vsim.ua Open in urlscan Pro
31.41.220.94 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vsim.ua/
Effective URL:
https://vsim.ua/
Submission: On April 05 via api (April 5th 2022, 8:39:36 am UTC) from GB — Scanned from GB

Summary HTTP 246 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 46 IPs in 10 countries across 31 domains to perform 246 HTTP transactions. The main IP is 31.41.220.94, located in Ukraine and belongs to BESTHOSTING-AS, UA. The main domain is vsim.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 4th 2021. Valid for: a year.

This is the only time vsim.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 46	31.41.220.94 31.41.220.94	42655 (BESTHOSTI...) (BESTHOSTING-AS)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
8	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a00:1450:400... 2a00:1450:4001:829::200d	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 3	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	79.171.117.17 79.171.117.17	64494 (VARITI-AS) (VARITI-AS)
4	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
9	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.174.47.89 52.174.47.89	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2	31.41.216.82 31.41.216.82	42655 (BESTHOSTI...) (BESTHOSTING-AS)
1	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 6	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.32.59.34 23.32.59.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 2	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	137.74.6.209 137.74.6.209	16276 (OVH) (OVH)
1 2	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2 4	34.240.82.67 34.240.82.67	16509 (AMAZON-02) (AMAZON-02)
19	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
6 8	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3 7	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:215... 2600:9000:2156:1c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
17	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.20.87 51.89.20.87	16276 (OVH) (OVH)
246	46

46 31.41.220.94 (Ukraine) 1 redirects

ASN42655 (BESTHOSTING-AS, UA)
PTR: dedic.dc.besthosting.ua

vsim.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7daf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)

leokross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.174.47.89 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.41.216.82 (Ukraine)

ASN42655 (BESTHOSTING-AS, UA)
PTR: dedic.dc.besthosting.ua

tracker_beam.20minut.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.248 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.74.6.209 (Warsaw, Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.240.82.67 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-82-67.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:1c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.20.87 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p19.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	vsim.ua 1 redirects vsim.ua	993 KB
44	googlesyndication.com 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125	433 KB
30	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 257	471 KB
28	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 206 ad.doubleclick.net — Cisco Umbrella Rank: 190 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	277 KB
23	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 706 static.adsafeprotected.com — Cisco Umbrella Rank: 524 dt.adsafeprotected.com — Cisco Umbrella Rank: 468	201 KB
11	adtelligent.com 1 redirects player.adtelligent.com — Cisco Umbrella Rank: 4490 ghb.adtelligent.com — Cisco Umbrella Rank: 5454 sync.adtelligent.com — Cisco Umbrella Rank: 3777	310 KB
11	google.com accounts.google.com — Cisco Umbrella Rank: 82 ampcid.google.com — Cisco Umbrella Rank: 1701 adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 7	75 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	189 KB
8	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 470 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	7 KB
8	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 25164 id.gravitec.net — Cisco Umbrella Rank: 135497	58 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	6 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	13 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 389 mug.criteo.com — Cisco Umbrella Rank: 2685	1 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 229	117 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	198 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 896	38 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 585	139 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 6033	1 KB
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446	164 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5023	914 B
2	20minut.ua tracker_beam.20minut.ua	135 B
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 50299 api.gravitec.media — Cisco Umbrella Rank: 39742	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 607	525 B
1	trafmag.com t.trafmag.com — Cisco Umbrella Rank: 6602	351 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 6183	259 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5802	169 B
1	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 18460	373 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	43 KB
1	leokross.com leokross.com — Cisco Umbrella Rank: 455355
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1445	37 KB
246	31

	Domain	Requested by
46	vsim.ua	1 redirects vsim.ua
30	s0.2mdn.net	vsim.ua s0.2mdn.net 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
22	pagead2.googlesyndication.com	5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com securepubads.g.doubleclick.net
19	tpc.googlesyndication.com	5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com
17	dt.adsafeprotected.com	5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com vsim.ua
9	securepubads.g.doubleclick.net	vsim.ua securepubads.g.doubleclick.net www.googletagservices.com
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	www.googletagservices.com	5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com securepubads.g.doubleclick.net fw.adsafeprotected.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	cdn.gravitec.net	vsim.ua cdn.gravitec.net
6	ib.adnxs.com	2 redirects player.adtelligent.com googleads.g.doubleclick.net
5	www.google.com	5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	ghb.adtelligent.com	player.adtelligent.com
5	www.facebook.com	vsim.ua connect.facebook.net
4	cdnjs.cloudflare.com	s0.2mdn.net
4	googleads4.g.doubleclick.net	vsim.ua
4	fw.adsafeprotected.com	2 redirects 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
4	googleads.g.doubleclick.net	5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com vsim.ua
4	player.adtelligent.com	vsim.ua player.adtelligent.com
4	connect.facebook.net	vsim.ua connect.facebook.net
3	5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	unpkg.com	2 redirects vsim.ua
3	accounts.google.com	vsim.ua
2	static.xx.fbcdn.net	www.facebook.com
2	mug.criteo.com	vsim.ua
2	gum.criteo.com	1 redirects
2	ad.doubleclick.net	www.googletagservices.com
2	static.adsafeprotected.com	5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
2	sync.adtelligent.com	1 redirects vsim.ua
2	pbjs.e-planning.net	1 redirects vsim.ua
2	hbopenbid.pubmatic.com	player.adtelligent.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	tracker_beam.20minut.ua	vsim.ua
2	www.google-analytics.com	vsim.ua www.google-analytics.com
1	id5-sync.com	player.adtelligent.com
1	t.trafmag.com	vsim.ua
1	a4p.adpartner.pro	1 redirects
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	adtelligent-d.openx.net	player.adtelligent.com
1	htlb.casalemedia.com	player.adtelligent.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.gravitec.media	cdn.gravitec.media
1	ampcid.google.com	www.google-analytics.com
1	cdn.gravitec.media	cdn.gravitec.net
1	id.gravitec.net	cdn.gravitec.net
1	www.googletagmanager.com	vsim.ua
1	leokross.com	vsim.ua
1	www.googleoptimize.com	vsim.ua
246	49

This site contains links to these domains. Also see Links.

Domain
vn.20minut.ua
zt.20minut.ua
te.20minut.ua
kazatin.com
invite.viber.com
t.me
www.facebook.com
news.google.com
www.instagram.com
www.besthosting.ua
ua.depositphotos.com

Subject Issuer	Validity	Valid
vsim.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-04` - `2022-10-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-12` - `2022-04-12`	3 months	crt.sh
leokross.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
player.adtelligent.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
cdn.gravitec.media R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
api.gravitec.media R3	`2022-02-15` - `2022-05-16`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-02-06` - `2022-05-07`	3 months	crt.sh
*.20minut.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-18` - `2022-10-18`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://vsim.ua/
Frame ID: 4E14F314ED0323887B571B2D9C8EA2A2
Requests: 103 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 61FFEABAB4452A55FB7CA1D40A81DBCF
Requests: 1 HTTP requests in this frame

Frame: https://vsim.ua/site_login/iframe
Frame ID: B65D64343EFA10FA656313765F94EF73
Requests: 3 HTTP requests in this frame

Frame: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9301BC08103F28CB703836432498D5A5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 83417D99936C0CAAF6D45E36F963E7B7
Requests: 1 HTTP requests in this frame

Frame: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 640AD8AE7ABCF601921EB9BD5E3A6506
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARj1yLvBATAB&v=APEucNWlDhsMNKz5tQEBCZH7-XENKRkObYhubDutu_bCGCkAym_ckoxeEfVa4PaEHDnBpbrf-_RKValKxpTSKCtOCz3PVgV77CeC0oXO7O6xHL2am6IyfsI3Yss3XlP-AsOw1rxSbWQaj-oSMrKUR_IXlewSUOTAFbPF8HMTpkVfF4WNKhKMMeA
Frame ID: BFA4071609C4814BC6932D922DFD23D5
Requests: 5 HTTP requests in this frame

Frame: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8295847E4F1F223C94C808B41D4E827D
Requests: 27 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyxJk4elQ15OAAZo6solrfX3UBrE5ndUTpjneRrTgVmAJQQKuUtEkGJy0l3l4DpyKbQyzYvqQUTNtMjUUMm-sPnj6TbNRBxjtAIh8jRMp2FOdMkCRbhypdVwUiVb78FLvl2kf99-NeGnAaRrxpoh3JfuMbcqHaYpvkd7UVkB2QxQBMhozMl8opFcMCIi0QqaL0lTf4TVctJAKfvZT7O5KLijDieqW69w00y1VsVCJipwjgv6nTotQqvt5ceU4tgTBmttpFjB4bXBeNy47Ahz9B63qF2BjF9annOMgyIny1xQMKvXwuobebfr-xZlxunh23y-qPhPy21gI_&sai=AMfl-YS2OiZ1KABI7uOabjSUjHkjJAgAtywz966kYP3p4OIhGHXE2yAxpPOwT2YTDZQe-6ZkKZ98pxc9CIKilI1GpgDjTACvkB9aV-CxFnRM5B0Kz4oshYJ7GTv3q84UotY&sig=Cg0ArKJSzHdM-PlKuXr3EAE&uach_m=[UACH]&adurl=
Frame ID: 3596776B66A4AA1EC0C1332C11F3DC82
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv_KJrvOsMRvOPlQ7IQkxycABOowrSsLspzrp1CHnbY5851A2U_r-_Fcqbhg6BDLfUhf_vzgnRFYL6N_AHwjXGcWYZcD9DGBHIXreJEdV4uuIa_Q5--yqygda1fXV98q_xEhXcQ_CfBzY88QzkBrDkp3N4JEyXeyg4nmzJlm8yBUtbIC0FypmBVF7S6JjYEycqsRQDsOd4f-pl-v8fLe-9UYocSvA9w3c7XwAQXSjf4usx0tGpM2HSDUbS7afKKD6A5Rq-_AYH6sMSqNpcz1TXgidNtwyA_QB5UtdL2oYVpJ0DVMyVoFy71SD6-G20uFBI0hP6W-oW2w&sai=AMfl-YR6LGrWv_oe-0ofBmldj2gyRzxy4Q9b1Y8drXVgSNqeS5R0xnhOcVI3Z0lJ8b7_7M0dxbpf_PH80BtPoR3tvhreBasWqvVr7ULJzp8WcraM2994I7WpOMwqTRc2NpU&sig=Cg0ArKJSzJwXvsfKCgHUEAE&uach_m=[UACH]&adurl=
Frame ID: CBCA586D232213966166E412D5802041
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARjttLvBATAB&v=APEucNVBPwQ1r1g2-fk7vhSaWSrHstAfs6xdurM13pmy1BW7GL4OGAkQ70Q6MPo23fZZNL4CTzE61i7J5hzxx5ZVTYFJxy-Pdmi9771pargCxrQQxYMHk0n2FwkljOrMHyfXpGnd3OHSpaJHxLzvoOMcGbgmbT51g6TT5Ze6kb8Fou5Bvh57pyQ
Frame ID: 5FCDAFDEBAA2417F43627F049D4FEE28
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 4727D3291CD9521CFA36EE296F924289
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3D4691FCA753FADBD008FB52323C16F3
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: BD7177D9387339F8B7B972DBA795C9B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 506F9B089A7125A1F9F20BCD5C4B4262
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 634565DA22E13CD4292D3B3983B20366
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 55AFEF9012A3DA597045C4183CF0A516
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
Frame ID: 5A59D7693BEF2E01F3899003BF4002F2
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
Frame ID: 0A7DD52247EE452610869F651ED85E5B
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df295d875221e8c%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ffff66e53a1202c%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250
Frame ID: 5BE4C0CA8F367026A447FFD42355C3B0
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78925D8A56E37E07748235FB804E65BF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E45BC13C83EE8E09542BBE1EA52219FA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Всім - Новини Хмельницького

Page URL History Show full URLs

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

246
Requests

93 %
HTTPS

48 %
IPv6

31
Domains

49
Subdomains

46
IPs

10
Countries

3623 kB
Transfer

9239 kB
Size

31
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://vn.20minut.ua/
Title: Вінниця

Search URL Search Domain Scan URL

URL: https://zt.20minut.ua/
Title: Житомир

Search URL Search Domain Scan URL

URL: https://te.20minut.ua/
Title: Тернопіль

Search URL Search Domain Scan URL

URL: https://kazatin.com/
Title: Козятин

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQAlCG5A7vvn5UlcXTVOPYYe8%2BNbbSdYNqt%2FAkWqrcA8b94WcKGEqaRwpKqWVh9M

Search URL Search Domain Scan URL

URL: https://t.me/vsimnews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vsim.ua/

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMOzqjwswxLKjAw?hl=uk&gl=UA&ceid=UA%3Auk

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vsim_ka/

Search URL Search Domain Scan URL

URL: http://www.besthosting.ua/

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://unpkg.com/imask HTTP 302
https://unpkg.com/imask@6.4.2 HTTP 302
https://unpkg.com/imask@6.4.2/dist/imask.js

Request Chain 73

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.252141023382513&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=13137260-70c3-48c5-972b-c1e75e9eb25e HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.252141023382513&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=13137260-70c3-48c5-972b-c1e75e9eb25e

Request Chain 78

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6e018d51-1f59-456d-a627-5d6e165e5080

Request Chain 79

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=04e32365f15e1b3a

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1

Request Chain 107

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkwAPb-BMp0tcSvQjQ28YwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDijUMc3UNyh2Hx67I2egjU&google_cver=1

Request Chain 109

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg1OTE0MzMzODAyNzA1MTAwMQ%3D%3D

Request Chain 122

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/949060/60756785/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fvsim.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7eb6d20f-b5d9-8286-5449-979d620dc0cb,c:8TKaHh,sl:outOfView,em:true,fr:false,thd:1,mn:app23ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t27mNt3+11%7C12%7C13%7C14*.949060-60756785%7C141%7C151%7C16%7C17,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:e5f07e05-b4bb-11ec-adcd-066e0ff6d4ed,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://www.googletagservices.com/dcm/dcmads.js

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1

Request Chain 132

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkwAPb-BMp0tcSvQjQ28YwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDijUMc3UNyh2Hx67I2egjU&google_cver=1

Request Chain 134

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg1OTE0MzMzODAyNzA1MTAwMQ%3D%3D

Request Chain 137

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/949060/60756784/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fvsim.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:396b463c-b35d-5e28-6c69-81a2e35fb148,c:8TKaK2,sl:outOfView,em:true,fr:false,thd:1,mn:app03ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:i,cc:NaN.NaN.1192.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t27mNvP+11%7C12%7C13%7C141%7C142%7C143%7C15*.949060-60756784%7C151%7C16%7C17,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:22,oid:e6042cd5-b4bb-11ec-b03b-0a6fa201f3de,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://www.googletagservices.com/dcm/dcmads.js

Request Chain 211

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=6ZgikXxaWGdWdURLc1RIbEUwQ2dqV3Vvb3d6UE1aQ2EvWE80TEQ0dCt3VGdRaE4wZUIyT1JWbHFNWXJRZVJrZXA3b3YzdWdkaVdVK0VocGdscnVhMGhvNm1vMGZUWUpBM1UycHN6TzJZYldtVkUxTmpQSWlUMUY1bFVwVUw5S2FBdUFKUWhkWjlGM0U4c3dOYVdNd1FzY2VNWVRXaDRubEw3bEgvY2RVYU0xNitHMGhXS0oxeGNVRTkrZDJ2blUzd3hEbWlpL0RyWFk0U3hXMi9FeS9rK3FRbUNRRUVBUTQwZHhVaUpJcWpnMzFxSEdrPXw&cppv=2

246 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vsim.ua/
Redirect Chain

http://vsim.ua/
https://vsim.ua/

275 KB
40 KB

906ms
758ms

Document
text/html

31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: bd8d2476f80509e55fa65443474376dba9f813f054e43b74ac65d1eda14fe48f

Request headers

Accept-Language: en-GB,en;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: public, s-maxage=30
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 05 Apr 2022 08:39:23 GMT
server: nginx
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 05 Apr 2022 08:39:22 GMT
Location: https://vsim.ua/
Server: nginx

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 93 KB
37 KB 162ms
53ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NWSHLFG

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3de757ea3642efac86cf233ec7d7330b44d12747c41d1be5ea071b614b69111f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37297
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Apr 2022 08:39:23 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/ 64 KB
18 KB 138ms
66ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
content-encoding: gzip
last-modified: Tue, 22 Mar 2022 07:45:17 GMT
server: nginx
etag: W/"62397e8d-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 22 Mar 2022 07:45:52 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 ed8d0db.js Show response
vsim.ua/js/ 95 KB
33 KB 163ms
163ms Script
application/javascript 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/ed8d0db.js?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 08:43:19 GMT
server: nginx
etag: W/"624aafa7-17b3b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3831ad9.css
vsim.ua/css/ 630 KB
96 KB 85ms
84ms Stylesheet
text/css 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/3831ad9.css?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 4b7a2ee9713cc12648e97aefdaec0ed35704f45006777628f1eee7c33423df1d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 08:43:19 GMT
server: nginx
etag: W/"624aafa7-9d7c3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 182 KB
72 KB 239ms
140ms Script
application/javascript 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4fd168e47313df31f7556b080d88a017146060cefc14266e78b1ce991ce86a74

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f0AfRVccxqZ7QODB7lVegA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-f0AfRVccxqZ7QODB7lVegA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"
expires: Tue, 05 Apr 2022 08:39:23 GMT

GET
H2 200 Logo_new_vsim_v8.png
vsim.ua/img/ 5 KB
5 KB 147ms
143ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/Logo_new_vsim_v8.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-126c"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4716
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 news_today.svg
vsim.ua/html/20min-page/web/img/icon-title/ 1 KB
1 KB 148ms
143ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/news_today.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-467"
content-length: 1127
content-type: image/svg+xml

GET
H2 200 8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg
vsim.ua/img/cache/reference/panel_link/0026/31/ 4 KB
4 KB 150ms
145ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/panel_link/0026/31/8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg?hash=2022-02-25-14-28-31
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Fri, 25 Feb 2022 12:28:56 GMT
server: nginx
accept-ranges: bytes
etag: "6218cb88-e27"
content-length: 3623
content-type: image/jpeg

