-cachetime
15308
x-oss-hash-crc64ecma
5412104085485261180
x-swift-savetime
Wed, 19 Jan 2022 09:31:14 GMT
content-length
7295
x-oss-object-type
Normal
last-modified
Wed, 19 Jan 2022 09:35:22 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1642513582
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2359400, s-maxage=86400
served-from
210.61.249.38
x-oss-storage-class
Standard
timing-allow-origin
*
network_info
US_SEATTLE_35994, GB_LONDON_20860
eagleid
a3b5279e16425846740015381e
x-oss-server-time
4
expires
Sat, 26 Mar 2022 20:00:36 GMT
index.js
assets.alicdn.com/g/secdev/sufei_data/3.9.9/ Frame 6061 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/secdev/sufei_data/3.9.9/index.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=228606
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
1181008c4d533ae52f2533ef482bb326ae0df168e10175d15c74a63ac86531d4

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Origin
https://promotion.aliexpress.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:16 GMT
content-encoding
br
x-oss-request-id
6211325BD20A6A3631591EB7
content-md5
BLF6Clts+DnJshKrVXCXFw==
x-swift-cachetime
33632
x-oss-hash-crc64ecma
2824524793130602968
x-swift-savetime
Sun, 20 Feb 2022 08:48:59 GMT
content-length
6733
x-oss-object-type
Normal
last-modified
Sun, 20 Feb 2022 08:49:00 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645294171
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1920680, s-maxage=86400
served-from
118.98.97.148
x-oss-storage-class
Standard
timing-allow-origin
*
network_info
US_SANJOSE_35994, GB_LONDON_20860
eagleid
a3b5219516453469392474016e
x-oss-server-time
7
expires
Mon, 21 Mar 2022 18:08:36 GMT
g
assets.alicdn.com/ Frame 6061 		130 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g??xlly/spl/rp.js,secdev/nsv/1.0.78/ns_e_88_3_f.js?v=1
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=228606
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
1aeda7bc76ae0865178647144bdd612b499c12e5435264a96c931d569db8518f

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Origin
https://promotion.aliexpress.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:16 GMT
content-encoding
gzip
x-oss-request-id
621B1DB98B61273931CB97B1
content-md5
/bAOACTA0CoKGqWC2cODqw==
x-swift-cachetime
86400
x-swift-savetime
Sun, 27 Feb 2022 06:44:09 GMT
content-length
55688
x-oss-object-type
Normal
x-oss-hash-crc64ecma
8675859113826473122
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1645944249
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=65214, s-maxage=86400
served-from
2.16.187.150
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
GB_LONDON_20860
eagleid
2ff62b1e16459442493216289e
x-oss-server-time
4
et_f.js
assets.alicdn.com/g/AWSC/et/1.62.1/ Frame 6061 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/AWSC/et/1.62.1/et_f.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=228606
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
16e7e09559097312d131e3a5d9171161528470f5365226fa83a3bee4314071c3

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Origin
https://promotion.aliexpress.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:16 GMT
content-encoding
br
x-oss-request-id
620088A51FC3B3323405DC60
content-md5
4NiYCFMG7NhygH1t2RM9TA==
x-swift-cachetime
3599
x-oss-hash-crc64ecma
679467694893097074
x-swift-savetime
Mon, 07 Feb 2022 02:49:10 GMT
content-length
31200
x-oss-object-type
Normal
last-modified
Mon, 07 Feb 2022 02:49:11 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1644202149
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=828639, s-maxage=3600
served-from
2.21.231.110
x-oss-storage-class
Standard
timing-allow-origin
*
network_info
US_CHICAGO_35994, GB_LONDON_20860
eagleid
2ff61c9716442021493351311e
x-oss-server-time
4
expires
Wed, 09 Mar 2022 02:47:55 GMT
ts
fourier.taobao.com/ Frame 6061 		0
0
rp
fourier.taobao.com/ Frame 6061 		0
0
/
acs.aliexpress.ru/h5/mtop.relationrecommend.aliexpressrecommend.recommend/1.0/ Frame 6061 		17 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://acs.aliexpress.ru/h5/mtop.relationrecommend.aliexpressrecommend.recommend/1.0/?jsv=2.6.1&appKey=24815441&t=1645965436761&sign=43d42b7e815989055f8ae1c6943d91fb&api=mtop.relationrecommend.AliexpressRecommend.recommend&v=1.0&jsonpIncPrefix=kangaroo&timeout=10000&type=originaljson&dataType=jsonp&isMajorRequest=true
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia/2.0.50/baxiaCommon.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
62.128.97.18 -, , ASN (),
Reverse DNS
Software
Tengine/Aserver / m.taobao.com
Resource Hash
17e9d257db75baa24d1ccbdab899706bbb67ee226f0bb00722c24c74d6055868

Request headers

Accept
application/json
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 27 Feb 2022 12:37:16 GMT
content-encoding
gzip
x-powered-by
m.taobao.com
s-rt2
0.112
s-rt
116
x-node
c233c7680330434e80a876c57bf0ae35
pragma
no-cache
x-aserver-sret
SUCCESS
server
Tengine/Aserver
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://promotion.aliexpress.ru
mtop-x-provider
21e3463dbdffc5a7858ab989767811b1574de2f70cec59122b271b4a117ff423
access-control-expose-headers
x-eagleeye-id
cache-control
no-cache
access-control-allow-credentials
true
x-eagleeye-id
211d460516459654367968166eedc1
timing-allow-origin
*
eagleeye-traceid
211d460516459654367968166eedc1
truncated
/ Frame 6518 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
773b8e2167621cf7d67f1c7673da9be972cfa1ffa9aebcc6ce83deabeb8e7d53

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/svg+xml
Arrow_1x.png
tlgr.org/img/tgme/ Frame 6518 		988 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlgr.org/img/tgme/Arrow_1x.png
Requested by
Host: tlgr.org
URL: https://tlgr.org/css/telegram.css?215
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
3b2212ef1c4d336fbd7983a732d88fa83423a25453209f02f18ab878218d505d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tlgr.org/css/telegram.css?215
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Sun, 27 Feb 2022 12:37:17 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
image/png
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Thu, 03 Mar 2022 12:37:16 GMT
Mobile1x.png
tlgr.org/img/tgme/ Frame 6518 		0
0
analytics.js
www.google-analytics.com/ Frame 6518 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tttttt.me
URL: https://tttttt.me/buhoblik_org_ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tttttt.me/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1944
date
Sun, 27 Feb 2022 12:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 27 Feb 2022 14:04:52 GMT
/
assets.alicdn.com/g/ Frame 6061 		502 B
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/??ae-ru/aer-gtm/main2.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/g-loader/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
82fe218fa264e98b0bb927b41f2dcb8e00c6ae070f985c669726b6d82ab78fde

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Origin
https://promotion.aliexpress.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:16 GMT
content-encoding
gzip
x-oss-request-id
621B705F1369473539F5AC80
content-md5
mrAkvrpM0sRa0GRDgPs0pA==
x-swift-cachetime
60
x-swift-savetime
Sun, 27 Feb 2022 12:36:47 GMT
content-length
360
x-oss-object-type
Normal
x-oss-hash-crc64ecma
17258456458180904391
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1645965407
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=35, s-maxage=60
served-from
2.16.187.13
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
GB_LONDON_20860
eagleid
2ff62b1d16459654071723989e
x-oss-server-time
2
r.png
retcode-us-west-1.arms.aliyuncs.com/ Frame 6061 		1 B
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://retcode-us-west-1.arms.aliyuncs.com/r.png?t=api&times=1&page=unknown_msite_aer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&tag=&release=&environment=prod&begin=1645965436763&api=acs.aliexpress.ru%2Fh5%2Fmtop.relationrecommend.aliexpressrecommend.recommend%2F1.0%2F&success=1&time=193&code=200&msg=%5B%22SUCCESS%3A%3A%E8%B0%83%E7%94%A8%E6%88%90%E5%8A%9F%22%5D&traceId=&pv_id=splzd0Xb5n5969bRgm69mXh36aUp&domain=promotion.aliexpress.ru&flag=1&sr=1600x1200&vp=15x15&ct=4g&uid=3ylmI0zq5Rt99bbvtnOwdmvqkgy8&sid=zglR10am5aj9R2bXhmzUvX86hv89&pid=f1fxt4k42w%407fd6d410b732d6b&_v=1.8.30&sampling=1&dl=https%3A%2F%2Fpromotion.aliexpress.ru%2Fwow%2Fgcp%2Faer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&z=l059bmm4&post_res=