GET
H2 200 9024a147951615ce3d980390f5dcde4cb86f3de3.jpeg
vsim.ua/img/cache/reference/panel_link/0021/03/ 797 B
919 B 150ms
146ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/panel_link/0021/03/9024a147951615ce3d980390f5dcde4cb86f3de3.jpeg?hash=2020-11-16-13-57-22
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: b1f484070f3a01a04875ffb1e467f31eac8336a3456c807400b47f1c51f53a58

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Mon, 26 Apr 2021 13:52:21 GMT
server: nginx
accept-ranges: bytes
etag: "6086c595-31d"
content-length: 797
content-type: image/jpeg

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 150ms
146ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Often_comment.svg
vsim.ua/html/20min-page/web/img/icon-title/ 929 B
1 KB 151ms
146ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/Often_comment.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-3a1"
content-length: 929
content-type: image/svg+xml

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 151ms
147ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Newslater.svg
vsim.ua/bundles/twentyminutuamain/img/icon-title/ 766 B
945 B 151ms
147ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/icon-title/Newslater.svg?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-2fe"
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 766
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 04757c045656223f79bdfdb8cb09896f9b1eaf03.png
vsim.ua/img/cache/reference/rubric_partner/0021/76/ 8 KB
8 KB 151ms
147ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/rubric_partner/0021/76/04757c045656223f79bdfdb8cb09896f9b1eaf03.png?hash=2021-01-22-11-59-23
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Mon, 14 Feb 2022 16:26:41 GMT
server: nginx
accept-ranges: bytes
etag: "620a82c1-200e"
content-length: 8206
content-type: image/png

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 128ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbb3473ae34647e7cca37a468b7fe69f02bbb7f50bf3b742eae3472f8fe9c094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: olmCaa0t/2jUnbdyZB1XXw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 05 Apr 2022 08:50:43 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: kryEslY3UMcWg3rWXxf+dPmvWrIT1jl88UMg5S8EfrrRWkmWxEIN1XPu1UafGqdOxTJeVqPDGqcnhb5gOUk1qw==
x-fb-trip-id: 686109401
x-fb-content-md5: 569754e2d5afb44c48a243a5be235acd
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 05 Apr 2022 08:39:23 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d83a17280981e73eb1a007623d3f5e00"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2

200

imask.js Show response
unpkg.com/imask@6.4.2/dist/
Redirect Chain

https://unpkg.com/imask
https://unpkg.com/imask@6.4.2
https://unpkg.com/imask@6.4.2/dist/imask.js

166 KB
38 KB

112ms
112ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/imask@6.4.2/dist/imask.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8fad7ea6d56c85bc473f0091aa9870e4a7db6609c037eac826ed00c68ea3fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4745268
fly-request-id: 01FVF0MEM9R82PJZRWV45JJY9Y
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"297db-B/zbN+2crPCo1IRXSpVqEqQx/1k"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f70f9169c4b0208-ZRH

Redirect headers

date: Tue, 05 Apr 2022 08:39:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FVF0KPWPNHFDD5B1KYNJ3R38
server: cloudflare
age: 4745268
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /imask@6.4.2/dist/imask.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6f70f9160b930208-ZRH
access-control-allow-origin: *

GET
H2 200 Push_notifacation.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
2 KB 151ms
148ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Push_notifacation.svg?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-75a"
content-length: 1882
content-type: image/svg+xml

GET
H2 200 Instagram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
2 KB 156ms
152ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Instagram.svg?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-884"
content-length: 2180
content-type: image/svg+xml

GET
H2 200 Email.svg
vsim.ua/html/20min-page/web/img/sub_image/ 3 KB
3 KB 156ms
153ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Email.svg?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-aa0"
content-length: 2720
content-type: image/svg+xml

GET
H2 200 Telegram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
2 KB 156ms
153ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Telegram.svg?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-7c3"
content-length: 1987
content-type: image/svg+xml

GET
H2 200 Viber.svg
vsim.ua/html/20min-page/web/img/sub_image/ 4 KB
4 KB 157ms
153ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Viber.svg?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-1132"
content-length: 4402
content-type: image/svg+xml

GET
H2 200 GN.svg
vsim.ua/html/20min-page/web/img/sub_image/ 5 KB
5 KB 157ms
153ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/GN.svg?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-145a"
content-length: 5210
content-type: image/svg+xml

GET
H2 200 0728b5d.js Show response
vsim.ua/js/ 879 KB
239 KB 83ms
83ms Script
application/javascript 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/0728b5d.js?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: e248ccf39aee781866abb6a97023d16144fb3394017395b0594174c9f1904a2b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 08:43:15 GMT
server: nginx
etag: W/"624aafa3-dbba4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 502 aGeq.js
leokross.com/vAW/ 0
0 6650ms
6044ms Script
text/html 79.171.117.17
VARITI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://leokross.com/vAW/aGeq.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/458096/ 384 KB
118 KB 129ms
56ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/458096/hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: f88208b602ddde6dd0d7d8d1da58fa57191ded13dd06faf500f7e2b6a3dbe93f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
content-encoding: gzip
last-modified: Sun, 27 Mar 2022 12:08:02 GMT
server: nginx
etag: W/"624053a2-60173"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 07 Apr 2022 08:39:23 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 160ms
51ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

4158128b65aa992a274bc679ae1cd022b4480dbf8f280a5c2ffd438f8b2cfd05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28295
x-xss-protection: 0
server: sffe
etag: "1178 / 40 of 1000 / last-modified: 1649109971"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Apr 2022 08:39:23 GMT

GET
H2 200 wrapper_hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/458096/ 786 B
744 B 176ms
103ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/458096/wrapper_hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: aef231caad9876f19aba7e2abc99353c2a2f45b4fee982fd2ca7edc59978a8f4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 06:56:13 GMT
server: nginx
etag: W/"624be80d-312"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 07 Apr 2022 08:39:23 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 5 KB
1 KB 111ms
41ms Fetch
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=d9345397765ace7e36f5036f718db82e
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
x-correlation-id: 90bb9f90e86ffdb8c31eb17f848567e3
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache: MISS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 142ms
44ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2077
date: Tue, 05 Apr 2022 08:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 05 Apr 2022 10:04:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
43 KB 157ms
65ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90a63bc9c6eb93ea5ba108d8cbadadf97784b2fd146bc1169e8eaaa0ec91c0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43453
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Apr 2022 08:39:23 GMT

GET
H2 200 remplib.js Show response
vsim.ua/bundles/twentyminutuapaywall/js/ 193 KB
36 KB 168ms
166ms Script
application/javascript 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: fa790aa2667f45ccaceb5fdc2f784c856eb3d4ac5a3e8ba5b2aacec8c8b2722b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
content-encoding: gzip
last-modified: Fri, 10 Sep 2021 08:36:22 GMT
server: nginx
etag: W/"613b1906-30266"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 126ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26313
x-xss-protection: 0
pragma: public
x-fb-debug: TMDw/GRRqofZSIg+tegM1I69eb2KpAA632i3a4JWp8LM+nvZbCyrtF8YaHBY0c6Bg+ZCjXtiqDtlMHNNmiQ+jA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 05 Apr 2022 08:39:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 70 KB
70 KB 167ms
167ms Font
font/woff2 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?c25568bd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://vsim.ua/css/3831ad9.css?c25568bd
Origin: https://vsim.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-118d8"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 71896
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 MaterialIcons-Regular.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 43 KB
43 KB 165ms
164ms Font
font/woff2 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/MaterialIcons-Regular.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?c25568bd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer: https://vsim.ua/css/3831ad9.css?c25568bd
Origin: https://vsim.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-ad0c"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 44300
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
id.gravitec.net/ Frame 61FF 621 B
615 B 166ms
39ms Document
text/html 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 05 Apr 2022 08:39:23 GMT
etag: W/"5e9485b6-26d"
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AcO1rzUv1Dv/m6CXAw
x-77-nzt-ray: VLTlUxDzCVY
x-77-pop: frankfurtDE
x-accel-expires: @1904239264
x-age: 60268699
x-cache: HIT

GET
H2 200 viber-f.svg
vsim.ua/bundles/twentyminutuamain/img/ 3 KB
3 KB 99ms
97ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/viber-f.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?c25568bd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?c25568bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-bff"
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3071
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 g_n_icon.svg
vsim.ua/bundles/twentyminutuamain/img/ 1 KB
1 KB 99ms
98ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/g_n_icon.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?c25568bd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?c25568bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-478"
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1144
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 telegram-f.png
vsim.ua/bundles/twentyminutuamain/img/ 548 B
723 B 99ms
98ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/telegram-f.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?c25568bd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?c25568bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-224"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 548
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iframe Show response
vsim.ua/site_login/ Frame B65D 5 KB
1 KB 283ms
283ms Document
text/html 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/iframe
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 4e82d14ece55ca8598b6fc3a4ad09f6604459af4e18af6c2bafa38b69871f92c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 05 Apr 2022 08:39:24 GMT
server: nginx
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 114ms
34ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:23 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 04 Jul 2022 08:39:23 GMT
cache-control: max-age=7776000
x-proxy-cache: HIT

GET push-worker.js
vsim.ua/ Frame 0
0

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 283 KB
81 KB 56ms
37ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=85496cc7ff97ad909ff436afee261b24

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0da2445c53d0eefdb65d202aac86151387718a7353556201f54b1cae82c5d1af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gkH12xYGgkBQ9jFyJ2/vxg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 05 Apr 2023 07:55:32 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82915
x-fb-rlafr: 0
x-fb-debug: EViFMhQQLAkkdxLevfl7ZGaPF6JVXsZWwVGFkpiIuJeopk6ryeADCcXLqjP6YRiZZUFwEHgJXz18fNQtQ83L2A==
x-fb-trip-id: 686109401
x-fb-content-md5: 81d74f9f24cfc1c4e247f2e0e5b9371b
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 05 Apr 2022 08:39:23 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4ee5aff16f1581a11b4b24eef6a4916c"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 506134916849111 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 46ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/506134916849111?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3843083d5492f24db762a867afd4ddd2169f152650cf93395d1949f012deb8fc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89217
x-xss-protection: 0
pragma: public
x-fb-debug: eezNRoXBzcehHqUu9uG9DmhnaGoyXXxktJQ/MoxHdyJBzZufzVEoA+aUkJTmHvvF7fjmN9gFZL1Xfu/qeAVMrw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 05 Apr 2022 08:39:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 3 B
455 B 163ms
48ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://vsim.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 hbw_master_306660_6693.js Show response
player.adtelligent.com/prebidlink/458096/ 187 KB
187 KB 30ms
30ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/458096/hbw_master_306660_6693.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/wrapper_hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 3549e1d4456d5b1ccebf231d36099ad60df5f40c5024efdd7a7b23adab2ab3c1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
last-modified: Tue, 05 Apr 2022 07:58:01 GMT
server: nginx
etag: "624bf689-2ebc9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 07 Apr 2022 08:39:24 GMT
cache-control: max-age=172800
accept-ranges: bytes
content-length: 191433
x-proxy-cache: HIT

GET
H3 200 pubads_impl_2022033101.js Show response
securepubads.g.doubleclick.net/gpt/ 366 KB
125 KB 94ms
41ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

a58d46d853c21c8e11eb057aba26dbeeb32041b51a61d4e2c3adc86c09c08704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127477
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 08:37:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Apr 2023 08:09:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 115 B
120 B 101ms
51ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

3b4adf3e7444b642b7e94801788b225d1a7719ce24846a4149ea7911742210e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Tue, 05 Apr 2022 08:39:24 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 125ms
40ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=506134916849111&ev=PageView&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1649147964076&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649147964075.1310621062&it=1649147963873&coo=false&exp=p0&rqm=GET

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 05 Apr 2022 08:39:24 GMT

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 118ms
37ms Fetch 52.174.47.89
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=d9345397765ace7e36f5036f718db82e&user_id=b922021f-16d4-407e-b744-c57979598772&utmb=444d5f0d-9422-47dd-b801-f354580a609a&path=https%3A%2F%2Fvsim.ua%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.174.47.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:24 GMT
x-correlation-id: 98b7aace1f04ed8b1ba6383629539038
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 111ms
40ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=178301089580185&ev=fb_page_view&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1649147964089&sw=1600&sh=1200&at=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 05 Apr 2022 08:39:24 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 95ms
47ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=468137133&t=pageview&_s=1&dl=https%3A%2F%2Fvsim.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAQCAC~&jid=79910468&gjid=153380652&cid=2115800258.1649147964&tid=UA-43975937-2&_gid=858404526.1649147964&_r=1&_slc=1&cd1=NotAuthorizedUser&z=968819246

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 137 B
377 B 131ms
30ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4b1e9e63330327b64502548fd50d2a0e230d4a2eff692376c5548a1e956743f9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vsim.ua
Date: Tue, 05 Apr 2022 08:39:23 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 137
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
401 B 129ms
28ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=306660&site_id=6693&full_page_url=https%3A%2F%2Fvsim.ua%2F&adid=lw491p.fk&features=16416&vpbv=N055&lifecycle_tte=1863
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vsim.ua
Date: Tue, 05 Apr 2022 08:39:23 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 fc40332.css
vsim.ua/css/ Frame B65D 177 KB
30 KB 195ms
194ms Stylesheet
text/css 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/fc40332.css?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 270afa1b13087c609baef1d8a4f7652ac5be30b175ff7f78822f8a2d9be5dee1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 08:42:22 GMT
server: nginx
etag: W/"624aaf6e-2c584"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dba7e9c.js Show response
vsim.ua/js/ Frame B65D 246 KB
71 KB 203ms
203ms Script
application/javascript 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/dba7e9c.js?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 14e4699a9706867363ccdfcc60f64545b6529ff6eb4ce7b0072183b2acb20816

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 08:42:26 GMT
server: nginx
etag: W/"624aaf72-3d641"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 202 pageview Show response
tracker_beam.20minut.ua/track/ 0
135 B 77ms
76ms XHR
text/plain 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Requested by: Host: vsim.ua
URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?c25568bd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vsim.ua
date: Tue, 05 Apr 2022 08:39:24 GMT
access-control-allow-credentials: false
server: nginx/1.16.1
content-length: 0
access-control-max-age: 3600

OPTIONS
H2 200 pageview
tracker_beam.20minut.ua/track/ Frame 0
0 244ms
78ms Preflight 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://vsim.ua
access-control-max-age: 3600
content-length: 0
date: Tue, 05 Apr 2022 08:39:24 GMT
server: nginx/1.16.1

GET
H2 200 a5a6aa67667a7dfb8fbca28249502a1926c23ec6.webp
vsim.ua/img/cache/news_rtp_large/news/0026/76/ 28 KB
28 KB 206ms
204ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0026/76/a5a6aa67667a7dfb8fbca28249502a1926c23ec6.webp?hash=2022-04-04-17-07-31
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: fd4f9fe93d29ccb8be85a52f79b1ea581fb3fc13843beaefbff93d9f460db7be

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
last-modified: Mon, 04 Apr 2022 14:38:22 GMT
server: nginx
accept-ranges: bytes
etag: "624b02de-6fd2"
content-length: 28626
content-type: image/webp

GET
H2 200 63e1e5661ab1078bd49043997cd4bd4821bc94ab.webp
vsim.ua/img/cache/news_rtp_large/news/0026/76/ 36 KB
36 KB 207ms
205ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0026/76/63e1e5661ab1078bd49043997cd4bd4821bc94ab.webp?hash=2022-04-04-19-09-50
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 90a4e1f7dee4fee4b35a3b79efe319717693abbafd80bbb1af890a54df69ae58

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
last-modified: Mon, 04 Apr 2022 16:50:39 GMT
server: nginx
accept-ranges: bytes
etag: "624b21df-8e46"
content-length: 36422
content-type: image/webp

GET
H2 200 2572653-kohaniy-cholovik-lyublyachiy-sin-i-naykraschiy-batko-u-hmelnitskomu-poproschalisya-z-anatoliem-nazarenkom.jpeg
vsim.ua/img/cache/news_rtp_large/news/0026/73/ 19 KB
19 KB 207ms
206ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0026/73/2572653-kohaniy-cholovik-lyublyachiy-sin-i-naykraschiy-batko-u-hmelnitskomu-poproschalisya-z-anatoliem-nazarenkom.jpeg?hash=2022-04-02-17-02-28
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 1be7106423871507802c41a0be19b72b7f10992d528e0c7fe953792bf6fd7e9d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
last-modified: Sat, 02 Apr 2022 14:04:19 GMT
server: nginx
accept-ranges: bytes
etag: "624857e3-4b8a"
content-length: 19338
content-type: image/jpeg

GET
H2 200 2572590-lotchik-vinischuvach-dmitro-kolomiets-zaginuv-u-povitryanomu-boyu-nad-hmelnichchinoyu.jpeg
vsim.ua/img/cache/news_rtp_large/news/0026/73/ 15 KB
15 KB 208ms
206ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0026/73/2572590-lotchik-vinischuvach-dmitro-kolomiets-zaginuv-u-povitryanomu-boyu-nad-hmelnichchinoyu.jpeg?hash=2022-04-02-15-53-21
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: db0f4cb8e8cb5466e74ce5d90e8242c96c401a18ee0be15df4c29af8abc4ffb4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
last-modified: Sat, 02 Apr 2022 13:01:29 GMT
server: nginx
accept-ranges: bytes
etag: "62484929-3c2d"
content-length: 15405
content-type: image/jpeg

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
433 B 105ms
35ms XHR
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43975937-2&cid=2115800258.1649147964&jid=79910468&gjid=153380652&_gid=858404526.1649147964&_u=YEBAAEAAAAQCAC~&z=1958584342

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 05 Apr 2022 08:39:24 GMT
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/306633/ 2 KB
1 KB 85ms
28ms XHR
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/306633/config.json?cb=https%3A%2F%2Fvsim.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 47b3b86844b0c485cf17954bf3814c4961b91092016cf8beae1a2b68f081a0e2

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 00:03:08 GMT
server: nginx
etag: W/"624a35bc-8ef"
content-type: application/json
access-control-allow-origin: https://vsim.ua
expires: Thu, 07 Apr 2022 08:39:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 167ms
48ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 142ms
49ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 591ms
591ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1363436574031943&correlator=1097058297610315&eid=31066025%2C31066342%2C31060545%2C31062930%2C44761144&output=ldjh&gdfp_req=1&vrg=2022033101&ptt=17&impl=fifs&iu_parts=45035109%2Cvsim_main_(300x250)&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x400&ifi=1&adks=978356717&sfv=1-0-38&ecs=20220405&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1649147964268&lmt=1649147964&dlt=1649147963386&idt=840&biw=1600&bih=1200&adxs=1092&adys=228&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=2115800258.1649147964&ga_sid=1649147964&ga_hid=468137133&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

13454269d8b389caedf05a2cbfa7302c46a4d8b1c64a993cf32f27b137b219b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8219
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9301 6 KB
4 KB 164ms
47ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 08:39:24 GMT
expires: Wed, 05 Apr 2023 08:39:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
54 B 201ms
109ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Tue, 05 Apr 2022 08:39:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 358 B
1 KB 137ms
40ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

00247086d14d3a1c732b3d326ff7694a1725c5bfb39f1a632d0479ef87b3eb0a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:24 GMT
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f877371a-4bb8-4c53-98e9-1451a3b59121
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 358
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
325 B 187ms
54ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229342c4ac8fc451%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fvsim.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210a90073548f12%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2211fd8e5ac1445bc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2212cb13573f3aa9a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2213137260-70c3-48c5-972b-c1e75e9eb25e%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 831f22023765270712404db1626b2f7333612495aa3fded125c6deded19c027f

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:24 GMT
x-ak-initial-geo: CC:[GB], RC:[EN], CN:[EU], CIP:[217.138.196.106], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://vsim.ua
x-cs-client-geo: 27
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 27
expires: Tue, 05 Apr 2022 08:39:24 GMT

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 73 B
373 B 100ms
35ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fvsim.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=00765243-ce08-4af9-b7cf-1f65e67f1668%2Cc73f9715-fa70-4e54-86a9-5dd633f6e4e8%2C2fa73cc3-414c-4704-befb-cc9c014deb17&nocache=1649147964363&pubcid=13137260-70c3-48c5-972b-c1e75e9eb25e&schain=1.0%2C1!adtelligent.com%2C306660%2C1%2C%2C%2C&aus=1200x250%2C1200x400%7C1200x250%2C1200x400%7C1200x250%2C1200x400&divids=div-gpt-ad-1632837984961-0%2Cdiv-gpt-ad-1632838225160-0%2Cdiv-gpt-ad-1632838267602-0&aucs=%2C%2C&auid=541177132%2C541177132%2C541177132
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 42e2ae1549344309792056adec51ce8016b52e9adfb71afae09290171dc9eb9f

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:24 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://vsim.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 174ms
91ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Tue, 05 Apr 2022 08:39:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.252141023382513&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%...
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.252141023382513&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=ht...