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia/2.0.50/baxiaCommon.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.254.80.221 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 27 Feb 2022 12:37:17 GMT
server
nginx
timing-allow-origin
*
content-type
image/png
data.jsonp
ald-lamp-us.alicdn.com/bottom/16676503/aeCurrency=GBP/aeDevice=msite/aeLocale=en_US/aeRegion=GB/device=phone/ Frame 6061 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ald-lamp-us.alicdn.com/bottom/16676503/aeCurrency=GBP/aeDevice=msite/aeLocale=en_US/aeRegion=GB/device=phone/data.jsonp?cb=callback_16676503_aeCurrency_GBP_aeDevice_msite_aeLocale_en_US_aeRegion_GB_device_phone
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/??mui/feloader/5.0.5/feloader-min.js,rax-pkg/rax/1.2.0/index.js,code/npm/@ali/pnpm-uni--env/1.0.6/index.js,rax-pkg/universal-env/3.3.3/index.js,rax-pkg/rax-view/2.0.5/index.js,rax-pkg/rax-get-element-by-id/1.0.0/index.js,code/npm/@ali/gcom-gcp-hoist-non-react-statics/1.0.3/index.js,rax-pkg/rax-view/1.0.1/index.js,rax-pkg/rax-find-dom-node/1.0.0/index.js,rax-pkg/rax-refreshcontrol/1.0.0/index.js,rax-pkg/rax-scrollview/2.0.0/index.js,rax-pkg/rax-children/1.0.0/index.js,rax-pkg/rax-proptypes/1.0.0/index.js,rax-pkg/rax-recyclerview/1.1.2/index.js,code/npm/@ali/pcom-gcp-dom-driver/0.0.3/index.js,code/npm/@ali/gcom-gcp-core-render-v2/0.0.33/index.js,code/npm/@ali/pcom-fetch/2.0.9/index.js,code/npm/@ali/universal-tracker/3.0.7/index.js,code/npm/@ali/universal-mtop/5.2.2/index.js,code/npm/@ali/gfe-base-mtop/2.0.0/index.js,code/npm/@ali/gcom-core-render-helper/2.0.4/index.js,code/npm/@ali/gcom-gcp-ae-render-v2/0.0.22/index.js,code/npm/@ali/pcom-regenerator-runtime/1.0.2/index.js,mui/mtb-windvane/5.1.2/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.38.121.251 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers
resolve
/ Frame 6518 		0
0
gtm.js
www.googletagmanager.com/ Frame 6061 		225 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5RPK3ZC
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/??ae-ru/aer-gtm/main2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df4ebffffae8f41fa315db67bc90ff23bdc4106a452a40e53007261160648b60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68042
x-xss-protection
0
last-modified
Sun, 27 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 27 Feb 2022 12:37:16 GMT
analytics.js
www.google-analytics.com/ Frame 6061 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RPK3ZC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1945
date
Sun, 27 Feb 2022 12:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 27 Feb 2022 14:04:52 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 6061 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
9Xw6VF03PtUEQlmrj6Y+Ce+C7/LITtCY0yzldvFT1GP7hxgoKdprTLZseFq7HeHqI4gstmy6ThDVxwZ1SUQoBA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 27 Feb 2022 12:37:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.js
mc.yandex.ru/metrika/ Frame 6061 		199 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
80d405e729c9963fbe210196f78da6a44e841db7dba7b167cf2c0bd252a03de0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:17 GMT
content-encoding
br
last-modified
Fri, 18 Feb 2022 11:36:57 GMT
etag
"620f5aa9-1102e"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69678
expires
Sun, 27 Feb 2022 13:37:17 GMT
openapi.js
vk.com/js/api/ Frame 6061 		102 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?168
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv194-139-240-87.vk.com
Software
kittenx /
Resource Hash
2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:17 GMT
content-encoding
br
x-frontend
front623304
last-modified
Thu, 07 Oct 2021 11:12:43 GMT
server
kittenx
etag
"615ed62b-5a1f"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
23071
expires
Thu, 03 Mar 2022 12:37:17 GMT
code.js
top-fwz1.mail.ru/js/ Frame 6061 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Wed, 22 Dec 2021 12:22:53 GMT
server
nginx
etag
W/"61c3189d-6a23"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 27 Feb 2022 13:37:17 GMT
3946145095458190
connect.facebook.net/signals/config/ Frame 6061 		309 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/3946145095458190?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6eef0be5c4fb766cc41048f61c941cfa6e46317bfbc44904e2359eae1093027e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
90729
x-xss-protection
0
pragma
public
x-fb-debug
MzgrCto8w/O9FpeSCk4rTjsNA//0yn8D9uwGtCQYh4ckB8uYK0VNKSdB0LvTfwN5lD2v1L6JOW3M7X8GMMxxSQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 27 Feb 2022 12:37:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
29739640
mc.yandex.ru/watch/ Frame 6061 		754 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/29739640?wmode=7&page-url=https%3A%2F%2Fpromotion.aliexpress.ru%2Fwow%2Fgcp%2Faer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&page-ref=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnrnrlmt4hr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A682650824612%3Ahid%3A525988468%3Az%3A0%3Ai%3A20220227123717%3Aet%3A1645965437%3Ac%3A1%3Arn%3A528837173%3Arqn%3A1%3Au%3A1645965437908340974%3Aw%3A15x15%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1645965434126%3Ads%3A301%2C132%2C101%2C1%2C0%2C0%2C%2C1268%2C3%2C2162%2C2162%2C4%2C1814%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1645965437%3At%3AHomePage&t=gdpr(14)aw(1)ti(2)
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia/2.0.50/baxiaCommon.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
eab7eb65ce87abb2499c85b36b4d72fd2a339b720411064a552ba10699fb003d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 27-Feb-2022 12:37:17 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://promotion.aliexpress.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
754
x-xss-protection
1; mode=block
expires
Sun, 27-Feb-2022 12:37:17 GMT
64660789
mc.yandex.ru/watch/ Frame 6061 		773 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/64660789?wmode=7&page-url=https%3A%2F%2Fpromotion.aliexpress.ru%2Fwow%2Fgcp%2Faer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&page-ref=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnrnrlmt4hr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A1355996007203%3Ahid%3A525988468%3Az%3A0%3Ai%3A20220227123717%3Aet%3A1645965437%3Ac%3A1%3Arn%3A391769451%3Arqn%3A1%3Au%3A1645965437908340974%3Aw%3A15x15%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1645965434126%3Ads%3A301%2C132%2C101%2C1%2C0%2C0%2C%2C1268%2C3%2C2162%2C2162%2C4%2C1814%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1645965437%3At%3AHomePage&t=gdpr(14)aw(1)ti(2)
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia/2.0.50/baxiaCommon.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7c88eb90c6d58780bec6803eec6af7b0e86b1e4111c542a4fd7edf5ad5e2f7f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Feb 2022 12:37:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 27-Feb-2022 12:37:17 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://promotion.aliexpress.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
773
x-xss-protection
1; mode=block
expires
Sun, 27-Feb-2022 12:37:17 GMT
advert.gif
mc.yandex.ru/metrika/ Frame 6061 		43 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:17 GMT
last-modified
Fri, 18 Feb 2022 11:36:57 GMT
etag
"620f5aa9-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 27 Feb 2022 13:37:17 GMT
rtrg
vk.com/ Frame 6061 		49 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-510586-i0Nms&metatag_url=https%3A%2F%2Fpromotion.aliexpress.ru%2Fwow%2Fgcp%2Faer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&metatag_title=HomePage
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv194-139-240-87.vk.com
Software
kittenx / KPHP/7.4.110257
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:17 GMT
content-encoding
gzip
x-frontend
front623304
server
kittenx
x-powered-by
KPHP/7.4.110257
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
65
r.png
retcode-us-west-1.arms.aliyuncs.com/ Frame 6061 		1 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://retcode-us-west-1.arms.aliyuncs.com/r.png?t=api&times=1&page=unknown_msite_aer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&tag=&release=&environment=prod&begin=1645965437451&api=mc.yandex.ru%2Fwatch%2F**&success=1&time=62&code=200&msg=&traceId=&pv_id=splzd0Xb5n5969bRgm69mXh36aUp&domain=promotion.aliexpress.ru&flag=1&sr=1600x1200&vp=15x15&ct=4g&uid=6hl110qt5FI9yebj7nU0t9U63sXw&sid=zglR10am5aj9R2bXhmzUvX86hv89&pid=f1fxt4k42w%407fd6d410b732d6b&_v=1.8.30&sampling=1&dl=https%3A%2F%2Fpromotion.aliexpress.ru%2Fwow%2Fgcp%2Faer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&z=l059bmm5&post_res=
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia/2.0.50/baxiaCommon.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.254.80.221 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 27 Feb 2022 12:37:17 GMT
server
nginx
timing-allow-origin
*
content-type
image/png
r.png
retcode-us-west-1.arms.aliyuncs.com/ Frame 6061 		1 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://retcode-us-west-1.arms.aliyuncs.com/r.png?t=api&times=1&page=unknown_msite_aer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&tag=&release=&environment=prod&begin=1645965437452&api=mc.yandex.ru%2Fwatch%2F**&success=1&time=65&code=200&msg=&traceId=&pv_id=splzd0Xb5n5969bRgm69mXh36aUp&domain=promotion.aliexpress.ru&flag=1&sr=1600x1200&vp=15x15&ct=4g&uid=7wlqC0zR5z492IbbmnXkt2Iawy74&sid=zglR10am5aj9R2bXhmzUvX86hv89&pid=f1fxt4k42w%407fd6d410b732d6b&_v=1.8.30&sampling=1&dl=https%3A%2F%2Fpromotion.aliexpress.ru%2Fwow%2Fgcp%2Faer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&z=l059bmm6&post_res=
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia/2.0.50/baxiaCommon.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.254.80.221 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 27 Feb 2022 12:37:17 GMT
server
nginx
timing-allow-origin
*
content-type
image/png
/
www.facebook.com/tr/ Frame 6061 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3946145095458190&ev=PageView&dl=https%3A%2F%2Fpromotion.aliexpress.ru%2Fwow%2Fgcp%2Faer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&rl=https%3A%2F%2Fwww.buhoblik.org.ua%2F&if=true&ts=1645965437549&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&it=1645965437377&coo=false&exp=p1&rqm=GET
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sun, 27 Feb 2022 12:37:17 GMT
counter
top-fwz1.mail.ru/ Frame 6061 		43 B
1023 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3171181;u=https%3A//promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW;r=https%3A//www.buhoblik.org.ua/;st=1645965435930;pid=-;title=HomePage;s=1600*1200;vp=15*15;touch=0;hds=1;frame=1;flash=;sid=f35015b8402b3e69;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1645965437594%3A1645965437606%3A1%3Aa9cbd7721f04e3c080abe6799387bf70;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.05925638494238772
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 27 Feb 2022 12:37:17 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://promotion.aliexpress.ru
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://promotion.aliexpress.ru
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://promotion.aliexpress.ru
access-control-allow-headers
*
counter
top-fwz1.mail.ru/ Frame 6061 		43 B
1022 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3074137;u=https%3A//promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW;r=https%3A//www.buhoblik.org.ua/;st=1645965435930;pid=-;title=HomePage;s=1600*1200;vp=15*15;touch=0;hds=1;frame=1;flash=;sid=f35015b8402b3e69;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1645965437594%3A1645965437607%3A2%3Aa9cbd7721f04e3c080abe6799387bf70;opts=sec%2Cdl%2Cjst-gtag-ga-ym;visible=true;_=0.878938761340877
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 27 Feb 2022 12:37:17 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://promotion.aliexpress.ru
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://promotion.aliexpress.ru
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://promotion.aliexpress.ru
access-control-allow-headers
*
tracker
top-fwz1.mail.ru/ Frame 6061 		43 B
1023 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3171181;u=https%3A//promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW;r=https%3A//www.buhoblik.org.ua/;st=1645965435930;pid=-;s=1600*1200;vp=15*15;touch=0;hds=1;frame=1;flash=;sid=f35015b8402b3e69;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1645965434126/////1/2/302/302/434/343/435/536/537/539/1804/1814/1817/2162/2162/2166;ni=10//4g/0/0/;lvid=1645965437594%3A1645965437609%3A3%3Aa9cbd7721f04e3c080abe6799387bf70;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.8060393484513724;e=RT/load;et=1645965437608
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 27 Feb 2022 12:37:17 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://promotion.aliexpress.ru
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://promotion.aliexpress.ru
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://promotion.aliexpress.ru
access-control-allow-headers
*
tracker
top-fwz1.mail.ru/ Frame 6061 		43 B
1022 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3074137;u=https%3A//promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW;r=https%3A//www.buhoblik.org.ua/;st=1645965435930;pid=-;s=1600*1200;vp=15*15;touch=0;hds=1;frame=1;flash=;sid=f35015b8402b3e69;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1645965434126/////1/2/302/302/434/343/435/536/537/539/1804/1814/1817/2162/2162/2166;ni=10//4g/0/0/;lvid=1645965437594%3A1645965437609%3A4%3Aa9cbd7721f04e3c080abe6799387bf70;opts=sec%2Cdl%2Cjst-gtag-ga-ym;visible=true;_=0.7946605552941817;e=RT/load;et=1645965437608
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promotion.aliexpress.ru/wow/gcp/aer/channel/aer/tmall_localization/7pcZWCh8tW
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 27 Feb 2022 12:37:17 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://promotion.aliexpress.ru
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://promotion.aliexpress.ru
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://promotion.aliexpress.ru
access-control-allow-headers
*
r.png
retcode-us-west-1.arms.aliyuncs.com/ Frame 6061 		0
0
r.png
retcode-us-west-1.arms.aliyuncs.com/ Frame 6061 		0
0
g.gif
ru.mmstat.com/ Frame 6061 		0
0
pixel
fcmatch.google.com/ Frame 6061
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=aliexpress_adh&google_cm&google_hm=fF6iGqDyRm0CAQW7FWWOrWZd&t=16459654378811109
  • https://fcmatch.google.com/pixel?google_gm=AMnCDopDPOtZSdW2xHKLXyTBWZag7eVCG_08fEmKhGNFxGNXbzetKWOIRsBOyGnMYTAeQhR5zvHGRQLrDuOzZcFf1SmO6bc4RoMY5WUQRvzzEqXLa7LYNB0
0
0
/
g.alicdn.com/ Frame 6061 		0
0
aes.1.1
ru.mmstat.com/ Frame 6061 		0
0
aes.1.1
ru.mmstat.com/ Frame 6061 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA
Domain
ae01.alicdn.com
URL
https://ae01.alicdn.com/kf/H2111329c7f0e475aac3930a727edf058z.png
Domain
acs.aliexpress.com
URL
https://acs.aliexpress.com/h5/mtop.relationrecommend.aliexpressrecommend.recommend/1.0/?jsv=2.5.1&appKey=12574478&t=1645965429282&sign=f8f074e844e8d71aea68157e9993d566&api=mtop.relationrecommend.AliexpressRecommend.recommend&v=1.0&ecode=1&type=jsonp&dataType=jsonp&callback=mtopjsonp1&data=%7B%22appId%22%3A%2221144%22%2C%22params%22%3A%22%7B%5C%22locale%5C%22%3A%5C%22en_US%5C%22%2C%5C%22requiredModules%5C%22%3A%5C%22shading%5C%22%2C%5C%22osf%5C%22%3A%5C%22msite-header-home%5C%22%2C%5C%22language%5C%22%3A%5C%22en%5C%22%2C%5C%22site%5C%22%3A%5C%22glo%5C%22%2C%5C%22shipToCountry%5C%22%3A%5C%22UK%5C%22%2C%5C%22shipToCity%5C%22%3A%5C%22%5C%22%2C%5C%22clientType%5C%22%3A%5C%22msite%5C%22%2C%5C%22cookieId%5C%22%3A%5C%22empty%5C%22%2C%5C%22statusOfUsingPrivacy%5C%22%3A%5C%22%5C%22%7D%22%7D
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/gdpr.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-5VJNN2G
Domain
us.creativecdn.com
URL
https://us.creativecdn.com/tags?type=iframe&id=pr_Ss52YF3IAd5cEVfrVcQ0_home&id=pr_Ss52YF3IAd5cEVfrVcQ0_uid_unknown&id=pr_Ss52YF3IAd5cEVfrVcQ0_lid_Nn5mSSV5ON1M5rIw926F&su=https%3A%2F%2Fm.aliexpress.com%2F%3Ftracelog%3Dwwwhome2mobilesitehome%26aff_fcid%3D2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp%26tt%3DCPS_NORMAL%26aff_fsk%3D_9i9ptp%26aff_platform%3Dportals-promotion%26sk%3D_9i9ptp%26aff_trace_key%3D2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp%26terminal_id%3D613ea6ac684841029686c639709275a0&sr=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ts=1645965429303
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/pop-layer.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/gallery-9g91h~list-88mY4~slider-kTGCl~smart-banner~waterfall-VLHdM.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/smart-banner.css
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/smart-banner.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/alilog/??s/8.15.20/plugin/aplus_client.js,aplus_cplugin/0.7.11/toolkit.js,aplus_cplugin/0.7.11/monitor.js,s/8.15.20/plugin/aplus_ae.js,s/8.15.20/plugin/aplus_ac.js,s/8.15.20/aplus_int.js,s/8.15.20/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20220215204924