415 B
825 B

36ms
35ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.252141023382513&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=13137260-70c3-48c5-972b-c1e75e9eb25e
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 37593767f544317c9c3e032830d3ee92b32efb73404c3f6cee45c97690ec5acd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:24 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://vsim.ua
expires: Tue, 05 Apr 2022 08:39:24 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 415
x-sid: AMS-739

Redirect headers

date: Tue, 05 Apr 2022 08:39:24 GMT
server: openresty
access-control-allow-origin: https://vsim.ua
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.252141023382513&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=13137260-70c3-48c5-972b-c1e75e9eb25e
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-739

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
766 B 30ms
30ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: b2439eae7ad19c16b0ad134a337854e0064b518d8a630f0a48c6c37bfdc877d9

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 05 Apr 2022 08:39:23 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 487

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 378 B
1 KB 293ms
209ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

64b51e311a8aada28287d773cd45d08dd53dc2036399f22dbb445da71cd2259e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:24 GMT
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c3ab9be2-362e-40fc-8546-6f07c1031531
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 378
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
169 B 200ms
72ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Tue, 05 Apr 2022 08:39:24 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 448 B
557 B 52ms
28ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=517710&aid2=517711&aid3=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: b55ca1fb960f2274f9b7b6ac5d7f40563b12b188fd8e33c5efe60aaaa245889b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 08:39:23 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 278

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6e018d51-1f59-456d-a627-5d6e165e5080

0
407 B

1533ms
487ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6e018d51-1f59-456d-a627-5d6e165e5080
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 08:39:25 GMT
Server: VertaMedia 1.0
Etag: 04e32365f15e1b3a
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6e018d51-1f59-456d-a627-5d6e165e5080
date: Tue, 05 Apr 2022 08:39:24 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=04e32365f15e1b3a

35 B
351 B

187ms
60ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=04e32365f15e1b3a
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 05 Apr 2022 08:39:25 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=04e32365f15e1b3a
Date: Tue, 05 Apr 2022 08:39:25 GMT
Server: VertaMedia 1.0
Etag: 04e32365f15e1b3a
Content-Length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8341 0
18 B 84ms
40ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://vsim.ua
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://vsim.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 08:39:24 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 99ms
49ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 97ms
48ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 117 KB
29 KB 453ms
452ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1363436574031943&correlator=643374622505263&eid=31066025%2C31066342%2C31060545%2C31062930%2C44761144&output=ldjh&gdfp_req=1&vrg=2022033101&ptt=17&impl=fifs&iu_parts=45035109%2C20minut_news8(1200x250)%2C20minut_news9(1200x250)%2C20minut_news10(1200x250)&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1200x250%7C1200x400%2C1200x250%7C1200x400%2C1200x250%7C1200x400&ifi=2&adks=2483578089%2C4059114074%2C1842437250&sfv=1-0-38&ecs=20220405&fsapi=false&prev_scp=city_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1649147964678&lmt=1649147964&dlt=1649147963386&idt=840&biw=1600&bih=1200&adxs=204%2C204%2C204&adys=1056%2C3264%2C4265&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1192x250%7C1192x250%7C1192x250&msz=1200x250%7C1200x250%7C1200x250&fws=4%2C4%2C4&ohw=1192%2C1192%2C1192&ga_vid=2115800258.1649147964&ga_sid=1649147964&ga_hid=468137133&ga_fc=true&btvi=0%7C1%7C2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ad9f7214e3bd6aff1b0ab488e8414d88c24b9eac59349d7d4d8225c0bfe3eaa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29632
x-xss-protection: 0
google-lineitem-id: -1,5961905173,5969655575
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138386064891,138386746710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 640A 6 KB
3 KB 89ms
40ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 08:39:24 GMT
expires: Wed, 05 Apr 2023 08:39:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BFA4 624 B
975 B 143ms
52ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARj1yLvBATAB&v=APEucNWlDhsMNKz5tQEBCZH7-XENKRkObYhubDutu_bCGCkAym_ckoxeEfVa4PaEHDnBpbrf-_RKValKxpTSKCtOCz3PVgV77CeC0oXO7O6xHL2am6IyfsI3Yss3XlP-AsOw1rxSbWQaj-oSMrKUR_IXlewSUOTAFbPF8HMTpkVfF4WNKhKMMeA

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 08:39:25 GMT
expires: Tue, 05 Apr 2022 08:39:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 640A 27 KB
16 KB 179ms
89ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdagQxsRGc-Nrw-Ke2q-JBJR8tExmHx7mOzIJH5W9GmeUndRzsF560fRauOvBQYjIZs4tq0Yl6vnGF2IjXdQ-REqO3lRkxkMPDr8YMA9oQ_2ebesALyhDJqv0pYbQKO8_H0yD7NAa5sIy_XrYQbELijBA3cQ&cry=1&dbm_d=AKAmf-D49bpDmttlrkBHuRCyQzLigpbkr8LrkmriWOyFg58Mqe2n_P8EsgjvyXZwOTkGZGFhT8FNrVU97mllUO1tDrFXG3i0ouFG7VWwpmA8OikZU8aLkBKSqAevRMZadEJhoRDD35QG07PHDjrwuHd8TnBsPpz7A44XizpB_Q4AmEkGeYewxDMIPTIHxhGu9B4JA97TRYUQbk57DIAbICHzw2TsWI0Q20SXa58u2QptQY9ZJdlTe8lIRd8C0bIrIPCvPoknzt7uMlschLV5DI93nlbnoV15ugJCJ-Zw01dUuQ3Jl7kH1GnDiGWbgfR4Rg4ZfcPVicjk7GoQZCb2RyJJKFtkGuiYC5LzhNgdhwMSYUNIyVLsVvd5LnRHa5P-8nT4NKJpkDldqHc51_Tfq0d_5f4HhRAB6-dPYTU9y7Z_nfsQD-Tm75pjYCrJur9ianK_JbIXZOP1SbxF8Zd35I4EiahvGe6rMf3g1XOpQPnn3RnFBJRbO_LueUd3k2kWByCa_rATXhAAR4BzM7jFTL7d98vY26K5KAcyRgw8xG0lll6_aD6_PGzhSO1yarlK2EiyoZplKPOn2VKffi2O_EASAu9MPvfRGvc5nzNV1pMN7hp0tCZw7p6C7CP4ABppGKAexl_RsEe2XLfzXiOUNXsWtWCDFvue98ni3LY9WYXKNK91UGM5aevQbt-S4vasrbHjwlN3_FZYygrsUPnoHmL5iyOepHKrtv3uJ_GEpQ0_Q41Fej-NhW9Z5mqk84E8xw_0NTzfLUZboSVnffyN0Fb63PXSyD5U5zHLw-Zbr6Zy8p4Kxo-JfKFqXaO8RKA3t3tQ4MbRUTh1ghQuDT-sVdUW7Yx_rFqIRNZuiBrL-R1jh9AYVXO3_3WpEeigW6W8c2QZtE-_QJngw09wM8Ck2PbVr5iGkbGdmlRQ0e-qa9Pgh_nw-FTN22Z5nWLce8v_W8PexpX6oSnop0ThQ8_gTtAkqyoJ7bMJfpAIS2PKAuipz5a7f6_9gxKO4JH619cVpNP394o6HlDx-AL8TgxWCbsUKg1Zu-7ZGiz1Bqi3ztAvQG83-hk3SZnY4_dPX9eLMSxvo_YPOsHweAeAuoyvbVx6kEaIijuxbzeEIqeFgolpTWXPhIbSq7Gd4rZhvVdm3Not3A9iVRgo0eSZMtR_9eHfH4avXuNWO6Dju0TMOusg_djcAcYYA2QtqI9MCuTRix_9ZfcK5rh8r6Deu_d_11HvvX9V_qw1UcVi5CWEWWkJAJCC-Qry8LExEOVF8HcCydKhN_GrSTtLhHQoSTiZlFJsGwRRruXvmw95qbJxikZCiYGi-oTH40HMt5vK12yIbK8oM_K_vex8SG_lrd_eLoXzs_b8B4H3KXE4NC95ZF3XaZ5vAxT8w8S2eYyXaTKDjnd6oOGuQREo7Nm1SUNQDOi50SetMjNstLrtJOkJxLTGZdar-NaVO2PBmT_uaMdb6uefPdFzbxsmJmqDCaM9Xy6nvRibE9QvUEOUHfdqu3ndLEKR1S7h4sgsPpdrqTUvEgDZct5sM47b_ahz51TyIzbR0baB6ULlmXskmU2OpyzVLPW646XvzdGX6xZCHzcUokazj2cmhA4CmcLhz6MkC4r6U0_LK-R4kzxgGNfZ71zBryof7pWfyER9GqJYemK2PDxskNY8_7vSu0HYnA2PCfo28-e64sgytjKzmcQIR4KKvsKS_UTWlYB3WUeJkarK4Nw39tQ_jbiVWIs3GtIMqEpXnPQcTWnWlDL7E0wyMKl2eVUm3ipdx3VThD_HBQf5F0GkNUePx9d5jGu_Fc9IGkK09wirQ3MlogZqjQixP6Lf2knBeZEFDbHoA_-IhxsuCM36UQo0XyMo-wMpIVSF-5y01HC6VHUpztAF0Rb-NlyWL8os0Atun3mE_HVdYCC3vU9_r1s9yDzczOEkgftVQWkWRwyAKgdPgKl8gfQHQPGxc0rsAv8eWIXNoHaVWA84F3ktmFowM6xo1JYa9hnNwhzN0XcI1TAn_RbHmldeawqVtQJzCSFIDe1uXbHqws1YFO44cg4TrnIC0x4GDehx8u-CDONBc0qri_VT7yqxxMhq3kIQ4ej2vsPgOlaiEU3gFbR6G7-Ta-XxdhJJpTBquXli5tIb_MDB71upgsNd5_UpuG8GGe1NmiGEQ_yYNMLFninvv0bvCQc2qPq9UYTKyOI5sM5EtOobfpkQGJ3JYQEXjFYQ8jKqoTGqXAtaYLYxCLLD4BlUUdD4B0XedjOSZjjIgROnGvfJ3v18X4FnArMztkZEDKYDlXMj6NpgRjA45NlXkbg5YRCsyvOwromUHY9G2v-gkYh-18DSWamsRq7BpZGAs6L-_rQNvu8tAso8VUgKyYXDCkpJvtzZCCyOEPDWBvP6AMCUwgbpjzUbh--vWYKwxAYSZ_w4z5RNFGX8wYNO1M3IENMVXB0GFDLSVOIO77rl3HtozWlSVpNN4bh36eJQZzA2kaxzYnhh4yQB4pPFOquFwLomg6mVuLKnViUcYNY5qUCf63kllPfSACtrQ_PmK5_um0UcRl-1-QDj26m6kR1UnjNGllD5yRWUCpoEJRSpXtF1_tpwZH0h-OjdFSnWEABEQ3UXi_2senm_dLuRBXf9s-nrrfYDqCoop271tK9CaQMNGvcnPzPMNkn39bfRhN7xOnLn5iBVcvrIALRM_7w7fIvC4giQV9OzISLvm6f9R9jV1R3uqhEiT2a2rI8aKSbkjIhtx-pWhzIEGP720rIqOgfkJ1upaj039uyaKtiYGDuG-oGTGEtLF13gY3kHIaF9hBNPotbfjIupkKQPLqP9Ob6ro580EdnximxJLaIB5Vr-qe2vZBe-KNbqQCB_sV2w9-XWFfmLQhHMQyHtLwioK5Kiqy1AWiXRo5UX9-8-5WR4ejU8Zkg_ea_X3TqQ6MLM7RhZG4Y5JnX7ZcbN4_3mY1Rx1dLZc2omhwY3g1tE7iW0NwFsXiNVcCZMuVzR-JMcDNmhTVgvbmst2na96YUUgKjIGL9axefZ-FjsUCNMUxFZI8pEIZV520zeVjbtv3kvvFIYKK0XDya5Rqhw-uyiXygObFk0DXoVSSxQ0aQkytjD1otr8tVJcuCymkKINmf7V4lcwOhOREG9Y5lHaAQsQpXmlkeHizdHIIS6IvwHlilWaDchBMxgZ6GyxJ6MX7GYxl0edCiMqYsiXmCdk1gBRDILVviV9vrt0iiI3A04ovxe-grA7N1YCJwypXlFVU6SZ-Y&cid=CAASKORo6rQhJr5PXpOarWhexqUIMEJXOf4SYnBpIBUrQzqrP6TsXQoP270&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a845047955c1c47e88822bc3b74161e87a106f20f5fd980e369773b54222333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16482
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 640A 42 B
494 B 164ms
72ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cl89GKlJpGpND4JBMOeHV7z2TDW0L6XFbJ1RxZhrzeL2aqVBRWj67JQTWEkZ8U6r2ITY1wZqVBp4IRRhN3vQ24ndpT3fH8jRhJjahp-mxCulBoLsY

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
fw.adsafeprotected.com/rjss/www.googletagservices.com/949060/60756785/dcm/ Frame 640A 231 KB
77 KB 203ms
91ms Script
application/javascript 34.240.82.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/949060/60756785/dcm/dcmads.js
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.82.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-82-67.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0c738f63294911fa02ec8a944c0f3c4e3ff3763829ffe5c624b5601a6b17d9a9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
content-encoding: gzip
x-server-name: app23.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220331/r20110914/client/ Frame 640A 2 KB
1 KB 160ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220331/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 08:37:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220331/r20110914/client/ Frame 640A 15 KB
7 KB 155ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 08:37:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 640A 0
0 137ms
47ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaShliScWcUTRygB4mNuAF02791dGaOx8_o8pz1xv3vOLSFtX9rjvEDqdRfFajNct42ogxTBAEqtEqESKy7WXocaHFQMrg
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 640A 119 KB
37 KB 158ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36931
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649071906742826"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Apr 2022 08:39:25 GMT

GET
H3 200 container.html Show response
5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8295 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 08:39:24 GMT
expires: Wed, 05 Apr 2023 08:39:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3596 0
0 85ms
85ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyxJk4elQ15OAAZo6solrfX3UBrE5ndUTpjneRrTgVmAJQQKuUtEkGJy0l3l4DpyKbQyzYvqQUTNtMjUUMm-sPnj6TbNRBxjtAIh8jRMp2FOdMkCRbhypdVwUiVb78FLvl2kf99-NeGnAaRrxpoh3JfuMbcqHaYpvkd7UVkB2QxQBMhozMl8opFcMCIi0QqaL0lTf4TVctJAKfvZT7O5KLijDieqW69w00y1VsVCJipwjgv6nTotQqvt5ceU4tgTBmttpFjB4bXBeNy47Ahz9B63qF2BjF9annOMgyIny1xQMKvXwuobebfr-xZlxunh23y-qPhPy21gI_&sai=AMfl-YS2OiZ1KABI7uOabjSUjHkjJAgAtywz966kYP3p4OIhGHXE2yAxpPOwT2YTDZQe-6ZkKZ98pxc9CIKilI1GpgDjTACvkB9aV-CxFnRM5B0Kz4oshYJ7GTv3q84UotY&sig=Cg0ArKJSzHdM-PlKuXr3EAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220331/r20110914/ Frame 3596 19 KB
8 KB 91ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220331/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 08:38:44 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220331/r20110914/client/ Frame 3596 2 KB
1 KB 231ms
180ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220331/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 08:34:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3596 0
0 101ms
48ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIWbtZM06tyhYBFM8tbiULXeuDmkyX8BSij56Z83weFRn2NxA4vw7dwAbNhRSdqSEk1hAlaEHY4voAqtRdPxynUXd_iQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3596 119 KB
36 KB 109ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36931
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649071906742826"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Apr 2022 08:39:25 GMT

GET
H3 200 6739265878778540953
tpc.googlesyndication.com/simgad/ Frame 3596 47 KB
47 KB 102ms
52ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6739265878778540953

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc2f44c8186aa467f22ea050ba202fdf5b82e7300be307453dd8f51f5504066d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:11:35 GMT
x-content-type-options: nosniff
age: 1670
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48476
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 08:30:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Apr 2023 08:11:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CBCA 0
0 78ms
77ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv_KJrvOsMRvOPlQ7IQkxycABOowrSsLspzrp1CHnbY5851A2U_r-_Fcqbhg6BDLfUhf_vzgnRFYL6N_AHwjXGcWYZcD9DGBHIXreJEdV4uuIa_Q5--yqygda1fXV98q_xEhXcQ_CfBzY88QzkBrDkp3N4JEyXeyg4nmzJlm8yBUtbIC0FypmBVF7S6JjYEycqsRQDsOd4f-pl-v8fLe-9UYocSvA9w3c7XwAQXSjf4usx0tGpM2HSDUbS7afKKD6A5Rq-_AYH6sMSqNpcz1TXgidNtwyA_QB5UtdL2oYVpJ0DVMyVoFy71SD6-G20uFBI0hP6W-oW2w&sai=AMfl-YR6LGrWv_oe-0ofBmldj2gyRzxy4Q9b1Y8drXVgSNqeS5R0xnhOcVI3Z0lJ8b7_7M0dxbpf_PH80BtPoR3tvhreBasWqvVr7ULJzp8WcraM2994I7WpOMwqTRc2NpU&sig=Cg0ArKJSzJwXvsfKCgHUEAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220331/r20110914/ Frame CBCA 19 KB
8 KB 61ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220331/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 08:38:44 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220331/r20110914/client/ Frame CBCA 2 KB
1 KB 198ms
181ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220331/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 08:34:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CBCA 0
0 66ms
48ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2KmIk_lrR50QcKnofr19zoUmq_CIQPB_jPBfVo5ezSWujuHQnzb-6V8StkxFut3vivXvmLd08TaWVbVEDsMFlNeYTJQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBCA 119 KB
36 KB 72ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36931
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649071906742826"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Apr 2022 08:39:25 GMT

GET
H3 200 2991145394249055273
tpc.googlesyndication.com/simgad/ Frame CBCA 166 KB
166 KB 84ms
67ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2991145394249055273

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6dd2b0a2ab33263f42e7c93cce96804208f6ba886279ffc6f58544b6360a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 04:55:29 GMT
x-content-type-options: nosniff
age: 359036
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 169550
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 09:16:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Apr 2023 04:55:29 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BFA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1

43 B
1013 B

87ms
70ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARj1yLvBATAB&v=APEucNWlDhsMNKz5tQEBCZH7-XENKRkObYhubDutu_bCGCkAym_ckoxeEfVa4PaEHDnBpbrf-_RKValKxpTSKCtOCz3PVgV77CeC0oXO7O6xHL2am6IyfsI3Yss3XlP-AsOw1rxSbWQaj-oSMrKUR_IXlewSUOTAFbPF8HMTpkVfF4WNKhKMMeA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 05 Apr 2022 08:39:25 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BFA4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkwAPb-BMp0tcSvQjQ28YwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1

43 B
893 B

54ms
53ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARj1yLvBATAB&v=APEucNWlDhsMNKz5tQEBCZH7-XENKRkObYhubDutu_bCGCkAym_ckoxeEfVa4PaEHDnBpbrf-_RKValKxpTSKCtOCz3PVgV77CeC0oXO7O6xHL2am6IyfsI3Yss3XlP-AsOw1rxSbWQaj-oSMrKUR_IXlewSUOTAFbPF8HMTpkVfF4WNKhKMMeA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 05 Apr 2022 08:39:25 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BFA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDijUMc3UNyh2Hx67I2egjU&google_cver=1

43 B
1020 B

49ms
49ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDijUMc3UNyh2Hx67I2egjU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARj1yLvBATAB&v=APEucNWlDhsMNKz5tQEBCZH7-XENKRkObYhubDutu_bCGCkAym_ckoxeEfVa4PaEHDnBpbrf-_RKValKxpTSKCtOCz3PVgV77CeC0oXO7O6xHL2am6IyfsI3Yss3XlP-AsOw1rxSbWQaj-oSMrKUR_IXlewSUOTAFbPF8HMTpkVfF4WNKhKMMeA

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0a5c0d63-a032-4594-a75d-4702b2b1f01c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDijUMc3UNyh2Hx67I2egjU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFA4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg1OTE0MzMzODAyNzA1MTAwMQ%3D%3D

170 B
243 B

118ms
53ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg1OTE0MzMzODAyNzA1MTAwMQ%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7e3940a9-a2b3-4481-a077-a09b79850f0b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg1OTE0MzMzODAyNzA1MTAwMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220331/r20110914/ Frame 640A 25 KB
9 KB 89ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220331/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdagQxsRGc-Nrw-Ke2q-JBJR8tExmHx7mOzIJH5W9GmeUndRzsF560fRauOvBQYjIZs4tq0Yl6vnGF2IjXdQ-REqO3lRkxkMPDr8YMA9oQ_2ebesALyhDJqv0pYbQKO8_H0yD7NAa5sIy_XrYQbELijBA3cQ&cry=1&dbm_d=AKAmf-D49bpDmttlrkBHuRCyQzLigpbkr8LrkmriWOyFg58Mqe2n_P8EsgjvyXZwOTkGZGFhT8FNrVU97mllUO1tDrFXG3i0ouFG7VWwpmA8OikZU8aLkBKSqAevRMZadEJhoRDD35QG07PHDjrwuHd8TnBsPpz7A44XizpB_Q4AmEkGeYewxDMIPTIHxhGu9B4JA97TRYUQbk57DIAbICHzw2TsWI0Q20SXa58u2QptQY9ZJdlTe8lIRd8C0bIrIPCvPoknzt7uMlschLV5DI93nlbnoV15ugJCJ-Zw01dUuQ3Jl7kH1GnDiGWbgfR4Rg4ZfcPVicjk7GoQZCb2RyJJKFtkGuiYC5LzhNgdhwMSYUNIyVLsVvd5LnRHa5P-8nT4NKJpkDldqHc51_Tfq0d_5f4HhRAB6-dPYTU9y7Z_nfsQD-Tm75pjYCrJur9ianK_JbIXZOP1SbxF8Zd35I4EiahvGe6rMf3g1XOpQPnn3RnFBJRbO_LueUd3k2kWByCa_rATXhAAR4BzM7jFTL7d98vY26K5KAcyRgw8xG0lll6_aD6_PGzhSO1yarlK2EiyoZplKPOn2VKffi2O_EASAu9MPvfRGvc5nzNV1pMN7hp0tCZw7p6C7CP4ABppGKAexl_RsEe2XLfzXiOUNXsWtWCDFvue98ni3LY9WYXKNK91UGM5aevQbt-S4vasrbHjwlN3_FZYygrsUPnoHmL5iyOepHKrtv3uJ_GEpQ0_Q41Fej-NhW9Z5mqk84E8xw_0NTzfLUZboSVnffyN0Fb63PXSyD5U5zHLw-Zbr6Zy8p4Kxo-JfKFqXaO8RKA3t3tQ4MbRUTh1ghQuDT-sVdUW7Yx_rFqIRNZuiBrL-R1jh9AYVXO3_3WpEeigW6W8c2QZtE-_QJngw09wM8Ck2PbVr5iGkbGdmlRQ0e-qa9Pgh_nw-FTN22Z5nWLce8v_W8PexpX6oSnop0ThQ8_gTtAkqyoJ7bMJfpAIS2PKAuipz5a7f6_9gxKO4JH619cVpNP394o6HlDx-AL8TgxWCbsUKg1Zu-7ZGiz1Bqi3ztAvQG83-hk3SZnY4_dPX9eLMSxvo_YPOsHweAeAuoyvbVx6kEaIijuxbzeEIqeFgolpTWXPhIbSq7Gd4rZhvVdm3Not3A9iVRgo0eSZMtR_9eHfH4avXuNWO6Dju0TMOusg_djcAcYYA2QtqI9MCuTRix_9ZfcK5rh8r6Deu_d_11HvvX9V_qw1UcVi5CWEWWkJAJCC-Qry8LExEOVF8HcCydKhN_GrSTtLhHQoSTiZlFJsGwRRruXvmw95qbJxikZCiYGi-oTH40HMt5vK12yIbK8oM_K_vex8SG_lrd_eLoXzs_b8B4H3KXE4NC95ZF3XaZ5vAxT8w8S2eYyXaTKDjnd6oOGuQREo7Nm1SUNQDOi50SetMjNstLrtJOkJxLTGZdar-NaVO2PBmT_uaMdb6uefPdFzbxsmJmqDCaM9Xy6nvRibE9QvUEOUHfdqu3ndLEKR1S7h4sgsPpdrqTUvEgDZct5sM47b_ahz51TyIzbR0baB6ULlmXskmU2OpyzVLPW646XvzdGX6xZCHzcUokazj2cmhA4CmcLhz6MkC4r6U0_LK-R4kzxgGNfZ71zBryof7pWfyER9GqJYemK2PDxskNY8_7vSu0HYnA2PCfo28-e64sgytjKzmcQIR4KKvsKS_UTWlYB3WUeJkarK4Nw39tQ_jbiVWIs3GtIMqEpXnPQcTWnWlDL7E0wyMKl2eVUm3ipdx3VThD_HBQf5F0GkNUePx9d5jGu_Fc9IGkK09wirQ3MlogZqjQixP6Lf2knBeZEFDbHoA_-IhxsuCM36UQo0XyMo-wMpIVSF-5y01HC6VHUpztAF0Rb-NlyWL8os0Atun3mE_HVdYCC3vU9_r1s9yDzczOEkgftVQWkWRwyAKgdPgKl8gfQHQPGxc0rsAv8eWIXNoHaVWA84F3ktmFowM6xo1JYa9hnNwhzN0XcI1TAn_RbHmldeawqVtQJzCSFIDe1uXbHqws1YFO44cg4TrnIC0x4GDehx8u-CDONBc0qri_VT7yqxxMhq3kIQ4ej2vsPgOlaiEU3gFbR6G7-Ta-XxdhJJpTBquXli5tIb_MDB71upgsNd5_UpuG8GGe1NmiGEQ_yYNMLFninvv0bvCQc2qPq9UYTKyOI5sM5EtOobfpkQGJ3JYQEXjFYQ8jKqoTGqXAtaYLYxCLLD4BlUUdD4B0XedjOSZjjIgROnGvfJ3v18X4FnArMztkZEDKYDlXMj6NpgRjA45NlXkbg5YRCsyvOwromUHY9G2v-gkYh-18DSWamsRq7BpZGAs6L-_rQNvu8tAso8VUgKyYXDCkpJvtzZCCyOEPDWBvP6AMCUwgbpjzUbh--vWYKwxAYSZ_w4z5RNFGX8wYNO1M3IENMVXB0GFDLSVOIO77rl3HtozWlSVpNN4bh36eJQZzA2kaxzYnhh4yQB4pPFOquFwLomg6mVuLKnViUcYNY5qUCf63kllPfSACtrQ_PmK5_um0UcRl-1-QDj26m6kR1UnjNGllD5yRWUCpoEJRSpXtF1_tpwZH0h-OjdFSnWEABEQ3UXi_2senm_dLuRBXf9s-nrrfYDqCoop271tK9CaQMNGvcnPzPMNkn39bfRhN7xOnLn5iBVcvrIALRM_7w7fIvC4giQV9OzISLvm6f9R9jV1R3uqhEiT2a2rI8aKSbkjIhtx-pWhzIEGP720rIqOgfkJ1upaj039uyaKtiYGDuG-oGTGEtLF13gY3kHIaF9hBNPotbfjIupkKQPLqP9Ob6ro580EdnximxJLaIB5Vr-qe2vZBe-KNbqQCB_sV2w9-XWFfmLQhHMQyHtLwioK5Kiqy1AWiXRo5UX9-8-5WR4ejU8Zkg_ea_X3TqQ6MLM7RhZG4Y5JnX7ZcbN4_3mY1Rx1dLZc2omhwY3g1tE7iW0NwFsXiNVcCZMuVzR-JMcDNmhTVgvbmst2na96YUUgKjIGL9axefZ-FjsUCNMUxFZI8pEIZV520zeVjbtv3kvvFIYKK0XDya5Rqhw-uyiXygObFk0DXoVSSxQ0aQkytjD1otr8tVJcuCymkKINmf7V4lcwOhOREG9Y5lHaAQsQpXmlkeHizdHIIS6IvwHlilWaDchBMxgZ6GyxJ6MX7GYxl0edCiMqYsiXmCdk1gBRDILVviV9vrt0iiI3A04ovxe-grA7N1YCJwypXlFVU6SZ-Y&cid=CAASKORo6rQhJr5PXpOarWhexqUIMEJXOf4SYnBpIBUrQzqrP6TsXQoP270&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 08:37:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 640A 41 KB
15 KB 172ms
172ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Apr 2023 19:34:22 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5FCD 624 B
297 B 115ms
65ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARjttLvBATAB&v=APEucNVBPwQ1r1g2-fk7vhSaWSrHstAfs6xdurM13pmy1BW7GL4OGAkQ70Q6MPo23fZZNL4CTzE61i7J5hzxx5ZVTYFJxy-Pdmi9771pargCxrQQxYMHk0n2FwkljOrMHyfXpGnd3OHSpaJHxLzvoOMcGbgmbT51g6TT5Ze6kb8Fou5Bvh57pyQ

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 08:39:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8295 27 KB
16 KB 124ms
75ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFonQkiUMxIN0c8e8thVVooZ4McyYMyI_bLE0m6UmHeuVXSKX8pFmQ2KaAwzRDiKaQSmA4QUpgyFqJfl8JhtnLhCp-C3gORPZn_mMaqAWELDKUmmxFK9FsWiKK8SkEcsfvzx1N17adnPzT6oUZy2Hkz4dN4w&cry=1&dbm_d=AKAmf-DeoLDo9OoHuWRXOM0JiQ3mvARIcNrLk0KBZYcTk1TJez9LSTxOEICkxTR3Pj9dJBVk7cy60JpMQX4pASgs5a6N1mEhyep2dQTJJJBwTKwn7bpay0i6nBXSiVhH0sKe31o2X-zRK-X9ezMHAs__M3prEcACMrVQfkOA5lbAq4eG8CLhWZaA-ACKHojQ87T4-zNAsQX74ED1Nx9jqf8wFEBjYPL9Js7nW-sJqr4_9qqLrsUlF_2V184Gk-hhgjbdhL8_-BVQ2bv3wjMqdcj3MbSAzQTEMd6sPRvjS9fArVAR4CBPoR4nlAa_LcQBeQFu_GhNg8cSIg4y-BPDY_HlhtcNRVvgNum1-qflGa28ricLJMyUmguLKEi_AEyoZogYl8XAxgIL0xxwMHnwAXiTF_ICJBuS1ck_XobCm-RQj55YQC1LzYlCI-2s4Gb8JeJkYRMgmvecqhYrh4QgukFZ65-EzbmJQburbH7E0BdyhkiAuQfA8EPUrDEUTB7kiQ9NkOG8ey9X_OVrgVYV2rn2tudX5SZwgnaS0bLq_4ptGztSAhKKIFJFQRjn_IrG80U7gVBTx8msDwa0oKi74akGIRIDN4Om0PuTzDHXXI57-PNQTNYP2UFtYxVdf-qWzb_ZUbQoKoKsqf_TWm8tUgNnZqm6KuRorI1JYZ-BALJSmWYQk4lRYXxeoTTAmYnDvivzo8Up_xJ1gfJPeeViMJfWqggOCxAU4WsY5U83km9PY6ji0im9fQneGgrG6Us9X0TxN_c6fG_gxKddt28NSlGEDBk4n6xXzvMmbRZ8dc4cGLAhSauJrvlZtS8iCVkzcq42zE58Y4dZBeQW8uwBiKKD6MHzl5tJH5cR8cNub-OIteyEj7ItMQtahltT1P66yQAHGcEppu4VvTXOKXZ10ht2vy4zULNib0LVnLbcIfwbTnvwlJRPPZTU73aOZV8xe7jArSG526RLWa5kB1jFqmBFjkSAK7z4GPZeFMCqkKAPzq04RWBOEHJPR5V41k9Lf6qcLEydJ_PMKY7U7dSXKGIEe0rp8ZucnvRFmvlejm_0JzoiAdJt_F9o6fxferawmSjMIabaUvbEY3NzLntlUEgSq7qb7R5Ds07vV9tBXJzCA4xhZw4H98tFAPIbMCuDrsNcUaNU8kEpsDGyQFgnSoI9eTA4fItgYLPLS1sSkMugVBvLU4abpwyvAfcFzbsUJ5lEsh04pHjU1b3su8QqSPOEdD8xFM1xdl3kaV8pfNb9TZ2fG9zBHT2z19Zr9sYlarxB9gXbfCZfDutmz-6TfHpHfl_-zCZxq6YPn7pwfAwgE7Bf3d-ugprhVwUHi33Y_PMkAxEesUlh_Poh5rUI4ILrpN80KQb-rua6dDb2m6_B1_pOdkn0bcATtwCgv9ZWLWGmqAIx0hUU1mEQVv0pm5Tuzjmp5GF8-spt6nQudWxjYm4ZZgfQjZSc9dSVk6jvM-TCQlTyC4zvpKJ5cZ97flo9NKwrx3bj9tVG1SCuXaVMSA-dWgYqSzgURumt2YuCX5o1qUnAIJMGYCC6hKa0byptgdifltGZo0pSEPGXj4EcOSRI6KzbSvc827aI5etpP6QFiUDFEBkvY3JSrxHaxLugvkMpRKXnm65fA7-Qfnw6SU1xJBzJ7JmfdXb2fPzLGISP6YAH4WpVxke6hO5lEsimTz0NCd3mMOseyxN52xwVq9ug7vj521WfdF4Oh3V5VIMJnSudP6DdFOe66AYXi0DekF5AcSrFaCjGaZe_YsWVetv5iQiuBr0qxhyuMHctrqu8YTPZStP7T4oCQ5h8EpL5kQHaQK1hO1qKwTNWHqXreckFhDuBf7KdHXYc-F3UEkyp5icMM4lyjr8v-vqB6K-jdHFQd06yqhVfOve9fNUNJ27JPKZ0s7rOvA837BgUVVwprDmDoPSL7-qSgmUD1XYRfoM4O4k6zpql-k2nhlGjxCD4zMa4CWYbjF7mdPxnyKMiwaMme5Fv9J1zIL8KCMc4Czb74nTnnTPaPQxCYgG9vamwI0x_vzP3r2pZtezGom6niVLOBbZynuaKwZ9yku92--DvDr1AWjdKOk65FxgNkx9EuL0iMdXbVDKz4j4iFb-1c7rIiR_ZIt_OBIdjIV8uz2mFbDsnTSmv3pnpXIk65bcbRDoy8N0N-ecx6Ei10G5RvHp67BYNYdjqFG39Q0woIrYjsuqVxRcmNMW-OBIMPmGTbg9hD-U5SI3Jd8N8znvFZBrkiOjidXtfjoD-Hb7V7HQiVWLX9nfyU1EnY6GUa8K2HZ2BGCK-KlDj72W1WtizsKEi2VX1TsAlspq93QY_023mjwNSXNFbWCB0ah6A5aj604mC01e3u70aMITs6Mg0L_R6GUlGAQZvrGTx-MePVfUH7jga-6fAZCqRhBGSHbO3NMv62lHUnbaYPSW4C7Vj7PoFlpRxzF0VMv_t5eSIuFE5foJpm3dZK97vg_fQUeMhqjLGdf9wv_kwDlPeBkPj12q2uTFXHZ9C_8mNVbdboh2z0eGO8dymprDJhHy4_q0gt6zczIDGCGhLOh_5GbHtuviGhOQ9q5YAV4rphg0bWeTQL0J2k0squF8T_39u36CPRXNCOLc2He0tIq2NGz3fFsvogqlWQgMrZZaEyOsmRRaeL3gFMpfwqXIQeNdPUpC38ILzy-6yOorcMia4N8aJLvfHv_TZ9exZ646CzMv28Cy8orEzlAsSV07qfIqOGTByw43oFF9oxSrOD2PHgxBbbj7k_VP0mARYptT6dD13sTxKNwBQlmpbis58WWwHGxxwR4nvdSe0tl6xm1FTiD_OW1Pqvt6KoFWXUf1SIM1f3S-W9CX5oNB4Ed6MV4UM74nSdvH-yHwL2itgepAav4_fe0fYDuiX1KhRxQLEV5rbe-8Eaeef6DGseD1d0f7OSv62L9xNm7UqzCITI75hP4g_JfG5nY8CLzHdy-m8OMvJyw7nnvfI9bPv3s5E66KPrj03WumT2D1POwLp3PaoMe621eZE0aobLCswPSbw46nL3tB8Nyy2hFGMPi8UogyPuYyqe6tuj01_dH_aACoWgTeAFvZp6q8_rXshiwt3iEIn2JXd4cBY8lLJw1hlrklA6Qd2RynuOJgYlC8OwA1SQVwQyaBpJ0JwTJzUXkuwxcuMey1YVuktRKdTxB2AM8tpVMv8TM_DEPjMom9CJhGEWShERTnpLcHdt8isWBFWBViWix8mh_NUBg&cid=CAASJ-RoJ0-axfFQAHg7qzEh8dFQOJYJS8qGJnDvxhaOLn0Ayj6mQJpetQ&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d80a3d3a9acc1576dfc9dcf3b9c8036868fafa98da1038309f001fb1d1c9e1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16508
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8295 42 B
63 B 118ms
76ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAlzoHmqu8kf1QZCF2qPEivV7Ra9fbh1a9atPB4LYBie59v87peCrMDZ0YydNwJfKgNka125Qfd3WAv9Pc09vL8CWzMdYHULsEIlpZF-fvgv6Wats