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/alilog/??s/8.15.20/plugin/aplus_client.js,aplus_cplugin/0.7.11/toolkit.js,aplus_cplugin/0.7.11/monitor.js,s/8.15.20/plugin/aplus_ae.js,s/8.15.20/plugin/aplus_ac.js,s/8.15.20/aplus_int.js,s/8.15.20/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20220215204924
Domain
fourier.taobao.com
URL
https://fourier.taobao.com/ts?url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&token=BAUFcdDAy58DWu_DB2b-qpH8FEg_wrlUl74YIQdqwTxLniUQzxLJJJNoqtpoxdEM&cna=fF6iGqDyRm0CAQW7FWWOrWZd&ext=1
Domain
fourier.taobao.com
URL
https://fourier.taobao.com/rp?ext=51&data=jm_fF6iGqDyRm0CAQW7FWWOrWZd&random=6105598764496198&href=https%3A%2F%2Fpromotion.aliexpress.ru%2Fwow%2Fgcp%2Faer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&protocol=https:
Domain
tlgr.org
URL
https://tlgr.org/img/tgme/Mobile1x.png?1
Domain
resolve
URL
tg:resolve?domain=buhoblik_org_ua
Domain
retcode-us-west-1.arms.aliyuncs.com
URL
https://retcode-us-west-1.arms.aliyuncs.com/r.png?t=resourceError&times=1&page=unknown_msite_aer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&tag=&release=&environment=prod&begin=1645965437866&src=https%3A%2F%2Fald-lamp-us.alicdn.com%2Fbottom%2F16676503%2FaeCurrency%3DGBP%2FaeDevice%3Dmsite%2FaeLocale%3Den_US%2FaeRegion%3DGB%2Fdevice%3Dphone%2Fdata.jsonp%3Fcb%3Dcallback_16676503_aeCurrency_GBP_aeDevice_msite_aeLocale_en_US_aeRegion_GB_device_phone&node_name=script&xpath=html.%20%3E%20head.%20%3E%20script.&sr=1600x1200&vp=15x15&ct=4g&uid=q4l6F0jX5vv96hbLaoU32kgyt8hC&sid=zglR10am5aj9R2bXhmzUvX86hv89&pid=f1fxt4k42w%407fd6d410b732d6b&_v=1.8.30&pv_id=splzd0Xb5n5969bRgm69mXh36aUp&sampling=1&z=l059bmm7
Domain
retcode-us-west-1.arms.aliyuncs.com
URL
https://retcode-us-west-1.arms.aliyuncs.com/r.png?t=sum&times=1&page=unknown_msite_aer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&tag=&release=&environment=prod&begin=1645965437877&key=unknown_msite_aer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW_default&val=1&group=default_group&sr=1600x1200&vp=15x15&ct=4g&uid=pjlvg09455w9n4b4noje36699R9a&sid=zglR10am5aj9R2bXhmzUvX86hv89&pid=f1fxt4k42w%407fd6d410b732d6b&_v=1.8.30&pv_id=splzd0Xb5n5969bRgm69mXh36aUp&sampling=1&z=l059bmm8
Domain
ru.mmstat.com
URL
https://ru.mmstat.com/g.gif?logtype=0&title=%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%20Tmall&pre=https%3A%2F%2Fwww.buhoblik.org.ua%2F&scr=1600x1200&_p_url=https%3A%2F%2Fpromotion.aliexpress.ru%2Fwow%2Fgcp%2Faer%2Fchannel%2Faer%2Ftmall_localization%2F7pcZWCh8tW&cna=fF6iGqDyRm0CAQW7FWWOrWZd&spm-cnt=a2g0n.tm800006433.0.0.540a653dnysdmP&aplus=&sidx=aplusSidx&pageid=17f3b2f64354331f21a1bb8e38191ec62068e162ec&dmtrack_b=%7Bifm%3D1%7Clogin%3D0%7D&dmtrack_c=%7Baep_usuc_f%3D-%7Caeu_cid%3D-%7D&ali_beacon_id=-&ali_apache_id=-&ali_apache_track=-&ali_apache_tracktmp=-&_p_uid=-&p=1&o=android&b=chrome86&s=1600x1200&w=webkit&ism=android&cache=28e9424&lver=8.15.20&jsver=aplus_int&pver=0.7.11&mansndlog=1&UTABTest=&_pw=15&_ph=15&tag=0&stag=2&lstag=0&_slog=0
Domain
fcmatch.google.com
URL
https://fcmatch.google.com/pixel?google_gm=AMnCDopDPOtZSdW2xHKLXyTBWZag7eVCG_08fEmKhGNFxGNXbzetKWOIRsBOyGnMYTAeQhR5zvHGRQLrDuOzZcFf1SmO6bc4RoMY5WUQRvzzEqXLa7LYNB0
Domain
g.alicdn.com
URL
https://g.alicdn.com/??code/npm/@ali/gmod-mobile-header/1.0.42/index.js,code/npm/@ali/gcom-gcp-rax-view/1.0.0/index.js,code/npm/@ali/gcom-gcp-rax-text/1.2.1/index.js,rax-pkg/rax-text/1.2.1/index.js,code/npm/@ali/gcom-pagebuilder-bindingx/0.0.3/index.js,pmod/pagebuilder_basic_structure/5.1.0/index.js,code/npm/@ali/gcom-gcp-use-image-source/1.0.9/index.js,rax-pkg/rax-image/2.2.6/index.js,rax-pkg/rax-view/2.0.5/index.js,code/npm/@ali/pcom-mtop/4.1.3/index.js,code/npm/@ali/gcom-pagebuilder-query-string/5.0.4/index.js,code/npm/@ali/gcom-pagebuilder-j-cookie/5.0.5/index.js,code/npm/@ali/pcom-navbar-height/1.0.6/index.js,code/npm/@ali/pcom-iphonex-helper/1.0.3/index.js,code/npm/@ali/gcom-link/5.0.14/index.js,code/npm/@ali/gcom-gcp-rax-link/1.0.0/index.js,gmod/aer_scroll-image-gcp/5.0.63/index.js,code/npm/@ali/gcom-pagebuilder-scrollview/0.0.2/index.js,code/npm/@ali/gcom-pagebuilder-j-picture/5.0.18/index.js,gmod/aeplus-sliding-banners/1.0.20/index.js,code/npm/@ali/gcom-pagebuilder-slider/5.0.6/index.js,rax-pkg/rax-image/1.1.0/index.js,gmod/promocodes2/1.0.44/index.js,code/npm/@ali/gcom-click-datatrack/0.1.2/index.js,code/npm/@ali/gcom-copy-to-clipboard/0.1.2/index.js,code/npm/@ali/gcom-pagebuilder-countdown/0.0.1/index.js,rax-pkg/rax-view/1.0.1/index.js,gmod/aer_gcp-text-module/0.0.94/index.js,gmod/aer_image-hot-area-gcp/5.0.165/index.js,gmod/products-carousel/1.0.25/index.js,code/npm/@ali/gcom-product-image/5.0.21/index.js
Domain
ru.mmstat.com
URL
https://ru.mmstat.com/aes.1.1
Domain
ru.mmstat.com
URL
https://ru.mmstat.com/aes.1.1

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 function| structuredClone function| JCaption undefined| $ function| jQuery object| jQuery112408465070611174577 object| _gaq object| adsbygoogle object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| _gat object| gaGlobal object| google_js_reporting_queue number| google_srt object| googletag object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_max_ad_content_rating boolean| google_apltlad object| google_sv_map string| google_user_agent_client_hint object| globalAmlAds boolean| __utlWdgt number| tmod boolean| _gfp_a_ object| google_persistent_state_async function| google_spfd number| google_lpabyc function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| hb_dmx_res object| __utl object| punycode object| ___utl_cnf_version_cb_w.uptolike.com boolean| ___utl_cnf_version_req_w.uptolike.com string| ___utl_cnf_version_w.uptolike.com object| cb__utl_cb_share_164596542669259 boolean| __utl_initialized_w.uptolike.com number| __utl_sequence_generator object| __uptolike_widgets_settings___utl-buttons-1 string| __utl_vp_id boolean| __utl_retransmitted boolean| __utl_global_click_registered boolean| __utl_global_key_registered object| __utl_shared object| __utl_imp_instance object| M object| __utl_listeners_window-click object| __utl_listeners_window-keyup boolean| __utl_selection_tracker_installed boolean| __utl_imp_flag_1435493 function| html2canvas function| _open boolean| utl_ext_req_w.uptolike.com boolean| __utl_zp_clk_inst boolean| __utl__ext__counters boolean| utl_wmdetect object| Ya object| yaCounter23414332 object| bada string| ref_url undefined| iframe function| _0x28d9 object| a0_0x2ae5 function| a0_0x5b7b function| __TPJSL_callback function| __TPJSL

198 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: 9c7f0ef13bf14486a3e151c10f1fe840
www.buhoblik.org.ua/ Name: 54328dacc8285ec61fa19f90fac03db6
Value: 6bfecd8b9a404c3c43a2f63efc591aeb
.buhoblik.org.ua/ Name: __utma
Value: 21695912.1015733277.1645965426.1645965426.1645965426.1
.buhoblik.org.ua/ Name: __utmc
Value: 21695912
.buhoblik.org.ua/ Name: __utmz
Value: 21695912.1645965426.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.buhoblik.org.ua/ Name: __utmt
Value: 1
.buhoblik.org.ua/ Name: __utmb
Value: 21695912.1.10.1645965426
www.buhoblik.org.ua/ Name:
Value: store.test
.buhoblik.org.ua/ Name: __gads
Value: ID=a20a60b35d37f34a-221997004dcd0075:T=1645965426:RT=1645965426:S=ALNI_MYT-37_WuCzyFlVqBKOPEduGezGLQ
.w.uptolike.com/ Name: utl_id2
Value: 26272720808
.w.uptolike.com/ Name: utl_dat
Value: "CNL/vNnzLxAAINLQh+LzLyjS0Ifi8y8wAP9U/mXxl30mtXP6m07hI8o="
xn--r1a.website/ Name: stel_ssid
Value: 66eaf519fd2dac2fee_11913283025236480920
.admixer.net/ Name: am-uid
Value: 9c7f0ef13bf14486a3e151c10f1fe840
www.buhoblik.org.ua/ Name: am-uid
Value: 9c7f0ef13bf14486a3e151c10f1fe840
.creativecdn.com/ Name: u
Value: 9tR9d801nIrqaqseOqgy
.creativecdn.com/ Name: ts
Value: 1645965426
.doubleclick.net/ Name: IDE
Value: AHWqTUkVY0gsarmYx_CZuoHsQaJsc3ltX-WQiyiGKHayhFoxUtvltLfMX3ZeE6bqnK4
.exchange.buzzoola.com/ Name: uuid
Value: 40bad7bc-7cae-44e6-43fe-eded19609f0d
.openx.net/ Name: i
Value: d75c6c07-27ba-4d63-a641-2b9c4304dd50|1645965427
.casalemedia.com/ Name: CMID
Value: Yhtwcl5ycqmpYOSz6UUk4AAA
.casalemedia.com/ Name: CMPS
Value: 685
.360yield.com/ Name: tuuid
Value: 044f2d76-f928-4006-bd2e-0fe6e10f71fa
.360yield.com/ Name: tuuid_lu
Value: 1645965427
ads.us.e-planning.net/ Name: CT
Value: 1
.adnxs.com/ Name: uuid2
Value: 4418958318859421880
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: tuuid
Value: 3860bc89-5a6a-513a-819c-705ae3870029
.betweendigital.com/ Name: ss