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
fw.adsafeprotected.com/rjss/www.googletagservices.com/949060/60756784/dcm/ Frame 8295 231 KB
77 KB 60ms
59ms Script
application/javascript 34.240.82.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/949060/60756784/dcm/dcmads.js
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.82.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-82-67.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 389284ed2bd4ef6a355bdf8bc6af3880cb569705306f703d50a684e67afc215c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
content-encoding: gzip
x-server-name: app03.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220331/r20110914/client/ Frame 8295 2 KB
1 KB 166ms
165ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220331/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 08:34:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220331/r20110914/client/ Frame 8295 15 KB
6 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 08:37:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8295 0
0 49ms
48ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZMt7cXp9ETziXcw_bQLatq9BMW1B8N1R3y5UEw0N902qIBR_ucQ2rtk4GSsFpV4_w8MiE-RE4x5cuYjkEWnU9inFnjg
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8295 119 KB
36 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36931
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649071906742826"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Apr 2022 08:39:25 GMT

GET
DATA 200
OK truncated
/ Frame 3596 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f07d63f8d3829a2796d3389f2834ee6b190cd5484423373ee5a34f3a5cd8227

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CBCA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c02db4c7d11b4eb62ecf6a448f30147afaaffde9b74bb52410820c342511be77

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

dcmads.js Show response
www.googletagservices.com/dcm/ Frame 640A
Redirect Chain

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/949060/60756785/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fvsim.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5b23380c6f12133715495f5483c2212...
https://www.googletagservices.com/dcm/dcmads.js

11 KB
5 KB

42ms
41ms

Script
text/javascript

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 07:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5008
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:23:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 05 Apr 2022 08:41:02 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://www.googletagservices.com/dcm/dcmads.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 4727 80 KB
21 KB 170ms
48ms Script
application/javascript 2600:9000:2156:1c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 4214482
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: ZpbVRUMZ_2xyxAFHgRFGvcT4lkS2EQY5UW1tHo6S1sph1s7rZjsUag==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CBCA 0
0 77ms
76ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHwR1MaHylhlTOOAiPsrS_CuL4iX2GVjCX5W20Hff1i3CYnZfgdOtgf9osWWKgctBzbm-goAuiHWdhk9_cwaTMyuKhVn4dQzFbK48Q3Z1cC88zU045B6biz2uc3VgBHACJ9aWC9OqV6O1brAkOdtmvfrUjBvTrYksmcgeb1b9qHQF5U4NEgVCPNERdrGoMg7BwsMT-kThB0SKwvAaAR7hSK-t6G9aeoQphD4Qig5FjTM-8o65kY5o2cpez0Ml5d3hxzPIbc-Hnrhjz7S1d4WRbXx9hpGQjscnHqntXGaJTzK1N_2rbbq93O5ZwyA&sai=AMfl-YS63j7s_sTH-zDJqFAV5uKEbGPGs0UQZP-dNVcu25DUGTAsbc2HQ5_FWyugnec1pKoanYyWOBzHdX5qXB-ljfS8DgKuchcm9H3dpnMzHL6J1WwEs84Uz069_Q4sKLk&sig=Cg0ArKJSzKcDgduso5kjEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 05 Apr 2022 08:39:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3596 0
0 77ms
76ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYLHLrQzz2nuJchGA4wB_jAbJ8M86BkWOpI0jYXlI8NqfQe9qdFq4AHzIKLhiwuqLDEiUXYtAbkw5kSzD64Z4Jn1IyrvkU6yRIrrUzzHXUnvGbo6cd9ZbukIMxL_rd9uatabm7jnYpge761vCY3io8iHFPQ_yt8NxQPDNQSWswhSit7cQFEw99mY4xbXKsnvtbasHHZVsR700Ve0KC8S3VU1t7QFje7fiz-TO3dZJMbamziixJ4eJv28THKoFoBs6gfH76jab5JBw_76QMTe63AzB_azq8dLnHqDGOz4WnnHnhdSJQ2Oq7SS43QOO-&sai=AMfl-YT0Afg4W808pxIY-H0ZpKRFHNVl9yxz9FftHX8epWB8IqybAqL4Z61U8ObHnfGYukCvk7AL0TK_IzffqbGcYzZhyC5Fw4vzPG2ySYWsaKNI-seGOJXqEGfd1MJ2XDs&sig=Cg0ArKJSzHaPG01y_LhUEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 05 Apr 2022 08:39:25 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 640A 43 B
301 B 332ms
105ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=7eb6d20f-b5d9-8286-5449-979d620dc0cb&tv=%7Bc:8TKaIP,pingTime:-3,time:118,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:118,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t27mNt3+11%7C12%7C13%7C14*.949060-60756785%7C141%7C151%7C16%7C17,idMap:14*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 640A 43 B
301 B 328ms
103ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=7eb6d20f-b5d9-8286-5449-979d620dc0cb&tv=%7Bc:8TKaIQ,pingTime:-6,time:119,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:119,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B113~0%5D,as:%5B113~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t27mNt3+11%7C12%7C13%7C14*.949060-60756785%7C141%7C151%7C16%7C17,idMap:14*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:vsim.ua*&br=c
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
X-Server-Name: dt52.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
195 B 30ms
30ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://vsim.ua
Date: Tue, 05 Apr 2022 08:39:25 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220331/r20110914/ Frame 8295 25 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220331/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFonQkiUMxIN0c8e8thVVooZ4McyYMyI_bLE0m6UmHeuVXSKX8pFmQ2KaAwzRDiKaQSmA4QUpgyFqJfl8JhtnLhCp-C3gORPZn_mMaqAWELDKUmmxFK9FsWiKK8SkEcsfvzx1N17adnPzT6oUZy2Hkz4dN4w&cry=1&dbm_d=AKAmf-DeoLDo9OoHuWRXOM0JiQ3mvARIcNrLk0KBZYcTk1TJez9LSTxOEICkxTR3Pj9dJBVk7cy60JpMQX4pASgs5a6N1mEhyep2dQTJJJBwTKwn7bpay0i6nBXSiVhH0sKe31o2X-zRK-X9ezMHAs__M3prEcACMrVQfkOA5lbAq4eG8CLhWZaA-ACKHojQ87T4-zNAsQX74ED1Nx9jqf8wFEBjYPL9Js7nW-sJqr4_9qqLrsUlF_2V184Gk-hhgjbdhL8_-BVQ2bv3wjMqdcj3MbSAzQTEMd6sPRvjS9fArVAR4CBPoR4nlAa_LcQBeQFu_GhNg8cSIg4y-BPDY_HlhtcNRVvgNum1-qflGa28ricLJMyUmguLKEi_AEyoZogYl8XAxgIL0xxwMHnwAXiTF_ICJBuS1ck_XobCm-RQj55YQC1LzYlCI-2s4Gb8JeJkYRMgmvecqhYrh4QgukFZ65-EzbmJQburbH7E0BdyhkiAuQfA8EPUrDEUTB7kiQ9NkOG8ey9X_OVrgVYV2rn2tudX5SZwgnaS0bLq_4ptGztSAhKKIFJFQRjn_IrG80U7gVBTx8msDwa0oKi74akGIRIDN4Om0PuTzDHXXI57-PNQTNYP2UFtYxVdf-qWzb_ZUbQoKoKsqf_TWm8tUgNnZqm6KuRorI1JYZ-BALJSmWYQk4lRYXxeoTTAmYnDvivzo8Up_xJ1gfJPeeViMJfWqggOCxAU4WsY5U83km9PY6ji0im9fQneGgrG6Us9X0TxN_c6fG_gxKddt28NSlGEDBk4n6xXzvMmbRZ8dc4cGLAhSauJrvlZtS8iCVkzcq42zE58Y4dZBeQW8uwBiKKD6MHzl5tJH5cR8cNub-OIteyEj7ItMQtahltT1P66yQAHGcEppu4VvTXOKXZ10ht2vy4zULNib0LVnLbcIfwbTnvwlJRPPZTU73aOZV8xe7jArSG526RLWa5kB1jFqmBFjkSAK7z4GPZeFMCqkKAPzq04RWBOEHJPR5V41k9Lf6qcLEydJ_PMKY7U7dSXKGIEe0rp8ZucnvRFmvlejm_0JzoiAdJt_F9o6fxferawmSjMIabaUvbEY3NzLntlUEgSq7qb7R5Ds07vV9tBXJzCA4xhZw4H98tFAPIbMCuDrsNcUaNU8kEpsDGyQFgnSoI9eTA4fItgYLPLS1sSkMugVBvLU4abpwyvAfcFzbsUJ5lEsh04pHjU1b3su8QqSPOEdD8xFM1xdl3kaV8pfNb9TZ2fG9zBHT2z19Zr9sYlarxB9gXbfCZfDutmz-6TfHpHfl_-zCZxq6YPn7pwfAwgE7Bf3d-ugprhVwUHi33Y_PMkAxEesUlh_Poh5rUI4ILrpN80KQb-rua6dDb2m6_B1_pOdkn0bcATtwCgv9ZWLWGmqAIx0hUU1mEQVv0pm5Tuzjmp5GF8-spt6nQudWxjYm4ZZgfQjZSc9dSVk6jvM-TCQlTyC4zvpKJ5cZ97flo9NKwrx3bj9tVG1SCuXaVMSA-dWgYqSzgURumt2YuCX5o1qUnAIJMGYCC6hKa0byptgdifltGZo0pSEPGXj4EcOSRI6KzbSvc827aI5etpP6QFiUDFEBkvY3JSrxHaxLugvkMpRKXnm65fA7-Qfnw6SU1xJBzJ7JmfdXb2fPzLGISP6YAH4WpVxke6hO5lEsimTz0NCd3mMOseyxN52xwVq9ug7vj521WfdF4Oh3V5VIMJnSudP6DdFOe66AYXi0DekF5AcSrFaCjGaZe_YsWVetv5iQiuBr0qxhyuMHctrqu8YTPZStP7T4oCQ5h8EpL5kQHaQK1hO1qKwTNWHqXreckFhDuBf7KdHXYc-F3UEkyp5icMM4lyjr8v-vqB6K-jdHFQd06yqhVfOve9fNUNJ27JPKZ0s7rOvA837BgUVVwprDmDoPSL7-qSgmUD1XYRfoM4O4k6zpql-k2nhlGjxCD4zMa4CWYbjF7mdPxnyKMiwaMme5Fv9J1zIL8KCMc4Czb74nTnnTPaPQxCYgG9vamwI0x_vzP3r2pZtezGom6niVLOBbZynuaKwZ9yku92--DvDr1AWjdKOk65FxgNkx9EuL0iMdXbVDKz4j4iFb-1c7rIiR_ZIt_OBIdjIV8uz2mFbDsnTSmv3pnpXIk65bcbRDoy8N0N-ecx6Ei10G5RvHp67BYNYdjqFG39Q0woIrYjsuqVxRcmNMW-OBIMPmGTbg9hD-U5SI3Jd8N8znvFZBrkiOjidXtfjoD-Hb7V7HQiVWLX9nfyU1EnY6GUa8K2HZ2BGCK-KlDj72W1WtizsKEi2VX1TsAlspq93QY_023mjwNSXNFbWCB0ah6A5aj604mC01e3u70aMITs6Mg0L_R6GUlGAQZvrGTx-MePVfUH7jga-6fAZCqRhBGSHbO3NMv62lHUnbaYPSW4C7Vj7PoFlpRxzF0VMv_t5eSIuFE5foJpm3dZK97vg_fQUeMhqjLGdf9wv_kwDlPeBkPj12q2uTFXHZ9C_8mNVbdboh2z0eGO8dymprDJhHy4_q0gt6zczIDGCGhLOh_5GbHtuviGhOQ9q5YAV4rphg0bWeTQL0J2k0squF8T_39u36CPRXNCOLc2He0tIq2NGz3fFsvogqlWQgMrZZaEyOsmRRaeL3gFMpfwqXIQeNdPUpC38ILzy-6yOorcMia4N8aJLvfHv_TZ9exZ646CzMv28Cy8orEzlAsSV07qfIqOGTByw43oFF9oxSrOD2PHgxBbbj7k_VP0mARYptT6dD13sTxKNwBQlmpbis58WWwHGxxwR4nvdSe0tl6xm1FTiD_OW1Pqvt6KoFWXUf1SIM1f3S-W9CX5oNB4Ed6MV4UM74nSdvH-yHwL2itgepAav4_fe0fYDuiX1KhRxQLEV5rbe-8Eaeef6DGseD1d0f7OSv62L9xNm7UqzCITI75hP4g_JfG5nY8CLzHdy-m8OMvJyw7nnvfI9bPv3s5E66KPrj03WumT2D1POwLp3PaoMe621eZE0aobLCswPSbw46nL3tB8Nyy2hFGMPi8UogyPuYyqe6tuj01_dH_aACoWgTeAFvZp6q8_rXshiwt3iEIn2JXd4cBY8lLJw1hlrklA6Qd2RynuOJgYlC8OwA1SQVwQyaBpJ0JwTJzUXkuwxcuMey1YVuktRKdTxB2AM8tpVMv8TM_DEPjMom9CJhGEWShERTnpLcHdt8isWBFWBViWix8mh_NUBg&cid=CAASJ-RoJ0-axfFQAHg7qzEh8dFQOJYJS8qGJnDvxhaOLn0Ayj6mQJpetQ&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 08:37:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8295 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Apr 2023 19:34:22 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5FCD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1

43 B
893 B

53ms
53ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARjttLvBATAB&v=APEucNVBPwQ1r1g2-fk7vhSaWSrHstAfs6xdurM13pmy1BW7GL4OGAkQ70Q6MPo23fZZNL4CTzE61i7J5hzxx5ZVTYFJxy-Pdmi9771pargCxrQQxYMHk0n2FwkljOrMHyfXpGnd3OHSpaJHxLzvoOMcGbgmbT51g6TT5Ze6kb8Fou5Bvh57pyQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 05 Apr 2022 08:39:25 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5FCD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkwAPb-BMp0tcSvQjQ28YwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1