Value: 1
pa.tns-ua.com/ Name: uid
Value: Z2EEA4DAA7304715A0EF8731BBD1AA66
.e-planning.net/ Name: E
Value: AK8Muliy-wRda6Lv
a4p.adpartner.pro/ Name: apuid
Value: 37b14d72-a586-49d4-a426-9540954c1d8c
.bidswitch.net/ Name: tuuid
Value: 95e8d83a-fe79-43ad-91a3-e598c0ed80d2
.bidswitch.net/ Name: c
Value: 1645965427
.bidswitch.net/ Name: tuuid_lu
Value: 1645965427
.casalemedia.com/ Name: CMPRO
Value: 208
.betweendigital.com/ Name: ut
Value: YhtwcwACjFhBXRe1i3yby87vm4pDRW5hrn1eAw==
.adriver.ru/ Name: cid
Value: Arj_GHUZkxFqjrXofVMAdNw
.zeotap.com/ Name: zc
Value: f6be7388-17f3-4901-6016-e1f77c543494
.rutarget.ru/ Name: userId
Value: A3tGZSnWbmlK
.erne.co/ Name: u
Value: 3N7nau82IAbJMyXUyl5SYZH1
.adtelligent.com/ Name: vmuid
Value: b7234acbe79ee4e9
.adtelligent.com/ Name: a319130
Value: 3378992c-92b1-4273-a6fb-33f74c532efd
tttttt.me/ Name: stel_ssid
Value: 6888a559ed5c8e0b58_8385986838996986409
.richaudience.com/ Name: avcid-zeo-uid
Value: f6be7388-17f3-4901-6016-e1f77c543494
.tapad.com/ Name: TapAd_TS
Value: 1645965427572
.tapad.com/ Name: TapAd_DID
Value: 6c0ced92-214c-4ca6-be3c-da9ec837c836
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In>n=h7a!]tbPl1M>e)ZlrFUfJ+tGXxoyJ'Ebs:rONEE`7lTB#]uPOx0zaNacJVHcZga3If)y3KL9D3I?+WLT]l-
.casalemedia.com/ Name: CMRUM3
Value: 2d621b70732760CAESEIJXoAri2nEnrlL0YO51rVE
.adsrvr.org/ Name: TDID
Value: 27c6900a-cee8-43c7-9df9-2ddc4dabbe41
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adfarm1.adition.com/ Name: UserID1
Value: 7069367679324256399
.console.adtarget.com.tr/ Name: vmuid
Value: 52b2c000b24abaaf
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.tidaltv.com/ Name: tidal_ttid
Value: 8a4920dd-277f-4dac-8660-00336f8a4069
.demdex.net/ Name: demdex
Value: 29053329692172150550491571047363694804
.rlcdn.com/ Name: rlas3
Value: 92LIHLia5Je4pEugQKix6BzgLj6B5bCgUwH3YqimJWo=
.adtelligent.com/ Name: a307558
Value: 6e5eded3-942a-44eb-bd19-df6f50bd6027
.quantserve.com/ Name: mc
Value: 621b7073-b4479-10679-b147c
.weborama.fr/ Name: AFFICHE_W
Value: o31UP4OOgZyj78
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjAxtDK0MAIAZ5+/GgkAAAA="
.adtelligent.com/ Name: a309255
Value: 3d2edc91-37a2-417d-971b-2361a6782c20
.dpm.demdex.net/ Name: dpm
Value: 29053329692172150550491571047363694804
.adtelligent.com/ Name: a289656
Value: 044f2d76-f928-4006-bd2e-0fe6e10f71fa
.rlcdn.com/ Name: pxrc
Value: CPPg7ZAGEgUI6AcQABIGCOndKhAA
.adtelligent.com/ Name: a297253
Value: 4418958318859421880
.spotim.market/ Name: vmuid
Value: b7234acbe79ee4e9
.agkn.com/ Name: u
Value: C|0CEAprizzKa4s8wAAAAAAAQ13AQCAAQpAAAAAAA
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16860%3b%24o%3d23110
.adtelligent.com/ Name: a323546
Value: Yhtwcl5ycqmpYOSz6UUk4AAA&208
.agkn.com/ Name: ab
Value: 0001%3ANw2aJYgsiLp%2BXSS%2BTCUy01P%2BGdUx12kp
.adtelligent.com/ Name: a309017
Value: no-consent
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 6d5d579c15eba577a4d9ce916bc9f447
.buhoblik.org.ua/ Name: _ym_uid
Value: 1645965428340091172
.buhoblik.org.ua/ Name: _ym_d
Value: 1645965428
.console.adtarget.com.tr/ Name: a307080
Value: 9tR9d801nIrqaqseOqgy
.spotim.market/ Name: a323548
Value: 4418958318859421880
.console.adtarget.com.tr/ Name: a544989
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a550214
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a306708
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a550070
Value: ${USER_ID}
.krxd.net/ Name: _kuid_
Value: OsAN_LK8
.yandex.ru/ Name: yandexuid
Value: 6976669381645965427
.yandex.ru/ Name: yuidss
Value: 6976669381645965427
mc.yandex.ru/ Name: yabs-sid
Value: 2106902001645965427
.yandex.ru/ Name: i
Value: +maT95sxA+L1rYjOpJcQa/nmI6r2t2IRJwf5E42Vtvy8lYKqO9fXPmD9c9JA12jCUGNasuy8tnMfnbAgxwKUP3Sz+xU=
.yandex.ru/ Name: ymex
Value: 1677501427.yrts.1645965427#1677501427.yrtsi.1645965427
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
.fwmrm.net/ Name: _uid
Value: "e5a8f_7069367679312634035"
.buhoblik.org.ua/ Name: _ym_isad
Value: 2
.adtelligent.com/ Name: p440467
Value: 9c7f0ef13bf14486a3e151c10f1fe840
.adform.net/ Name: C
Value: 1
.adtelligent.com/ Name: a307971
Value: AK8Muliy-wRda6Lv
.adscale.de/ Name: uu
Value: 82130a575f9b48f79038e1fa8ec040ca
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YhtwdAAJVqlBjABB
.adform.net/ Name: uid
Value: 4005301367276200709
.turn.com/ Name: uid
Value: 7453319797025266452
.simpli.fi/ Name: suid
Value: 755BE3F1940749AAA01EF15FFD42AA6F
.yahoo.com/ Name: A3
Value: d=AQABBHNwG2ICEEwPjrlPzHDm2QYOl-bpAqMFEgEBAQHBHGIlYgAAAAAA_eMAAA&S=AQAAAlxOYJXsqKbpo3Q9IlkRyQY
.mathtag.com/ Name: uuid
Value: 14b9621b-7074-4700-b2b7-e8effa70f27c
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YhtwdAAJVqlBjABB&KRTB&22978-YhtwdAAJVqlBjABB&KRTB&23194-YhtwdAAJVqlBjABB&KRTB&23209-YhtwdAAJVqlBjABB
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-27c6900a-cee8-43c7-9df9-2ddc4dabbe41&KRTB&22918-27c6900a-cee8-43c7-9df9-2ddc4dabbe41&KRTB&23031-27c6900a-cee8-43c7-9df9-2ddc4dabbe41
.acuityplatform.com/ Name: auid
Value: 650334208010
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBP05ldDCImGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT9OZXQwiI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~23h0
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7453319797025266452
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4418958318859421880&KRTB&23339-4418958318859421880
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:3e4a621b-7073-4400-b55d-fec87dfdb1e5&KRTB&16736-uid:3e4a621b-7073-4400-b55d-fec87dfdb1e5&KRTB&23019-uid:3e4a621b-7073-4400-b55d-fec87dfdb1e5&KRTB&23208-uid:3e4a621b-7073-4400-b55d-fec87dfdb1e5
.w55c.net/ Name: wfivefivec
Value: Dn9tcXnO1NoiNu5
.creative-serving.com/ Name: tuuid
Value: ae4a4d29-f74c-4365-9a48-0327b8509eb6
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-650334208010
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELVkCeXf2tVkPs6BYHi1NQE&KRTB&16514-CAESELVkCeXf2tVkPs6BYHi1NQE&KRTB&23025-CAESELVkCeXf2tVkPs6BYHi1NQE
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4005301367276200709&KRTB&23263-4005301367276200709
.w55c.net/ Name: matchpubmatic
Value: 5
.bidr.io/ Name: bito
Value: AAE1Bk7ENuEAAAMbf4yWtw
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:Dn9tcXnO1NoiNu5
.adtelligent.com/ Name: a281178
Value: C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
ads.playground.xyz/ Name: connect.sid
Value: s%3ApXRMf_-v9zgVC_CIhRc_Zb09Vw7XBEDO.RUgD5gyRj5hSvaIpijwfTY2WRWNFg38BqCExWsUhw5s
.inmobi.com/ Name: idsp_c
Value: f4160edd-d830-44aa-8346-f3071a4ea177
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-a8f54778-bdc6-42f7-8ac2-831a3a82fb04
.pubmatic.com/ Name: KRTBCOOKIE_1233
Value: 23223-f4160edd-d830-44aa-8346-f3071a4ea177&KRTB&23266-f4160edd-d830-44aa-8346-f3071a4ea177&KRTB&23285-f4160edd-d830-44aa-8346-f3071a4ea177
.quantserve.com/ Name: d
Value: ELgBDgHFJYEO-TA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-6bf6T-i1_B7y5_8Z6LzmHO-z_BTy5_oZ6OaIbeOt&KRTB&19420-6bf6T-i1_B7y5_8Z6LzmHO-z_BTy5_oZ6OaIbeOt&KRTB&22979-6bf6T-i1_B7y5_8Z6LzmHO-z_BTy5_oZ6OaIbeOt
.ipredictive.com/ Name: cu
Value: fa3d3b1f-97c9-11ec-8681-7f9b9a30e98b|1645965428418
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 21c1e29f-2f09-4d3f-9526-5b49436d0f16
beacon.lynx.cognitivlabs.com/ Name: ss
Value: CN7rGKTrk4JpgE0nrxOY1ooyhNL%2Ba5mqwWOdl2GvGZQOmEJ%2FWPweuEHIChtd%2Bl4uhtq%2BjIMBx0Lr6%2B1VOorJwQ%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-fa3d3b1f-97c9-11ec-8681-7f9b9a30e98b&KRTB&23011-fa3d3b1f-97c9-11ec-8681-7f9b9a30e98b
.console.adtarget.com.tr/ Name: a307565
Value: 82130a575f9b48f79038e1fa8ec040ca
.tribalfusion.com/ Name: ANON_ID
Value: aKnseFxNeThBeZdwQMhENfnlafTPv81UZaS7UbTZbZcqcsCbYVSWipBpG21j9PjiEQyosbtAfFMgqZdSDrdBn3Ult
.aliexpress.com/ Name: acs_usuc_t
Value: x_csrf=grf8afyt898g&acs_rt=613ea6ac684841029686c639709275a0
.aliexpress.com/ Name: aeu_cid
Value: 2975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp
.aliexpress.com/ Name: xman_t
Value: 2qzqE6L/oXxVsEr2vNJAFFeG+tgt7eT7xIlbwLdU4hS1kolTmdhAC2JfdqAF6Nix
.aliexpress.com/ Name: xman_f
Value: CPn6jgjkg3/f4VRL0P78fgi2+H0K25EFWIgMXf4QVbrhRN602IboPw21mV/wa+NLnUnzTbvJxQ0z1DK2p10nkIDimrhpvQY8oE+74lu9MD7Xu57ox7gkgA==
.aliexpress.com/ Name: af_ss_a
Value: 1
.ibillboard.com/ Name: ibbid
Value: BBID-01-03206794285498474-16536888
.audrte.com/ Name: arcki2
Value: a66-KRB3chpSkOEirx-pvIuuQ!20210804!1645965428567
pool.admedo.com/ Name: tuuid
Value: b4e5a64a-cae4-4f24-8433-cf119ae27d3f
pool.admedo.com/ Name: c
Value: 1645965428
pool.admedo.com/ Name: tuuid_lu
Value: 1645965428
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-95e8d83a-fe79-43ad-91a3-e598c0ed80d2
.aliexpress.com/ Name: xman_us_f
Value: x_locale=en_US&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%222975fc768476407cae4aebae5ed988a3-1645965428478-05052-_9i9ptp%22%2C%22affiliateKey%22%3A%22_9i9ptp%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%224982151647%22%2C%22tagtime%22%3A1645965428478%7D&acs_rt=613ea6ac684841029686c639709275a0
.vk.com/ Name: remixlang
Value: 3
.mxptint.net/ Name: mxpim
Value: R1B331_EBF2A9E7_B9CA815.1.0000000000000000621B7074
.eyeota.net/ Name: SERVERID
Value: 17042~DM
.casalemedia.com/ Name: CMST
Value: Yhtwc2IbcHQA
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B331_EBF2A9E7_B9CA815&KRTB&23092-R1B331_EBF2A9E7_B9CA815
.criteo.com/ Name: uid
Value: cd985754-8bf2-44a2-93fe-6f2ddd7cfa7e
.aliexpress.com/ Name: aep_usuc_f
Value: site=glo&c_tp=GBP&region=UK&b_locale=en_US
.aliexpress.com/ Name: ali_apache_id
Value: 11.176.98.60.1645965429365.162464.6
m.aliexpress.com/ Name: JSESSIONID
Value: AFFD0A98D3AF473C628527E07F445707
.aliexpress.com/ Name: intl_locale
Value: en_US
.adscale.de/ Name: cct
Value: 1645965429559
.m6r.eu/ Name: test
Value: true
.m6r.eu/ Name: cct
Value: 1645965429844
.m6r.eu/ Name: id
Value: dd7335c7f01b654fe560394598aef8ba
.ih.adscale.de/ Name: tu
Value: 4#514223212#48~dd7335c7f01b654fe560394598aef8ba~457212~0~0#101~BBID-01-03206794285498474-16536888~457212~0~0#38~CAESEBxUmhEwp5DLsmGzLkjCocY~457212~0~0#39~14b9621b-7074-4700-b2b7-e8effa70f27c~457212~0~0#40~cd985754-8bf2-44a2-93fe-6f2ddd7cfa7e~457212~0~0#42~4005301367276200709~457212~0~0#75~4418958318859421880~457212~0~0#63~Yhtwcl5ycqmpYOSz6UUk4AAA&208~457212~0~0
.aliexpress.com/ Name: account_v
Value: 1
.aliexpress.com/ Name: intl_common_forever
Value: cjtJ0nfnbqfD82UH2SpjFRauaQBGSDIbqoZUb4Y25lvcpC5JUtvNlQ==
.aliexpress.com/ Name: e_id
Value: pt60
.pubmatic.com/ Name: SPugT
Value: 1645965429
sonar.semantiqo.com/ Name: semantiqo_a
Value: 5e86154933854d3aad90e5affddd0142
www.buhoblik.org.ua/ Name: dbl
Value: 5e86154933854d3aad90e5affddd0142
www.buhoblik.org.ua/ Name: fco2r34
Value: 5e86154933854d3aad90e5affddd0142
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156631:4
.pubmatic.com/ Name: DPSync3
Value: 1647129600%3A219_221_228_236_201_197%7C1646524800%3A164%7C1646006400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1646524800%3A38_2_223_15%7C1647216000%3A35%7C1647129600%3A244_5_166_7_104_222_96_56_57_233_55_239_165_13_21_178_22_176_240_234_48_220_204_99_189_54_8_3_71_231%7C1651104000%3A69%7C1648512000%3A224%7C1646784000%3A63
.caltat.com/ Name: caltat
Value: 864a4a736f7b4b02af733b0ba74584da
.caltat.com/ Name: off
Value: 864a4a736f7b4b02af733b0ba74584da
.fiftyt.com/ Name: fifid
Value: bc9c547b-1ff2-4767-589b-159cdfda49a5
.fiftyt.com/ Name: cs
Value: MTY0NTk2NTQzMHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fIQs_-8KgVNGZ2j-S-62fomPJTZkruOD9eItqMNvKv_t
.fiftyt.com/ Name: fppm
Value: 20220227123710
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEsxTTE1t0w2NE1NSjQ1N080SbFMTrU0NEtKtkwzMTFnAIIk6YKyv%2F%2F%2F%2F%2BcHcSAAALr6DpY%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIki4oA1JQAAARHwFk"
io.narrative.io/ Name: io.narrative.guid.v2
Value: fbaa37a0-97c9-11ec-a833-0aa6849ebafd
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-72e88b04-b8e8-421f-8585-88b85cbe05d8-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-72e88b04-b8e8-421f-8585-88b85cbe05d8-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-72e88b04-b8e8-421f-8585-88b85cbe05d8-003
.onaudience.com/ Name: cookie
Value: 0448051f5661928c
.onaudience.com/ Name: done_redirects161
Value: 1
.exelator.com/ Name: EE
Value: "ed4b3944472496857416b44296b66658"
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1b7edf7a-c160-49f2-5f35-1cd1a7c9c87c.aiusgwGtR1Rls%2BX2KrghkpqsZuF8tFX8NxgLkWggm2k
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AG37fesFgSfJfNRzRp8nIfAW7FWU.%2BuZ9FIk%2B7R%2Bez%2Fa9SuIwx5Le2R2Vs1KBhQdUU4r6jQk
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSE1xSTJ2NLExMTcyMTSzMLU3MTQLMnExMjSLMnMzMzUYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzrnFGUn5uq4JuflJmTugIsE%252BYatMjCbEl%252BUWb6InenxUUpaQyLSopPBe%252BfOwMAMoUrqw%253D%253D"
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-G37fesFgSfJfNRzRp8nIfAW7FWU
.pubmatic.com/ Name: PugT
Value: 1645965431
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjq_Kro_P28OhAFGAEgASgCMgsIsumTtJP-vDoQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zsc
Value: %869%E1%C9%9FW+%2FD%40%B6w%8F%28%80K%81%1F%F8%7B%7Fhj%86%A2%0FR%FCw%D6%C8%9D%E9M.%86%99%1E%D3+%CB%84%8C%1D%F5%93H%C4Y%ECaP%5D%9B%1E%90%C2G%83R%CE%9F%24%AD%9Cs%CD%5EK%A2%19%5B%7B%5C%9DH%B7f%0A%B9%EF%A5%0C%DBy%CC%F4%14%13%FD%5D%F5%5Dfy%21%B9x%E0%9C%A5h%07%83%85%D1%DC%0C%3D3%07%AAc%F3%00%06%1B7v%8F%7C%D1%B6ZA%A2%EF5%9D%90%B2%3A%0C%82s%5B3%17%EA%06%1C%0D%02%10%40%C2%1BR%A7%EAy%E7%24%B5%3E%05%FF%F1%E9y%D7%0D%90%1F
.c.appier.net/ Name: _auid
Value: iQNgnEpnCke1T01nd3AbYg
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-iQNgnEpnCke1T01nd3AbYg&KRTB&23130-iQNgnEpnCke1T01nd3AbYg

14 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://idsync.rlcdn.com/420486.gif?partner_uid=C4697041-BCB3-4A6D-939B-5CDD1FB15A7B
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://tags.bluekai.com/site/87734?id=f6be7388-17f3-4901-6016-e1f77c543494&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6be7388-17f3-4901-6016-e1f77c543494&reqId=fef2c603-6922-4f0a-65b9-6023fa0b5d65&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a66-KRB3chpSkOEirx-pvIuuQ&gdpr=0&gdpr_consent=&google_gid=CAESEK9J4WAvga8tWavco6cQPmw&google_cver=1
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yhtwcl5ycqmpYOSz6UUk4AAAANAAAAIB&google_cver=1&google_push=AYg5qPI9WRjlLQ4oLdsbSFY23HHoFZpMruhbFRugcF3PbjbDKoEl2lTgri1vCSTALEo1LCLPPq5AuFp2GL7YOxgHU-nyTB_kE60&google_gid=CAESEBzS-aUUohAkaWeLQz-GfuA
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://a.audrte.com/a?adform_uid=4005301367276200709
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://mbest.aliexpress.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript warning URL: https://assets.alicdn.com/g/secdev/sufei_data/3.9.9/index.js
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://assets.alicdn.com/g??xlly/spl/rp.js,secdev/nsv/1.0.78/ns_e_88_3_f.js?v=1(Line 1)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://ald-lamp-us.alicdn.com/bottom/16676503/aeCurrency=GBP/aeDevice=msite/aeLocale=en_US/aeRegion=GB/device=phone/data.jsonp?cb=callback_16676503_aeCurrency_GBP_aeDevice_msite_aeLocale_en_US_aeRegion_GB_device_phone
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acs.aliexpress.com
acs.aliexpress.ru
ad.360yield.com
ad.adriver.ru
ad.doubleclick.net
ad.turn.com
admixer-sync.rutarget.ru
ads.betweendigital.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adscale-emea.adnxs.com
adservice.google.co.uk
adservice.google.com
ae01.alicdn.com
af.click.ru
ald-lamp-us.alicdn.com
ap.lijit.com
api.pinterest.com
assets.alicdn.com
aud.pubmatic.com
avto-oblik.com.ua
b1h-apac1.zemanta.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bid.g.doubleclick.net
buhoblik.org.ua
c1.adform.net
cat.nl.eu.criteo.com
cdn.admixer.net
cdn3.caltat.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
connect.mail.ru
connect.ok.ru
counter.yadro.ru
creativecdn.com
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
d.agkn.com
d.turn.com
dis.criteo.com
dm.hybrid.ai
dmp.adform.net
dmp.v.fwmrm.net
docker.creative-serving.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
engine.widespace.com
eus.rubiconproject.com
exchange.buzzoola.com
fcmatch.google.com
fo-ssp.omnitagjs.com
fonts.googleapis.com
fourier.taobao.com
g.alicdn.com
gcdn.2mdn.net
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
grsync.ru
i.alicdn.com
i.e-planning.net
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
intercollectcontact.ru
inv-nets.admixer.net
io.narrative.io
jaclick.ru
js.adscale.de
js.cookieless-data.com
loada.exelator.com
loadeu.exelator.com
m.aliexpress.com
m.trafmag.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mbest.aliexpress.com
mc.yandex.ru
mweb.ck.inmobi.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
promotion.aliexpress.ru
ps.eyeota.net
pubmatic-match.dotomi.com
px.owneriq.net
r1---sn-aigzrney.c.2mdn.net
resolve
retcode-us-west-1.arms.aliyuncs.com
rtb.adentifi.com
rtb.gumgum.com
rtb.nl.eu.criteo.com
rtb.openx.net
ru.mmstat.com
s.adtelligent.com
s.click.aliexpress.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