43 B
893 B

55ms
55ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARjttLvBATAB&v=APEucNVBPwQ1r1g2-fk7vhSaWSrHstAfs6xdurM13pmy1BW7GL4OGAkQ70Q6MPo23fZZNL4CTzE61i7J5hzxx5ZVTYFJxy-Pdmi9771pargCxrQQxYMHk0n2FwkljOrMHyfXpGnd3OHSpaJHxLzvoOMcGbgmbT51g6TT5Ze6kb8Fou5Bvh57pyQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 05 Apr 2022 08:39:25 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED9dFRgJKsdfBeGPpP2zAD8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5FCD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDijUMc3UNyh2Hx67I2egjU&google_cver=1

43 B
1020 B

113ms
112ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDijUMc3UNyh2Hx67I2egjU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARjttLvBATAB&v=APEucNVBPwQ1r1g2-fk7vhSaWSrHstAfs6xdurM13pmy1BW7GL4OGAkQ70Q6MPo23fZZNL4CTzE61i7J5hzxx5ZVTYFJxy-Pdmi9771pargCxrQQxYMHk0n2FwkljOrMHyfXpGnd3OHSpaJHxLzvoOMcGbgmbT51g6TT5Ze6kb8Fou5Bvh57pyQ

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a79f5919-62b4-43f9-b059-1ce0a8151d24
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDijUMc3UNyh2Hx67I2egjU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FCD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg1OTE0MzMzODAyNzA1MTAwMQ%3D%3D

170 B
188 B

53ms
53ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg1OTE0MzMzODAyNzA1MTAwMQ%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 10f1ed86-1a69-48f3-aaa0-4f163ac0e832
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg1OTE0MzMzODAyNzA1MTAwMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 640A 43 B
301 B 315ms
103ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=7eb6d20f-b5d9-8286-5449-979d620dc0cb&tv=%7Bc:8TKaJ4,pingTime:-2,time:133,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:105,mdZ:404,beA:439,beZ:441,mfA:442,cmA:444,inA:444,inZ:448,prA:448,prZ:454,si:462,poA:463,poZ:499,cmZ:499,mfZ:499,loA:558,loZ:561,ltA:572,ltZ:572%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:133,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B127~0%5D,as:%5B127~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t27mNt3+11%7C12%7C13%7C14*.949060-60756785%7C141%7C151%7C16%7C17,idMap:14*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:109,readyFired:false%7D&br=c
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
X-Server-Name: dt40.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3D46 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
age: 47071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 19:34:54 GMT
expires: Tue, 04 Apr 2023 19:34:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dcmads.js Show response
www.googletagservices.com/dcm/ Frame 8295
Redirect Chain

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/949060/60756784/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fvsim.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5b23380c6f12133715495f5483c2212...
https://www.googletagservices.com/dcm/dcmads.js

11 KB
5 KB

45ms
45ms

Script
text/javascript

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 07:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5008
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:23:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 05 Apr 2022 08:41:02 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://www.googletagservices.com/dcm/dcmads.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame BD71 80 KB
21 KB 49ms
49ms Script
application/javascript 2600:9000:2156:1c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 4214482
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: Tme8UhpsmOeDoTFFByBFzRyAUQWaVFqhZVUnaI2iTWNU59Hp8pfMjQ==

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8295 43 B
301 B 298ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=396b463c-b35d-5e28-6c69-81a2e35fb148&tv=%7Bc:8TKaKV,pingTime:-3,time:76,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:1192,h:250,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:76,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:i,cc:NaN.NaN.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~1192.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t27mNvP+11%7C12%7C13%7C141%7C142%7C143%7C15*.949060-60756784%7C151%7C16%7C17,idMap:15*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
X-Server-Name: dt50.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8295 43 B
301 B 296ms
99ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=396b463c-b35d-5e28-6c69-81a2e35fb148&tv=%7Bc:8TKaKX,pingTime:-6,time:78,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:78,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:i,cc:NaN.NaN.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B72~0%5D,as:%5B72~1192.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t27mNvP+11%7C12%7C13%7C141%7C142%7C143%7C15*.949060-60756784%7C151%7C16%7C17,idMap:15*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:vsim.ua*&br=c
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 506F 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
age: 47071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 19:34:54 GMT
expires: Tue, 04 Apr 2023 19:34:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 impl_v85.js Show response
www.googletagservices.com/dcm/ Frame 640A 42 KB
17 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v85.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/949060/60756785/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fvsim.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7eb6d20f-b5d9-8286-5449-979d620dc0cb,c:8TKaHh,sl:outOfView,em:true,fr:false,thd:1,mn:app23ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t27mNt3+11%7C12%7C13%7C14*.949060-60756785%7C141%7C151%7C16%7C17,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:e5f07e05-b4bb-11ec-adcd-066e0ff6d4ed,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 13:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17382
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:13:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 13:41:02 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8295 43 B
301 B 279ms
99ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=396b463c-b35d-5e28-6c69-81a2e35fb148&tv=%7Bc:8TKaLh,pingTime:-2,time:98,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:77,mdZ:192,beA:345,beZ:346,mfA:347,cmA:348,inA:349,inZ:352,prA:352,prZ:358,si:366,poA:368,poZ:399,cmZ:399,mfZ:399,loA:423,loZ:425,ltA:442,ltZ:442%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1192,h:250,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:98,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:i,cc:NaN.NaN.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B92~0%5D,as:%5B92~1192.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t27mNt3+11%7C12%7C13%7C14.949060-60756785%7C141%7C142%7C143%7C15*.949060-60756784%7C151%7C16%7C17,idMap:15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:74,readyFired:false%7D&br=c
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
X-Server-Name: dt40.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D46 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 08:58:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13680
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 08:58:59 GMT

GET
H2 200 B27208154.327703526;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=250412562;ord=274a8o;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fvsim.ua%2F$0;xdt=1;crlt=... Show response
ad.doubleclick.net/ddm/adj/N4022.2512303AFFIPERF_GBR_4022/ Frame 640A 59 KB
26 KB 182ms
75ms Script
text/javascript 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N4022.2512303AFFIPERF_GBR_4022/B27208154.327703526;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=250412562;ord=274a8o;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fvsim.ua%2F$0;xdt=1;crlt=gqxfvaJ6fR;sttr=59;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

f0cb84bed6d6865114a1fa162235bc08fd10d80e0d6f02cc8f8eb701f6bb0a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25750
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v85.js Show response
www.googletagservices.com/dcm/ Frame 8295 42 KB
17 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v85.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/949060/60756784/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fvsim.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:396b463c-b35d-5e28-6c69-81a2e35fb148,c:8TKaK2,sl:outOfView,em:true,fr:false,thd:1,mn:app03ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:i,cc:NaN.NaN.1192.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t27mNvP+11%7C12%7C13%7C141%7C142%7C143%7C15*.949060-60756784%7C151%7C16%7C17,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:22,oid:e6042cd5-b4bb-11ec-b03b-0a6fa201f3de,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 13:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17382
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:13:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 13:41:02 GMT

GET
H3 200 FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js Show response
pagead2.googlesyndication.com/bg/ Frame 506F 35 KB
13 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 08:58:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13680
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 08:58:59 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 640A 43 B
301 B 189ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=7eb6d20f-b5d9-8286-5449-979d620dc0cb&tv=%7Bc:8TKaMH,time:358,type:e,im:%7Bimprf:%7Bttecl:600,ecd:151,tsecr:91%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:358,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B352~0%5D,as:%5B352~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t27mNt3+11%7C12%7C13%7C14*.949060-60756785%7C141%7C15.949060-60756784%7C151%7C16%7C17,idMap:14*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
X-Server-Name: dt52.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 B27208154.327689973;dc_ver=85.248;sz=970x250;u_sd=1;dc_adk=1964084974;ord=560g87;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fvsim.ua%2F$0;xdt=1;crlt=gqxfvaJ6fR;sttr... Show response
ad.doubleclick.net/ddm/adj/N4022.2512303AFFIPERF_GBR_4022/ Frame 8295 59 KB
25 KB 129ms
114ms Script
text/javascript 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N4022.2512303AFFIPERF_GBR_4022/B27208154.327689973;dc_ver=85.248;sz=970x250;u_sd=1;dc_adk=1964084974;ord=560g87;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fvsim.ua%2F$0;xdt=1;crlt=gqxfvaJ6fR;sttr=89;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

675633e986b51ba09bf3f6d231198ab434700578a14677725f2607370176f751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25730
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8295 43 B
301 B 100ms
100ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=396b463c-b35d-5e28-6c69-81a2e35fb148&tv=%7Bc:8TKaOM,time:315,type:e,im:%7Bimprf:%7Bttecl:425,ecd:119,tsecr:15%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:315,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:i,cc:NaN.NaN.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B309~0%5D,as:%5B309~1192.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t27mNt3+11%7C12%7C13%7C14.949060-60756785%7C141%7C142%7C143%7C15*.949060-60756784%7C151%7C16%7C17,idMap:15*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:25 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 640A 106 KB
38 KB 159ms
41ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
Origin: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 14:41:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220331/r20110914/elements/html/ Frame 640A 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220331/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4022.2512303AFFIPERF_GBR_4022/B27208154.327703526;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=250412562;ord=274a8o;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fvsim.ua%2F$0;xdt=1;crlt=gqxfvaJ6fR;sttr=59;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 08:38:27 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6345 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
age: 47071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 19:34:54 GMT
expires: Tue, 04 Apr 2023 19:34:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 640A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ceadbeb9e4886a2c3efef3c2bc20e01b193c6a3fe40e30c3d0ef845c8526cb1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 8295 106 KB
37 KB 127ms
89ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
Origin: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 14:41:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220331/r20110914/elements/html/ Frame 8295 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220331/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4022.2512303AFFIPERF_GBR_4022/B27208154.327689973;dc_ver=85.248;sz=970x250;u_sd=1;dc_adk=1964084974;ord=560g87;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fvsim.ua%2F$0;xdt=1;crlt=gqxfvaJ6fR;sttr=89;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Apr 2022 08:38:27 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 55AF 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
age: 47072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 19:34:54 GMT
expires: Tue, 04 Apr 2023 19:34:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8295 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7987922371c9ece605f4e56bace633afb0ed67504258dc103eca94bf2566500

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 640A 43 B
301 B 98ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=7eb6d20f-b5d9-8286-5449-979d620dc0cb&tv=%7Bc:8TKaS3,pingTime:-10,time:690,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1649147966014%7C%7Cc2403f6849177d4ae8c061309ff09f9d%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C64a08faba37ca64366948fbb9d559915%7C%7Cf9778eadcbb0315603c2f55faaaa8261%7C%7C10a14a74f5b01880c9f860f4de7b6fb0%7C%7C9fc09d6b544120fe050676543fda8def%7C%7C144e50dc29e355a2f9a904c659597475%7C%7C1629390669%7D
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:26 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D46 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQX7EPQBMYqesB5eV7_UPy8SK6AgAAAAAOAHgBAI&bg=!vr2lvfnNAAZku-1yRLs7ACkAdvg8Wnqq3t6F32F7h7ya_o220_mHV42DPX_dAYmwgqmywmabYZFxMAIAAADmUgAAAAJoAQeZAx5U02uTNFnPi9XGkqSv1OG8bJPTVUJCUCnptGV3oVSq1xiRcPWWcR4KaL0wIsHBkTW80SpG4C615zbKbtn5dDpQNs3Dnp3tjksbTmuZZmfFNAvL6r4EBd3LK0J4Szjni1qeq9V1uwiMdVpJdOtj_iQVmVWzqtUXMJqvDLhSoJxEkYYJwh3BQCOWVR0J__Dwrkz4Pd5aRmCLkUcF6Uy4zc-ElZ_lz2z9hdfOM0UXp_-Cx48DHxM3YQwD4XUvJbvcYFcs3vTZoO3s7n8JJxQ8zuAC5BtDmcyLK7Zc2GNi0uNSLgcBoeUyg3ZMcM2J-mQdgdSelkhajXohvIx3hnLf3BLKU2uJ61Ip7-vtQb-3ESNYuVIx0MJrfKjLJ-l-mXDc_QhECFAkM3jdFh1hQ8YD0yT9PpxqcSrLS7zkcx4lRVHlNcI6mYpG9qUUXTEYk1WG0WQUnNE83wgKSxhre7eanRcs-arQ0mMGuSKvModYvfPmWEG4vc9hvUHBwQ39kK7n245zLyWJZtvYwKqPR7wvkBJHgU3TNPhu6oioUcuu8PXpEVerO9yLK_Vd5VK-F7ir0ECh5xnvej-7KbF7QEhZ5OTR-4cYeAIvfkNt4myHFFv1B86DJibi38Ws4Bz9WH7xD7SNwGK7Il2JzouG-M8wqj5dpeAs77pOwEMlhsMxksfyHrKiEXNXKw6jE_NUPcpzyI2DDEAESstkVRLt2wBHtM1xPrtgqcO_3h2WtAwWOYvY6fFYRGXe4BnPcwqIh6ePHxwKzD3-XfwhCz8tiyT6QMQyL68U1q-tP3p7rMnahkg94pBtnhIOp2PscfmQedXMQ_wkoH-PBPoydT5DZXFzyDT44uDn4kkAcpSzXEetBHijaQoisoBxykvh4ILz3b5SP4ZxnkRr8uCe33YQXo1N0KF09gTBo07LimED1pmm-gsCbk-jL-n3seNpzcNCax4dvNGLl1BKEA7461CxJ1wtswEAG1JvNlEZGd3W0GaelQ7zhoQAMDG-aFhnUp82HqVMFalkpjGXG_DSaKXAZ9CBvI2BX8CmCOmmRUONcuPW-M4

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8295 43 B
301 B 98ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=396b463c-b35d-5e28-6c69-81a2e35fb148&tv=%7Bc:8TKaTl,pingTime:-10,time:598,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1649147966014%7C%7Cc2403f6849177d4ae8c061309ff09f9d%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C64a08faba37ca64366948fbb9d559915%7C%7Cf9778eadcbb0315603c2f55faaaa8261%7C%7C10a14a74f5b01880c9f860f4de7b6fb0%7C%7C9fc09d6b544120fe050676543fda8def%7C%7C144e50dc29e355a2f9a904c659597475%7C%7C1629390669,im:%7Bpci:%7Btdr:550%7D%7D,sca:%7Bspg:7eb6d20f-b5d9-8286-5449-979d620dc0cb%7D%7D
Requested by: Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:26 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6345 35 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13731
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 19:30:15 GMT

GET
H3 200 V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js Show response
pagead2.googlesyndication.com/bg/ Frame 55AF 35 KB
13 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 19:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13731
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 19:30:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 506F 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqWZjPQBMYpuCE4mcgAfZ4oXwAwAAAAA4AeAEAg&bg=!x8SlxIDNAAZku-1yRLs7ACkAdvg8Wv91Pg_69VwaBy1k0WfUi7KdqZGCkt_hNs20LOO07IjR_1uYQAIAAAFyUgAAAAJoAQeZAxv6Fnokkbz8YvVE_C_uAjmYH5hbvrUzEbB7PNJXiTjQytxVSkb6r-VqHs8oVmFKFxaBXPc3-NAtpOXQnuEBNDBMCnm5DE85-9BgTm5_LzV1xUUL1aZ3JtaBYoSvaeeq7z5L3a-YKQn0V5w9WJeNM0mjKaQfIdlMYKx9s5qtUrSbAWksrum507e_IQEXAjvMAG1CHxNJLmYgjPIYWPmAmTT_eI6KtvQm4k6F1VTcEb0p4NHsZR9oj4R9bwjV12sK3HAcz7UTDEkDB0Kqo6tOfTyuUhIRm900Aw-_1fqfC0fwbr-ZBsT8KlUSqM39W91zdFQQKapoPHRE40LjH3wSNZ7n3woQD4SLu1I3-RZ3WZeUGf7sW8OzFnhJ91OAZpEWvFzZdsbbNvTbyAnz1NvwXhe5qrc19kxHK8cZZHM1euqUMBBxL28b348RaX7MJ07VsIcwK5SBtrrtmXvmO7yv7aDe-vo8sl65H5fuMcMN41jzjJdkvj71pCUH4j2BSYqIXsMr0vTrlAVfsDXShmfFBStoG4ZtHBFAYPwTGChKpIZTJpac-ybYcZrjCIUigl_SuxsbTu2x9_uRxXoOSDWxAVVGmlm_v0rHWTkO99xW4YTPm3hEjtevRlUpwzxfNx4uSxEXPwnoM5TpiXC_6pJ24DXiYzZADt71GeGxQLYFcQe2lX66Nu8UhenK3iZGNLXzZ7wSAetVytG8P5kH-nz9-qpnj3UuU1oVSVVSHvK-c5blvEhr--e4zI6m9XC45dLU-tqZgl3ARI9LRaQAv40z5tH0iddCWwPlcKqNFyNS9Sl2EhJOyqsKskscjg1HwPC_SC7ps-Y1mZ9-ZEm6PMFfv5nzcADXABoczi6lIiWDWrWX_j-q0VNIa3iFV4zi3EgodVJXFwflCK29eM2GdYVJhC-rxGLdLTaueaTb4Ki9SxTXkd4UL6k7vgro0q4LVADYgxeJeejxJ7CRtKs9pGCiIfVE_NuRA3cWrCGd2zHMBRQCwyGvPWaQ8TM-UklHFzvaoeJDlF0_IRb3yMb862Nd4xH3cKeYcpjd9XeVeMM