sale.aliexpress.com
secure-assets.rubiconproject.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
sonar.semantiqo.com
spl.zeotap.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.tnsis.ru
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.trafmag.com
tags.bluekai.com
tags.crwdcntrl.net
tlgr.org
token.rubiconproject.com
top-fwz1.mail.ru
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
tttttt.me
u-ams02.e-planning.net
um.simpli.fi
umagnet.ru
ums.acuityplatform.com
ups.analytics.yahoo.com
us.creativecdn.com
usermatch.krxd.net
visitor.fiftyt.com
vk.com
w.uptolike.com
www.aliexpress.com
www.buhoblik.org.ua
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.ua
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xn--r1a.website
acs.aliexpress.com
ae01.alicdn.com
assets.alicdn.com
cm.g.doubleclick.net
fcmatch.google.com
fourier.taobao.com
g.alicdn.com
resolve
retcode-us-west-1.arms.aliyuncs.com
ru.mmstat.com
tlgr.org
us.creativecdn.com
www.google-analytics.com
www.googletagmanager.com
104.109.78.125
104.111.214.74
104.111.215.191
104.111.216.213
104.111.242.53
104.111.245.23
104.111.246.208
104.36.113.23
104.45.178.220
138.201.34.239
142.250.181.226
142.250.184.226
142.250.185.230
142.250.185.66
146.0.227.110
15.197.193.217
15.235.15.221
151.101.193.44
151.101.194.49
154.59.122.79
168.119.146.39
169.197.150.8
169.50.137.182
172.105.232.22
178.250.0.162
178.250.0.163
178.250.2.135
178.250.2.148
18.156.0.31
18.156.47.94
18.158.238.206
18.198.69.109
18.200.150.135
18.215.193.43
18.66.97.9
184.30.24.193
185.184.8.65
185.255.84.150
185.29.132.241
185.33.221.157
185.33.221.88
185.64.189.110
185.64.189.229
185.64.190.80
185.86.139.113
188.42.29.165
193.200.65.5
193.200.65.6
194.247.175.26
195.209.108.48
198.47.127.20
2.18.233.180
2.18.234.21
2.19.35.65
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
205.234.175.175
212.82.100.182
213.19.147.44
216.52.2.39
216.52.2.48
217.197.112.80
217.20.147.3
217.69.133.145
23.108.101.160
23.88.75.189
2600:1f18:6593:f600:6235:8475:2669:58c5
2600:9000:225e:d200:f:4f64:8940:93a1
2606:4700:10::ac43:db6
2606:4700::6812:d05
2620:116:800b:21:d7a4:3372:2f4a:f3b0
2620:116:800d:21:fcb8:22d2:d390:5f1b
2800:3f0:4002:814::2003
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:812::2008
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:4009:2::7
2a00:7a60:0:109e::1
2a02:2638:1::11
2a02:2638:1::2
2a02:2638:1::3
2a02:6b8::1:119
2a02:fa8:8806:20::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:200::300
2a05:d018:24:b002:5c97:83c8:403c:77a7
2a05:d018:d29:3601:21e5:efde:30c9:e168
2a06:6440:0:2d02::1
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5139::2
3.120.18.167
3.123.170.95
3.124.210.90
3.124.66.16
3.226.143.160
34.102.253.54
34.226.104.236
34.254.143.3
34.98.67.61
35.178.150.13
35.186.253.211
35.201.81.244
35.201.96.126
35.210.53.219
35.227.248.159
35.244.174.68
37.157.4.39
37.157.6.247
37.18.16.16
37.252.173.22
38.27.122.126
4.78.226.233
46.249.52.249
47.254.80.221
5.178.65.246
5.178.65.252
51.158.29.12
51.68.138.57
51.89.9.253
52.214.126.220
52.30.14.23
52.30.16.91
52.31.233.74
52.50.195.14
52.72.71.171
52.95.115.196
54.159.94.231
54.175.198.118
54.220.99.171
54.77.66.11
62.109.14.161
62.128.97.18
62.128.97.27
62.149.0.72
62.209.227.211
63.35.242.195
66.102.1.155
66.155.71.150
67.202.105.31
69.173.144.138
69.173.144.139
72.246.100.37
72.251.241.196
72.251.244.142
77.95.131.196
79.125.14.53
8.38.121.251
8.45.52.250
80.64.106.147
85.114.159.93
87.240.139.194
88.212.201.210
92.63.105.49
94.100.180.55
94.23.171.206
95.163.114.204
95.216.186.40
95.217.109.66
002a93857ca724d4828a347c2b419a56eabfd275f206a5febc48246ccfe5830d
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02e56f5bcfacdf85d37dc3bebb529b7d2ed1b3fffa6bc2ec9cc1901aaf511003
04c90b0ba631784a0792ba07d64b32b5ff1bb7da762013ffba5cbdf393486679
052155039c13b233f324882bd10dc38150b5bd74fb44f27c0ead4d518fbc901b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f
0a40dea2ad8c38d54437a638dc460a19581857e6d8cf1883b5df58896bfa2489
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b756f68aa36e5c8d6ea6fae7f9eae98c630bbb649e7e4bd3c23d10935ea8db5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9c1ce7a0c734069cb1851b786baae966be5d2adbe767af8beb058c7abfc663
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d368a3f4de2702ff7f83e290a3805103d9115dcec00c9eb8d0e554a22c5360c
0e37b322e72a40e6eb6c777b54ef25476570a4c90cbcbce46870c68378c11776
0f52c390172a9fab0048f48d3f39a67a379d27d8732713abf9b0a53627d9fe95
0f5dca73f1a959c3e024d125cf728f08efcabc93844d8e5e8e65c8b97340597d
0f84bd73c88c389d112f8ed3e53a66e76486943f3642de33d6df1c853f735a60
0fb81bc5ede47e8d0090ad3d00c4f88cb5cd73418675820b9c6f5532cc001c91
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1181008c4d533ae52f2533ef482bb326ae0df168e10175d15c74a63ac86531d4
122d6b58b333c8af7efc027b9f273a06ad58f412b10384f3dfe53c9ad796c818
12320029514bb6d4a30b39f5b4676d304ad251db3ebcc3b0c2e4940c11892791
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13f503cf4ddfcfbd2c6ae6d2c91efe80ab888b1e1a8da4de8fbcf33e62e9434a
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
16e7e09559097312d131e3a5d9171161528470f5365226fa83a3bee4314071c3
17e9d257db75baa24d1ccbdab899706bbb67ee226f0bb00722c24c74d6055868
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189e086179829589e7fa5318e47729233188aac3d5750c6947c0f639d3c8eb91
19e6154985fea8e850ee60b4a3f1f8d13f6443c9bec5f09bb2c629f3fd618f8a
1aea81dad83bfd0e177d11efafccddeaac16fcbdc8cefa699d03e7bbbf52ff3b
1aeda7bc76ae0865178647144bdd612b499c12e5435264a96c931d569db8518f
1ceec8e1180b36a40742677a5e18cb3c7c441cede741dd89342255ac52826d19
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e589330bfeb3738300c3c79d0bd373cd6f17cd8904927c7b99a06de2d1e647e
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
242981f6fa8a3b8441019f98c71dfe7717a5c7f9e9b46d9126a6b5b8a982e086
2457f1105373752b385b0c0263ce46b21d60c9aa05ecbf30c150543d6c23ebb5
24c64f9acdc0c1aed672b1250839441fb16bd0688faad5e11f88f07a7de9ec4b
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
298d09855a457bc16086d83348399bd6c731ba38ec454ebb8da26e20dd70b2c1
2a1d55064262f36814dac4b445c08287a2d7984302b00b64e1ee5147092ec26a
2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677
2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5b2833db1493d3cf56c173ea1bbebb6e07b2871466493c41e9c683f0485188
319fdadf6d1c781c0eebbefde3ce1dfab1ee3c8ae1aa0b41ca34a45cded31af3
33f9b37b3d213f4a58930a3fa37c70bf2aa96478c2a82862d7bbe25e1452f11f
3462b221efc9a61e307181739415363c06e7b4502f274c976aa1bcf8293c88d9
348872f490779df623733a20c3497d0a33df0c6b3c2590fc3f891bd0b5a71bad
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
35c77074524fa5705ce81fb0cea86d0ec3af63e64d8219d9722e8b947d09323f
3697414b3557c1ae429623cdd979e8b21f4c933e9bba38164223ea0c8f2ebc27
36a8cc71b8c024b285afdf588deb67f2f3ae0b44bb438c65bb9b62a1247c3e3f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38b480f40774eaa74499488cd393080f9921e5b0a90ac8910e012c96089d3711
38d66f6deda717910858b961474a7d146dca5a004e34c0b02a31093786aae24b
38f6197388e4772c9c1649bef507ece5981404356171bbcafe865e4ed96b77c2
39d7baa5797d401733cfc40ff26c35e4f4d7318ffcaa221ecf767b4f33bb26cc
3aaa0be695adfb21b768884f153eb655991369756fe3da973639f579120a9b4b
3b2212ef1c4d336fbd7983a732d88fa83423a25453209f02f18ab878218d505d
3bbeaab1c83e939c9b2c5a1a229424e3f3df77c006316d2bbb8e4acb0e590639
3bf9331c87b26cf2ef461c5ea891c2838e476391317591cfdfb04afa95b992e6
3d0103b1c78a6e300fd6f14467dcf1b136fef8923ccdfeec07eff96ee7db0e88
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f13c18a72dbb2df0bec3bab6ed0bf00ae54cd5ab23f21a412cda735ee4e1fda
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
3f7ba43a7daf36caf4c56bf56b9575d17a96703abc0cb44216f3b4b6f447ec43
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4056b8e90cd0620319a93b3b313f2429e2c5bd2e35b6cf71ef25a69e6f6c7035
4253fe42887769f5f1418000c895e4cccbf80965d7ff486df74907f83b0e3271
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
42768a6b84a7a71d0ea3fc6b4acb685af136e5183ebe96797e0b3cf3d5bf3c1f
43a96ef996cc66db1c3b6cc8f901c3a32a60e211a375b643e6c97eccf9a29b02
451dd6e4f595e6dc51f0aa21c7e44219004bcc154d7c724bdbb52ac76325899e
4565f4c6f59851be31514e8cc34781d3238b46053b33cc9fb160b4bc68f1edb6
46f94822c9e2e2862eac657c0481eda56f28b5fb7c60d8c0a44782a1976349e3
4743f2ef01932050c5df8ba6f03838be97b81a13a321821c20dbb25cf85ccdb6
47562c2764c531648d14e409561f3356736bbe3ed2db8a8be2c8beac26ee0fc3
47700e2d5c3b715c8e53b53121b15b0aa12abd63838dcdf4a440f2401486c819