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/ Frame 5A59 5 KB
2 KB 94ms
43ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0953ebba2aa7b2bd492739ca1512abb19827ed99c78b1d83485d77c27d982b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 79034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1584
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 10:42:12 GMT
expires: Tue, 05 Apr 2022 10:42:12 GMT
last-modified: Thu, 03 Feb 2022 11:30:39 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 640A 0
63 B 185ms
80ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0XT-vHDcfouN6LRXQCCtWD0oHKS9V8dviZD6r681wnomSetdCBN1P9poEbnLdeYzcPtZLrl2PCyuQNu2t-euVOuIBb-JXQtsgYwytWF6b3tKXlmOK9385O6PY2KOV3nSNY3Jv86f6IlFV&sig=Cg0ArKJSzApQnhEnt173EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=257&cbvp=1&cstd=254&cisv=r20220331.48786&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/ Frame 0A7D 5 KB
2 KB 55ms
41ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bd3c36a08f6faf6cfeba1216166477c0ec70c06a799e195aa80b811e3ec1972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 54519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1584
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 17:30:47 GMT
expires: Tue, 05 Apr 2022 17:30:47 GMT
last-modified: Thu, 03 Feb 2022 11:31:18 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8295 0
575 B 150ms
79ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7JioHu-knEIwWkuD8a4FPvI9tCkIqVdwSiyc3DOZllLw2Fn_BhfQE88RZn0LbCQG9bPsDpV7x4SfJ6vTwTFyF291cByNdzjg2U5C4QGywBsseiH3Q41FlZVA9Moso1bu0G92dG7JijIOT&sig=Cg0ArKJSzJleCMukKokUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=213&cbvp=1&cstd=211&cisv=r20220331.67776&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 style.css
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/ Frame 0A7D 1018 B
461 B 43ms
41ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58020c93a443b80a6ff3ac76b991e0938b0765e33b57f0e73b5caeba7031db94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 435
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:47 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 0A7D 85 KB
27 KB 191ms
96ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ld6OOwpHUndGVZOCLeWbqm5lKKqzETQRXm10e8EaJk9EghzLZHN5LPN7BSKwwU6%2ByPLIz%2Fr3kvlQJ%2FAsD%2F05rX7La0uJyaPvKDI%2F4F%2BrvbfnBJwN0Isgh58pmkEGKOvm1o9hfM9hNLczu%2Fu02mfY1CnH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f70f9260f570219-ZRH
expires: Sun, 26 Mar 2023 08:39:26 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/latest/ Frame 0A7D 105 KB
31 KB 149ms
54ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/latest/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1241294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31378
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1a5b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xukVIThY4i1HPZQqRlFOLccR57ccZaD5HWeiQNdRX1IWH5ZwG4Z9RL%2BO9C2%2B7u44O%2BjuAtqsGPdzNYRtUmeek9yD7Zo5o1YkA0H9zbkeDf3nAWwUDwCnJTymJnXhmh90bkYYFTbm6nToTeFXnVAsjyDG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f70f9260f590219-ZRH
expires: Sun, 26 Mar 2023 08:39:26 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/ Frame 0A7D 2 KB
627 B 43ms
41ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6efeac29ee19ec00cf24f1dbc94fff5f6db3c6a5317a6023b3f10e88bfa50a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 601
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:47 GMT

GET
H3 200 style.css
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/ Frame 5A59 1018 B
460 B 43ms
41ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a5fe140b6863aea746a0ed563f5d890ea898f31a2694b2bf776af5de3fdc2f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 434
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:57:21 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame 5A59 85 KB
28 KB 147ms
52ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kj4mVdfiv70r7QQFWB%2BHOGnyDOf0JR%2BvJBeVey8XhTDEuxvFVI%2BRt%2F32nGzBVvW6yi59eA1SJBVy09GCsuqqYFDVOrl9huedaP0wbe%2FLgNYgQAGCM4KdRda8ixxjznCcAyJx1dyNLBhmvyKvUD05usBo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f70f9260f5b0219-ZRH
expires: Sun, 26 Mar 2023 08:39:26 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/latest/ Frame 5A59 105 KB
31 KB 194ms
100ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/latest/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1241294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31378
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1a5b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJYdFhYbZo6LVWLLx6dP7WaUWSAkznVc2VHQQMqkyCAmu1TIqWyvk%2BdNpjEs2Aw0b8jCh2oYT1ZEnZFB4RzPGmerZMw62SHYaf%2FEFf%2BfkwQnDGpFgw4IJkQcxbw%2Bzkxq7ucZI%2BQmfzkT8QV8gsFjC%2FV8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f70f9260f5d0219-ZRH
expires: Sun, 26 Mar 2023 08:39:26 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/ Frame 5A59 2 KB
627 B 42ms
42ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6efeac29ee19ec00cf24f1dbc94fff5f6db3c6a5317a6023b3f10e88bfa50a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 601
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:57:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6345 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDYtyPQBMYqGNMJeD3wOozLqoBwAAAAA4AeAEAg&bg=!NTalNnLNAAZku-1yRLs7ACkAdvg8WmFCKi5Bht4lqsqYXTgP9qvkKSGAaJ0_bDbdIfcixP94I2WEEQIAAAC_UgAAAAJoAQcKAE6uli4BZmemiYpOeIsHwo78ZErS54tHqrFFKtFMcmJK7p4NyKqUlrc7hkMVvUpIECGlYIWkwvTkFP1bOM35ZJXsX4JTkTOqhVgJJ4yF9XeZAxMPLxT0DavBXqoXZM74OgDxQ-i36V3jrlxtBrLpV9eDn6OeTJZVRb9xYrK3QYGsRth0J7t6HBbaeMAlZ9C88VcmFydYLe6x1xvJIef9pgILL5m67qPPFULlTA8OCpH16IxfL6BAidH2nkJ4ZHy6hmC-C7zpacBCy0KB_plR_6sTI6rjw2KOR7xFYCsEEXIktWBpO_o9VNFw5fByyMNWl5e8gg09Hw6jVnsQFYBuy9blFuwOj9YQkSmfvUIyB6N52ehgruE8CDYWNn-WdZQV_Fp8RwjUC6TN4Gormq6yaqx6FwViCjNEcyp6v8m1B04V77IbBkqK1pRsI4RQqzl6it2szc8hT36WvEow72P--cuyXpOEDAL_e5VYuh0uOiUYWDUevofU35WEjxpVBY0OGHme6nkrY_penZcA6_fTvUkpBUEIC_SVLdVXyZAKtLlDkM969qfvW8OiWKYzozbxdp3bSSxxMHJGm8XfTy6WAlNGSBYZredoREjjYYN9EJsKgummLQgKcGxMlth2rQ-xfe2bx2UydfpFhnAcMZIvAw6H9HMR2BXSfGp2h9LwtIi0ekQHrAtGIuBdrXt8TX106E6GxwSZdLApZJC8xjYWdOwpvjCQ7GZ8W7r9RK4lpfLNmDwt5K6mSylKYlcNFW_v9k_FOrEXQZQXMpznz-Ic7t6DN3aLTahacDiFzNc-A4hUuP_VkAOsCPmgio0_d3kCEa-UFtL0VEvRgrLF7zMHDHfb1Tmve9t3F_te3Jq6s50T7LBxlaSaLRVDx8ReLGeGMlog40kZNKKd3vy8NGdJzclPIQhkrU9I5yL11nnzZgdIlLHR5PtTK3kS_wIufewzAklkPYOoiFMhUmnJa7zTLxSJVPq_vqY8YgBcVTTfCuKADQqRREJI5QkdGUSOiY-LswrjNMhkIvCaWGi5amEOfhWnpsD781TznMtAHgL9oobb3g5iwZpTGH9nfYzMk4xhsvcOBJ6jjHyBZ5GqnSSjqGHqZw8tXuX5SOymFT8ecZ4vrbv06wqi6xz1pgQu0FwotHeEzvSO

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55AF 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtWfSPQBMYumRMNqSrASoyLRIAAAAADgB4AQC&bg=!lJell9PNAAZku-1yRLs7ACkAdvg8WiXwfqS-Gv9y4BkKuaWNd57lRfSnVga7_ucB8aeCISdqThA4VAIAAADjUgAAAAJoAQeZAxJ3vd_Sr8f_qd_HihTBQ1qkbqhudEh6xXFLO0nwJPXJ3qtfq2keoeDc8IOuvtBMP42oGWn7qIxZH0fbfm3OeUSleFM1sH3EhuCBImUGORSqoAq1989B7lciCsjsLNwtECoKA8B3vpHf2DgxjvjIEXukGtYM5gwPVAdKFA6jD2Ag1z3NemDtahJ2z0nQ5djLW-7YiFrN6zzUzA9KZrJexLUv7_vcroZwYwQgEkCEpjrPtRYgC58W2WUAiuyOKFHgJbzwZbortzt_-508XVqWj2rNgZUb0pcQf4U4Vpi7LtEIrki9c4SFuIx3G0MFjbIDsaxKjDTVvOPF-sejhCLupJRZRAQjICYtZNluUoqvfhPVPReomDy0E9e6hf9M2g5ggyjDgg3tNl9wDfkN_eHwE0E-cjoHLgNu5Uti0DZSFJWB-2CCXLQ-cK27PriG4TfEqoGH-Vpebxj5ED-m8-6QJT6U-8b7UtQmCwut1pFNNeRZpEXetY5rXT8jKeZXhE2d7Juazvet3jtFiCHjiqn42J71XCp0ilW6afFZhygETxIA6cKuS1RSY-h_8_4hZ7-k3YEW7qJvuFLHPfTXWyWj3TjrlgiBFkORY0DGoEdWEwmaMxrNhLVloizqnT51GGHrU1Wa2dWHwvkqTByBzKreYSafbvFtt3GyHeLcue_rPAdr-yBj3YYN7CEcLCvVnedW97DUuTswCUHTlEqHIA570Gx6cGPDc7uSZK9z8uUEY1bcjzUAQFAiKrEuswJXQ56Am1F_WwCP2XkFer6moqF1Co_zKZeQzY2WDaNYzKvjnU_62vnOQMELwxYe8NgRbqJI5um-DdBUaN9124bZno_itDHF8Jjb_GvIXvz7o-XY1VIQu0YVuBznqtSGd3Lng2X7yMzaiX_cf3ODtKfzmAPCM4BtVr7Wg76q6tm_M2LNC72rN3LOc18_4t3ycbAEDQnrHR-TPCL-IXHrLrRYrvpf1a_pHMEFTQ-m_L_UfvUJm9JsLL3wss-xxpnJakSpIo72Lanothyp_UL372W5DCLljvW-Ncs

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 640A 0
26 B 129ms
78ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0XT-vHDcfouN6LRXQCCtWD0oHKS9V8dviZD6r681wnomSetdCBN1P9poEbnLdeYzcPtZLrl2PCyuQNu2t-euVOuIBb-JXQtsgYwytWF6b3tKXlmOK9385O6PY2KOV3nSNY3Jv86f6IlFV&sig=Cg0ArKJSzApQnhEnt173EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=650&vt=11&dtpt=393&dett=3&cstd=254&cisv=r20220331.48786&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 bg1.jpg
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/ Frame 5A59 16 KB
16 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/bg1.jpg

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6667a05aeb04fb8f99dc7cb90e497ba059853ed720df414b81970fa0695cc7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:55:03 GMT
x-content-type-options: nosniff
age: 49463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16635
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:55:03 GMT

GET
H3 200 copy1.png
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/ Frame 5A59 2 KB
2 KB 51ms
50ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/copy1.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df08fb576c4dfd3d6775f28d2e9571e230f837a3cc084e8902b96933204e447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:55:03 GMT
x-content-type-options: nosniff
age: 49463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2476
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:55:03 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/ Frame 5A59 18 KB
18 KB 91ms
90ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/bg2.jpg

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b66de4a36158f43af238e29b05f84ab8e5f17716d74b0999e86572c3708fb8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:55:03 GMT
x-content-type-options: nosniff
age: 49463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18702
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:55:03 GMT

GET
H3 200 copy2.png
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/ Frame 5A59 2 KB
2 KB 88ms
88ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/copy2.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54a189c17ce1d32761c68589a5a248eab0cd69eb68c5822d90a389c100a35167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:55:03 GMT
x-content-type-options: nosniff
age: 49463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2413
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:55:03 GMT

GET
H3 200 bg3.jpg
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/ Frame 5A59 18 KB
19 KB 107ms
106ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/bg3.jpg

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e3a393ad4961baeee191b1f104036a2be02438713f3d75385e030ca42ffa0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:55:03 GMT
x-content-type-options: nosniff
age: 49463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18918
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:55:03 GMT

GET
H3 200 copy3.png
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/ Frame 5A59 3 KB
3 KB 106ms
105ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/copy3.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

865d5d6487d9cd23f0cde9431aa7e2d7c9b4584a95973700803ca47113654773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:55:03 GMT
x-content-type-options: nosniff
age: 49463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2834
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:55:03 GMT

GET
H3 200 bg4.jpg
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/ Frame 5A59 18 KB
18 KB 115ms
114ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/bg4.jpg

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ecf37b85cd93e114403e32b03c498cb1b33a6634ce2d2f66e00f976c17cda03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:55:03 GMT
x-content-type-options: nosniff
age: 49463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18118
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:55:03 GMT

GET
H3 200 copy4.png
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/ Frame 5A59 3 KB
3 KB 45ms
44ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/copy4.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd354725ef3d5f5e824e37b79fc3a0cf0c237901044152117f29217d60e5bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:55:03 GMT
x-content-type-options: nosniff
age: 49463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2572
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:55:03 GMT

GET
H3 200 cta.png
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/ Frame 5A59 1 KB
1 KB 47ms
46ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/cta.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e9da6a7d6fc385b06adad87f8a61a896805739d08d458e7cb2c7f1c8ad33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:55:03 GMT
x-content-type-options: nosniff
age: 49463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1351
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:55:03 GMT

GET
H3 200 kiaLogo.png
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/ Frame 5A59 1 KB
1 KB 44ms
43ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/kiaLogo.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b3490ae8091bbdb2779c0aa3b9c8c1186fb540d0fc48ce7a46b690840614419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:55:03 GMT
x-content-type-options: nosniff
age: 49463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1491
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:55:03 GMT

GET
H3 200 tc.png
s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/ Frame 5A59 904 B
928 B 45ms
44ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/images/tc.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

410a9484ef4b4b78d85a7fcabfd3744fb131969b5df11cbd0b2675a54c92c46e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887839580/422756_Sportage_DCM_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 18:55:03 GMT
x-content-type-options: nosniff
age: 49463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 904
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:30:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 18:55:03 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 640A 43 B
301 B 98ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=7eb6d20f-b5d9-8286-5449-979d620dc0cb&tv=%7Bc:8TKb0w,time:1215,type:e,im:%7Bpci:%7Btdr:1014%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1215,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1209~0%5D,as:%5B1209~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:104,fm:t27mNt3+11%7C12%7C13%7C14*.949060-60756785%7C141%7C15.949060-60756784%7C151%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:26 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8295 0
26 B 122ms
77ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7JioHu-knEIwWkuD8a4FPvI9tCkIqVdwSiyc3DOZllLw2Fn_BhfQE88RZn0LbCQG9bPsDpV7x4SfJ6vTwTFyF291cByNdzjg2U5C4QGywBsseiH3Q41FlZVA9Moso1bu0G92dG7JijIOT&sig=Cg0ArKJSzJleCMukKokUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=578&vt=11&dtpt=365&dett=3&cstd=211&cisv=r20220331.67776&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 bg1.jpg
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/ Frame 0A7D 65 KB
65 KB 116ms
115ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/bg1.jpg

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea2378774915641f9eaa0f5a3140a1058661dde8ac313719a7dd9b55e50c40da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:52 GMT
x-content-type-options: nosniff
age: 54514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66275
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:52 GMT

GET
H3 200 copy1.png
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/ Frame 0A7D 16 KB
16 KB 123ms
121ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/copy1.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e8fe641c879c0b030433071133a3771588c6c6e91aeb05f692617ea9e168eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:52 GMT
x-content-type-options: nosniff
age: 54514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16220
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:52 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/ Frame 0A7D 64 KB
64 KB 147ms
145ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/bg2.jpg

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a6a17b259e8c986118931770383c743447dfd021d8f8a9670983a0d05a27320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:52 GMT
x-content-type-options: nosniff
age: 54514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65170
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:52 GMT

GET
H3 200 copy2.png
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/ Frame 0A7D 14 KB
14 KB 125ms
123ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/copy2.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b80e84868b0373832e2036b34aab7556e5f6574315ff1d218e4ccf128260591f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:52 GMT
x-content-type-options: nosniff
age: 54514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14735
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:52 GMT

GET
H3 200 bg3.jpg
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/ Frame 0A7D 51 KB
51 KB 131ms
129ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/bg3.jpg

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db24e08025c1ca223a8fa2c05a674fbd7c844e2b3b23b739d3417e2a2ef501dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:52 GMT
x-content-type-options: nosniff
age: 54514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52376
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:52 GMT

GET
H3 200 copy3.png
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/ Frame 0A7D 17 KB
17 KB 45ms
43ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/copy3.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5688c2cfeb2d94cf05f392a9450aadfbbe487ad50392cab270844858d72f1f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:52 GMT
x-content-type-options: nosniff
age: 54514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16934
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:52 GMT

GET
H3 200 bg4.jpg
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/ Frame 0A7D 56 KB
56 KB 153ms
151ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/bg4.jpg

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c79da540ec541669b6cf9776518ae74b83c7998295dc8acd5bbb1717dd0d1c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:52 GMT
x-content-type-options: nosniff
age: 54514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57023
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:52 GMT

GET
H3 200 copy4.png
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/ Frame 0A7D 16 KB
16 KB 69ms
67ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/copy4.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12146c17ed6a3ea6d9235454101be7eadafef29741b59e8492bcb6d5ad7687ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:52 GMT
x-content-type-options: nosniff
age: 54514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16489
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:52 GMT

GET
H3 200 cta.png
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/ Frame 0A7D 4 KB
4 KB 64ms
62ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/cta.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de8f49a7092682e031671c5051a1ebf8afde1c46c4ede6e47f16468ee6507001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:52 GMT
x-content-type-options: nosniff
age: 54514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3887
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:52 GMT

GET
H3 200 kiaLogo.png
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/ Frame 0A7D 3 KB
3 KB 61ms
60ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/kiaLogo.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

472ce5fb62e67b2ae4b566deafd86bb11b63aa6ce6818b69c7e69e41b6ea19c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:52 GMT
x-content-type-options: nosniff
age: 54514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2823
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:52 GMT

GET
H3 200 tc.png
s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/ Frame 0A7D 2 KB
2 KB 59ms
57ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/images/tc.png

Requested by

Host: 5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
URL: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1799d1b31ae11b0e141165aecd64dba5cb2377cb7ba908f12b5ffe8104c60b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/4249253/1643887878890/422756_Sportage_DCM_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 17:30:52 GMT
x-content-type-options: nosniff
age: 54514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1576
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 11:31:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Apr 2022 17:30:52 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 640A 42 B
64 B 124ms
75ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvWEw3RlZylnvxyu8FHKSR6pp91vN-QD2n1ft8bEWZT6M6lVSdcODe4MnV-p-jyuDj3cUSPTBsSgNtW71aTonG3MXLqocGIrnW_MQF&sai=AMfl-YR4e9C62nKaMbdOc2y94f_xqJdeXPBOIvYmfsd8OZXnzwKQA4cMFGtWdpI0TJwJOfrGoCO6A7DA8M0Z-Vapyu_4pemZs1QalXeVcjectxMHE8S2NH4tzqFPjso35mIw&sig=Cg0ArKJSzJG8fINOB1yVEAE&cid=CAASKORo6rQhJr5PXpOarWhexqUIMEJXOf4SYnBpIBUrQzqrP6TsXQoP270&id=lidar2&mcvt=1000&p=228,1092,482,1392&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220404&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=978356717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649147964885&rpt=1052&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8295 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0EWOvpW9zrBmyvWH03me1mnDrZ_kHD8_Kh01eOWqanWjqRAJCgCR76qKGe5G65yJu1YNcXKYV08REB697tvkldwDiZ4-SKwOw_13E&sai=AMfl-YR0Q5xcvYgPy02LXHPWwuWAYmu2Er5Ah18Ro-QSuCSc9uyEsSAO2QIIJx5xCW756R6KQH6_5E0WJ5ZbxmbX-urYy9UuGlEO4zH5ddE25m17l0DQ0R4lVlsgJKN4vt4&sig=Cg0ArKJSzCOmKLe19XXLEAE&cid=CAASJ-RoJ0-axfFQAHg7qzEh8dFQOJYJS8qGJnDvxhaOLn0Ayj6mQJpetQ&id=lidar2&mcvt=1000&p=931,204,1185,1396&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220404&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=2483578089&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649147965153&rpt=843&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 640A 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3DudlpCFlzC3ugy92XnucEPIs9fm0bXGT1B6oOLnXxyLDAIYbcCRf0UQJ-E7eP8j9n1dCSISuJevJW22Ns1iG_ljNpM8xyPE&sig=Cg0ArKJSzDtov5VQN-L5EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220404&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=250412562&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649147964885&rpt=1279&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8295 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcumHMOPk_D9fx9j2elehz4uvfRHvOTBoEQqYMe03GrYZhbhNN0u21QjK2uCCvky_pKgiYj15pYL_alwBIyZC59ZFrPCEjPqE&sig=Cg0ArKJSzKta7OkU__-OEAE&id=lidar2&mcvt=1001&p=0,0,250,970&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220404&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=1964084974&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649147965153&rpt=1043&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8295 43 B
301 B 98ms
97ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=396b463c-b35d-5e28-6c69-81a2e35fb148&tv=%7Bc:8TKbc1,pingTime:1,time:1756,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:1192,h:250,t:21%7D,%7Bpiv:100,vs:i,r:,t:685%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1071,o:685,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:i,cc:NaN.NaN.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B679~0%5D,as:%5B679~1192.250%5D%7D%7D,%7Bsl:i,t:685,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:i,cc:NaN.NaN.1192.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1071~100%5D,as:%5B1071~1192.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:144,fm:t27mNt3+11%7C12%7C13%7C14.949060-60756785%7C141%7C142%7C143%7C15*.949060-60756784%7C151%7C16%7C17,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:27 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 8295 43 B
301 B 99ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=396b463c-b35d-5e28-6c69-81a2e35fb148&tv=%7Bc:8TKbc2,pingTime:1,time:1757,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:1192,h:250,t:21%7D,%7Bpiv:100,vs:i,r:,t:685%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1072,o:685,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:i,cc:NaN.NaN.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B679~0%5D,as:%5B679~1192.250%5D%7D%7D,%7Bsl:i,t:685,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:i,cc:NaN.NaN.1192.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1072~100%5D,as:%5B1072~1192.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:144,fm:t27mNt3+11%7C12%7C13%7C14.949060-60756785%7C141%7C142%7C143%7C15*.949060-60756784%7C151%7C16%7C17,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:27 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 103ms
34ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 05 Apr 2022 08:39:27 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1136
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=6ZgikXxaWGdWdURLc1RIbEUwQ2dqV3Vvb3d6UE1aQ2EvWE80TEQ0dCt3VGdRaE4wZUIyT1JWbHFNWXJRZVJrZXA3b3YzdWdkaVdVK0VocGdscnVhMGhvNm1vMGZUWUpBM1UycHN6TzJZYldtVkUxTmpQSWlUMUY1bFVwVU...

337 B
604 B

112ms
38ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=6ZgikXxaWGdWdURLc1RIbEUwQ2dqV3Vvb3d6UE1aQ2EvWE80TEQ0dCt3VGdRaE4wZUIyT1JWbHFNWXJRZVJrZXA3b3YzdWdkaVdVK0VocGdscnVhMGhvNm1vMGZUWUpBM1UycHN6TzJZYldtVkUxTmpQSWlUMUY1bFVwVUw5S2FBdUFKUWhkWjlGM0U4c3dOYVdNd1FzY2VNWVRXaDRubEw3bEgvY2RVYU0xNitHMGhXS0oxeGNVRTkrZDJ2blUzd3hEbWlpL0RyWFk0U3hXMi9FeS9rK3FRbUNRRUVBUTQwZHhVaUpJcWpnMzFxSEdrPXw&cppv=2

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

391548b8d077f2e682d395abe332892756f6be82fb143903c5ddd4d4c7fc974e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:27 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2755
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:27 GMT
location: https://mug.criteo.com/sid?cpp=6ZgikXxaWGdWdURLc1RIbEUwQ2dqV3Vvb3d6UE1aQ2EvWE80TEQ0dCt3VGdRaE4wZUIyT1JWbHFNWXJRZVJrZXA3b3YzdWdkaVdVK0VocGdscnVhMGhvNm1vMGZUWUpBM1UycHN6TzJZYldtVkUxTmpQSWlUMUY1bFVwVUw5S2FBdUFKUWhkWjlGM0U4c3dOYVdNd1FzY2VNWVRXaDRubEw3bEgvY2RVYU0xNitHMGhXS0oxeGNVRTkrZDJ2blUzd3hEbWlpL0RyWFk0U3hXMi9FeS9rK3FRbUNRRUVBUTQwZHhVaUpJcWpnMzFxSEdrPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1724
content-length: 482
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
525 B 170ms
43ms XHR
application/json 51.89.20.87
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458096/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.20.87 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p19.id5-sync.com

Software

Resource Hash

a4f7e9623e5d9231507a8d22bb4ed38650a87f6377512208adf7a4ef71a4daaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vsim.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://vsim.ua
Date: Tue, 05 Apr 2022 08:39:27 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 123ms
37ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 05 Apr 2022 08:39:27 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1093
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 640A 43 B
301 B 98ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=7eb6d20f-b5d9-8286-5449-979d620dc0cb&tv=%7Bc:8TKbpC,pingTime:1,time:2771,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D,%7Bpiv:100,vs:i,r:,t:1770%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1770,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1765~0,0~100%5D,as:%5B1765~300.250%5D%7D%7D,%7Bsl:i,t:1770,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:101,fm:t27mNt3+11%7C12%7C13%7C14*.949060-60756785%7C141%7C15.949060-60756784%7C151%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:28 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 640A 43 B
301 B 99ms
99ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=7eb6d20f-b5d9-8286-5449-979d620dc0cb&tv=%7Bc:8TKbpD,pingTime:1,time:2772,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D,%7Bpiv:100,vs:i,r:,t:1770%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1770,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1765~0,0~100%5D,as:%5B1765~300.250%5D%7D%7D,%7Bsl:i,t:1770,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:101,fm:t27mNt3+11%7C12%7C13%7C14*.949060-60756785%7C141%7C15.949060-60756784%7C151%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:28 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 bg-img--small.jpg
vsim.ua/bundles/twentyminutuamain/img/ 5 KB
6 KB 73ms
73ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/bg-img--small.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?c25568bd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?c25568bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-1580"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5504
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 check Show response
vsim.ua/site_login/login/ 20 B
145 B 450ms
450ms XHR
application/json 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/login/check
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?c25568bd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9

Request headers

Accept: */*
Referer: https://vsim.ua/
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
cache-control: no-cache, private
server: nginx
content-type: application/json
x-dev: Desktop
x-cache: BYPASS
x-stat: 1

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 73ms
73ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 73ms
73ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?c25568bd
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 login_button.php Show response
www.facebook.com/v12.0/plugins/ Frame 5BE4 31 KB
12 KB 172ms
172ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df295d875221e8c%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ffff66e53a1202c%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=85496cc7ff97ad909ff436afee261b24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

160c2109756177ceeabd9e45815f52f067392578317eec9faddc11ea26ddc62b

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Tue, 05 Apr 2022 08:39:30 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: CGsnKOv3AIhHM/Iv2DpoTT7oef4XNAydYp0sLh8E1jIy3xkF6HztaPblbBm0ooCxuULEqJ82BumxnLSjUVNKdQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 style
accounts.google.com/gsi/ 657 B
441 B 155ms
104ms Stylesheet
text/css 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host:
URL: /_/gsi/_/js/k=gsi.gsi.en_GB.RPXVT0N34jA.O/am=Qg/d=1/rs=AF0KOtXkpPIngjToeSzKweEn6txncjjpow/m=gis_client_library

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a36953d8c9c0e8b19dc478d9bbcf13312609437b21eed3301f50eb0db0d14ac

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BweOK3U4XjWzv+zRnknESQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BweOK3U4XjWzv+zRnknESQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"
expires: Tue, 05 Apr 2022 08:39:30 GMT

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 87ms
87ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 92ms
92ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 3b9da42e4898a631ad7476d18770bcbb16320bf6.webp
vsim.ua/img/cache/news_rtp_small/news/0026/76/ 27 KB
27 KB 177ms
175ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0026/76/3b9da42e4898a631ad7476d18770bcbb16320bf6.webp?hash=2022-04-04-20-06-00
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: b961978bdc98282d20cb96bc9f71fd09780cb348b657ce7a4e677feff4014fc5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
last-modified: Mon, 04 Apr 2022 17:22:00 GMT
server: nginx
accept-ranges: bytes
etag: "624b2938-6ad2"
content-length: 27346
content-type: image/webp

GET
H2 200 339e8e667a8cf31d4de2ffde63b3346dc1f198d9.webp
vsim.ua/img/cache/news_rtp_small/news/0026/76/ 35 KB
35 KB 249ms
247ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0026/76/339e8e667a8cf31d4de2ffde63b3346dc1f198d9.webp?hash=2022-04-04-20-38-43
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: f97a89052ffc84b6fa1c758799aba88852b73f76ae9157783600dc59048e3245

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
last-modified: Mon, 04 Apr 2022 18:46:12 GMT
server: nginx
accept-ranges: bytes
etag: "624b3cf4-8d36"
content-length: 36150
content-type: image/webp

GET
H2 200 46cb69190bbdc0cc36b77e090cff5a4d9b231451.webp
vsim.ua/img/cache/news_rtp_small/news/0026/77/ 21 KB
22 KB 290ms
288ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0026/77/46cb69190bbdc0cc36b77e090cff5a4d9b231451.webp?hash=2022-04-04-21-41-32
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 3835872b71aee14c22183c37232435d279ea32f7b471109c1f9f74d73f7c2761

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
last-modified: Mon, 04 Apr 2022 18:46:12 GMT
server: nginx
accept-ranges: bytes
etag: "624b3cf4-55e2"
content-length: 21986
content-type: image/webp

GET
H2 200 9775a6722a89976eca4961cae51865bca182a179.webp
vsim.ua/img/cache/news_rtp_small/news/0026/76/ 22 KB
22 KB 325ms
323ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0026/76/9775a6722a89976eca4961cae51865bca182a179.webp?hash=2022-04-04-11-27-31
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: dd25050281541c6ea1efaf83db494f45be7922616430bf42de6a0714d80e78f8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
last-modified: Mon, 04 Apr 2022 14:38:22 GMT
server: nginx
accept-ranges: bytes
etag: "624b02de-579c"
content-length: 22428
content-type: image/webp

GET
H2 200 4afdf7fa651e0fb5c320b5599c66ed77d7698f7f.webp
vsim.ua/img/cache/news_rtp_small/news/0026/76/ 13 KB
13 KB 325ms
323ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0026/76/4afdf7fa651e0fb5c320b5599c66ed77d7698f7f.webp?hash=2022-04-04-10-43-40
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: a45bde48d054197ab9ef7682cdbfc037cb21635f740801c31d8c6b1e5c925ef4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
last-modified: Mon, 04 Apr 2022 16:50:42 GMT
server: nginx
accept-ranges: bytes
etag: "624b21e2-354c"
content-length: 13644
content-type: image/webp

GET
H2 200 357b508a3a48662b4debabf728264baa98488cf2.webp
vsim.ua/img/cache/news_rtp_small/news/0026/76/ 25 KB
26 KB 325ms
324ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0026/76/357b508a3a48662b4debabf728264baa98488cf2.webp?hash=2022-04-04-16-13-09
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: d24a0e7c1114a40bcf40a51616fa4b86f382a38bf138e2e3b748542898293565

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
last-modified: Mon, 04 Apr 2022 13:55:45 GMT
server: nginx
accept-ranges: bytes
etag: "624af8e1-659e"
content-length: 26014
content-type: image/webp

GET
H2 200 5ec94c809065d7e541a3d8bc512dc8544f64e3ca.webp
vsim.ua/img/cache/news_rtp_small/news/0026/74/ 17 KB
17 KB 326ms
325ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0026/74/5ec94c809065d7e541a3d8bc512dc8544f64e3ca.webp?hash=2022-04-03-14-35-17
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 436be4c53fa6627c2bc16713691011f12dc977e6747500eacb0d12d1c2243b7f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
last-modified: Sun, 03 Apr 2022 11:36:10 GMT
server: nginx
accept-ranges: bytes
etag: "624986aa-42ce"
content-length: 17102
content-type: image/webp

GET
H2 200 985097d4fb6623114fd701b0796e73268e3f5aa8.webp
vsim.ua/img/cache/news_rtp_small/news/0026/72/ 20 KB
20 KB 397ms
396ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0026/72/985097d4fb6623114fd701b0796e73268e3f5aa8.webp?hash=2022-04-01-13-10-23
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 7d47753f01dccd5fc03bf6ab92ef3e85825902ff83a4da0b1e31d15700dfea5d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
last-modified: Mon, 04 Apr 2022 06:16:57 GMT
server: nginx
accept-ranges: bytes
etag: "624a8d59-4f1e"
content-length: 20254
content-type: image/webp

GET
H2 200 ps3LEjFUMch.png
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 5BE4 441 B
717 B 41ms
40ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/ps3LEjFUMch.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df295d875221e8c%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ffff66e53a1202c%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
x-content-type-options: nosniff
content-md5: bIdClDVUx2JypSkH1jl0jQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 441
x-fb-rlafr: 0
x-fb-debug: k4am1NVbakfhVkCfEMUsiS/5O4T+m8HiLRsCResmxUYyZwrUr0ALgkbJXKuXpZllknT4+VAakMxEQUICzyADyg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Mar 2023 15:36:38 GMT

GET
H2 200 LX4KN4_ltyK.js Show response
static.xx.fbcdn.net/rsrc.php/v3ixCr4/yH/l/uk_UA/ Frame 5BE4 524 KB
138 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ixCr4/yH/l/uk_UA/LX4KN4_ltyK.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844dd5c4919168a9e324dd2d63a0d6701370957f347e008c2bdeca9e3ae9ed39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0Bq8ROnFJKwUZkwaoQmc3A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 141024
x-fb-rlafr: 0
x-fb-debug: aVLbLhXhbKx9r1dmydImw1nFBqKpcFmJSFBDvcs6+lTIIZIN5BORnu0SedMZLDzFmGPx5UleMarXNzJdbaU6yw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Apr 2023 05:08:59 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/platform/ Frame 5BE4 67 B
99 B 150ms
149ms Image
image/png 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/platform/cavalry_endpoint.php?t_cstart=1649147970776&t_start=1649147970776&t_domcontent=1649147970783&t_layout=1649147970896&t_onload=1649147970896&t_paint=1649147970896&t_creport=1649147970896&t_tti=1649147970783&lid=7083036599273023587-0

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df295d875221e8c%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ffff66e53a1202c%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: zQkvZv7250utrorK7tJ4BMqijtI0A3rV0CeedqQjnzFa4YpkLfr8CInY1y6luHPu+O9+zPOnsmyCVnsKkshNKg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 05 Apr 2022 08:39:30 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 57ms
56ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022033101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

614971d382f22cf3fee5c173318b9f1ffdf0a5a8b2866595ed7848876be7a9dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Apr 2022 08:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10590
x-xss-protection: 0

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 90ms
90ms XHR
application/json 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=218226485810-uqk03eati6qp5glmb6e91f2u24152enh.apps.googleusercontent.com&as=2cJCSAzLhKtUy%2BVVw3Yj2Q

Requested by

Host:
URL: /_/gsi/_/js/k=gsi.gsi.en_GB.RPXVT0N34jA.O/am=Qg/d=1/rs=AF0KOtXkpPIngjToeSzKweEn6txncjjpow/m=gis_client_library

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec7b6ca429c473fa2b8bdaaa13ca6e278f5a4a667fde815239ecdd6c04f244a2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-1oUY5BPjYmhFyhr6ySNppw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-1oUY5BPjYmhFyhr6ySNppw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 49ms
49ms Font
application/octet-stream 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:30 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:30 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: HIT

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 204ms
204ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?c25568bd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:31 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Apr 2022 08:39:31 GMT

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 41ms
41ms Font
application/octet-stream 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:31 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:30 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7892 13 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

accept-ranges: bytes
age: 207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 08:36:04 GMT
expires: Wed, 05 Apr 2023 08:36:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E45B 783 B
535 B 49ms
49ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

981575137eac343224e9e40d9d513ef2d162e3cc6744eb7d6d61746f3d80110d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8XMWvdrC0YSzjMrZBuVEFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-8XMWvdrC0YSzjMrZBuVEFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 08:39:31 GMT
expires: Tue, 05 Apr 2022 08:39:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 362437226.jpeg
cdn.gravitec.net/images/users/1651162056492056576/ 4 KB
4 KB 35ms
35ms Image
image/jpeg 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1