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c9d4c7de428659c0bf883ab5abff3388164c16a1018775bb9310b483fd2112
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a8a58134ab0ffbb7251e7015612cdc8633a8c663ef5e2bb94328c3ba53dd390
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8e4d438e09aaf31dde6966bf4cbc44567ad930c8a172d7bb42dc9f1c8d8ff8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0f7d6cd4d99651989ba65d381ebd0fa32320971b0b89c34545a5b5905fcd2a
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51016ca52f4b5ea24337df4e3555e8982a386b8cbf81d3064a5022d856688a62
51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb
5390f6455a99d4f463557077d0d8d6fde198f1ddf1b40117409bc9ddbe764764
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56d989eabce7e1f6ba7b90ccae9a241398f2f92e80315d15a48f9c12ac0f36fa
58b4190d6003b87e433cf7f59d6443ffdc502abea85c5d5e59901f7a99976574
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5ae832fce3a62e8ca665034351571312bcf0e165109a303f27d44a18e1bc1f24
5b37c6289564e9724a454126196e3a307e20141dae4efdf2071d521c4076c4fb
5c183fa20c0bf98aff3e4ba06652efde4af407eec9f7df9cd67f75e4109d2cde
5c5be8d9643a9a669eb68411e6afb121aac57f140a775b972ec356a003a9ff13
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61677a3f2ff6ec220eae2b4fc8e33ef34d88e8d02fd64361ce0a7d5ec0d381c0
61a94f7e2a0d91c354bb6ec664ffd12df241169facc846d4a9b6bfb150237804
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
63bef1d74ed191475aa9d30d4c2af73f6498500bed3116cff62e7bd1d39706e6
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6eef0be5c4fb766cc41048f61c941cfa6e46317bfbc44904e2359eae1093027e
704d188fe6affad634eb81f2d001965fdc2ddc1eebe234842131c0ba0c9ffa07
7285b8c32c9483640548695c65632dc011de983749565ac77bd3e204d68092f0
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
75bd1f81af15637152a8cd0c38b2f71b346f7000c3401ddef0a71b9d04963e41
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
773b8e2167621cf7d67f1c7673da9be972cfa1ffa9aebcc6ce83deabeb8e7d53
77e8da00b8af80823d41c6efdd3f8a691e2869b573ec1e34e75cd93858bcf87f
7926e7c0bfde1a0464ced343534d773e12bf3a68bfde1ad6a1a49689da448565
7bb3346371cffae91e494ffea471d08ebeaeac780114953e17419eb9bf93ff95
7c8898172b879d771a77be7f5b2133f8ccdd26eaafb36f653a0ca0ebce0216fb
7c88eb90c6d58780bec6803eec6af7b0e86b1e4111c542a4fd7edf5ad5e2f7f5
7eb61e8b34f5dc6e65454562fc59107335bce8f97f69958143d5b679be7fccbd
80d405e729c9963fbe210196f78da6a44e841db7dba7b167cf2c0bd252a03de0
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
82fe218fa264e98b0bb927b41f2dcb8e00c6ae070f985c669726b6d82ab78fde
83347cadda078bd6fac74dee71deaa2cea28e5abcd538796c2613cbc525034a2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84283b0271462df7595314fa8ab57070ed633174a851712bed2bfd8e6bd92117
86f12d5c396c1b426187f71edd0a4e757d3f51381bbcad2eab9b0f380aed8387
88467b23c1044f571783e76997720036df1c0a9925eee5f428c7ff150fa7da56
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
89c114dc23d61c6b428f26c214e96d1fd49b43c8f777c8fcbb9ffdee7a84d81f
8b1bd3302e48da84dcfd582c50ae0816b6dec5eaf83a8ce4dcc788618c9a222b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7dda5241b0d8ed74e8c166f09df11b1cd1df29ddc0c4f738d80b5a963ad0de
8dfbfa16c85400143f85eb24eef8df723fd19c190f841c2c5ff22b8d0a5eeb09
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fd5f6e7503d4078925f3fada4d3b42ec4e036bf844ee62621f9c6c0272a1495
902b3d837f74b6e15fec7697c020b7213161452ba5dc70b257b646fb70f6ac0f
94a3b97e6641533ac08a62974b3a281bcced3e00b53b11356a50499ac265a38f
9528347301e7b95c857e757982f0df2c444f3634bec61131eef9fa34c6da3e53
971fdcab3ba510789903db0ad9ef8e1cfa1c549774ae463b6098c9c5ef8b0132
9737cc5ec6da98d55f817723b2b1feda5365be989c02249118437032a1997f0c
97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
999c516b768f9e07bbfc4cc22032bf7170a14489d42e11b7e132928b129f07d0
9a9ae18df2794e90c3f0657da4efd2ee7cb9c7dd294f1f3a9199e4f8bab554f3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d4a77889881ada9156715bad4ef920eb20033e76573a6d0f7046bfdc50ab4da
9dfa629f6e589820f635505baf15af345cb6b3d6fb89126f5bf75cba3046630e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3b4dc4c2ed28128fe6f558edf9050b776aa6f5b804d67a6a1ed7a2bff815b2b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d35007c83b3689910808811412e63293a2ae2abf1180a2dbaf4b3f7bb91ce9
a52796ef339ed1f412652a5d8b44162c56a4600e2142bd7997280b8fbc1d19bd
a5999cec348d9c44155de3607778eab37958803f0e379211a327cb5b5f69b2db
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73f6c353f01bb98e7471301365d4980abae560de372434b11827dc67b2115bf
a8a1c2515e0a3440fe696cc38f430fbbefc90619234c8f2e9b93310b74c43f2b
a98293d4d1a6ae871a36ad4da373c68925c1f14e88d3d8db727e8f742820cff9
a9a3283fa8d717e99ea603ac26c140b81eda2b068878aa285fd90bb5f04ff42c
aa2af225ec93f0e37c04e93c2b5047f0fe755c01f737bb4b32b7661afe88ad50
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad8d6790c4653e3bd078031ffcd5b9c231056162ff04ae386ad85fb74e89407e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f8d546d6bab8c3c218725bd914e0ee71c8487cafb78a3a1b37ca32aac2f613
b4981c765154808ec515d06b756dc5eddb67c169c513a0eadf832791504e886f
b4da382f3b34b73d6fc49ecdf47e7d2b2a7e1f6d443a67bad1ba596c8cfcd482
b52fba8bca5ca47409e89cc4e112997434e9353d0612f5fb6c5e8ea19ad82c32
b5e583a9f3d2a7736c83798ee35eb3f12f34525fe62275c2a02b21b19c5cde9e
b735de9b9bdaa18424e1b72ea3719cc58643bcc4a716ef4277ea2546ae0562eb
b792352f321b7f3e1c7b0880264ff80763fff0d50d9ab390524f8a293f2c1ae8
b9631df5c739304eed163112461c1d75560d970df2ec05a6f4f98cc404538cab
b97330a96d3fca3dd40767f06fea5d420dd01a93f4170733ad7fea14b9b10f06
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
c17f151fd60c41040675f971088a27c74af61947031761835c4953518e972ac7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2
c2b11e588d432e134f26de8fac2e3e00a09926f0787a483027eede5999226c09
c3e63ad6bd6cb434f1bc88eb5edcd200091ed2211a0e0271e1499cfc37c53d26
c4545ea775b4d568be77c65ae999a56d7a3d62f832427801973bfed3dc9d814c
c6d254ee6b05a14666952b2b7629dedc518103bfed8a8d6ee0c1cbe28f76c6fd
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9383630e500a2bb009e1035ef32d000b8d7651b00c886a6d2152906a9a9276d
caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c7c00b9ede97cb54cc4452bd754f9c78fa157842beb9ef770c29b154bcafa1
d55d7104a0d0ff35d25e1a137a9aab4df566ceb08866807e019434ac45bcc704
d5c69343f17def5f178ebc0445c80f25da743b7f53322c65fbb894324145399d
d7deab4404990ff1ecf888da33a2fb7a62c3b578b675f3e3aab49cc49cdf3846
d8fbad75e931316d854b870fc239f47d04ec576146f5ee6ef580e9459223e9a4
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
dbd537d7101cf34603baa6cd6b9f804777edb4a56a57da428cfb939981553e2c
dbfa2bd61cc30a71987bdd71297f481e0666bd87caad3f5d02b13a1893769541
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de9d6d150bc2f51be3d9c5fe8d3bb9d2fc12410697b9ad0dd7ea466f8b0697ba
def453926bf1e0d62bf8a4cf5c409dd333a049f547e470a509cc738bede438c7
df4ebffffae8f41fa315db67bc90ff23bdc4106a452a40e53007261160648b60
dfb51a77a70ed38db9330f3c37cbb927f065a9a19b2ccd0edccc98dc6fd734ae
e014e7dceeb622bcfbedaf73c99bd47b9252f8a4575c642ff7533cbd3b0ff7d2
e0346cc1e49850292b40d7ecbf1a35a78c362476640781830ac342e20162e702
e13f343cddcc83d9228bb7e59febba86094fc1ecb9068a58ee7b26ea639d7d93
e1a9f29f42c8aded9c06916867c167eeefff784bb887ea25d10959df0bbf25ec
e2d9112492a92b8c963f9ded23ac179a118b82c32fe8d6d28c218abc5a076173
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6972fe2e229ab6115456a139aa95cd8ba67c16ff866efcc1bd6e0cce6407c91
e9df065a4265ceef7e776ac1b504700b7af4163f586350718b2fe9494fbe6bcc
ea8613c817ac6ecd46330d4b6448e16aceaf10e7c35099314ebb3b4b4e9e132c
eab7eb65ce87abb2499c85b36b4d72fd2a339b720411064a552ba10699fb003d
eb67f0a083db90b7da9b98a8a8a78ac8ab2c5c7f813126927f7282a16a8abc0f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7fe20346e3acd2c5d6a647a4a448a239f7b0d929d9333196b960d8076c33db
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
f1a47e61dfbe2a0ba893af1d972ab9dafc04d96f5e816f7516f4c5414bd8b849
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047
f431b1d76451b28796405fad59a9a6dc4ab02749f31ff19726eeae3baac0fd7c
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f63adf045186a7ff8708597a5a8e9fb9ec71f2cba7c710bf01cbd26d1e389742
f6f67f34429e4f5b499cf08636daf3d8cd7bb9d719d69dfa1adb356fd4e5373a
f7f94ac32deb285513cdf9b998e0d9fb1bcbc548fe2f3c95da38c6b2970518e7
fa5b8b694f7f4d9a486ca2b5aef7ffeadf37b02f9e3b0d83e564551e0506af31
fc65a27b3d731f9eb9d14d541add2a9d706f3be387b3c6d1e050c1da81bc00c9
fd1aa5b4be8b21532f3bd6273986d67e89fcaa61412ac143c28d49d41ccc6bae
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb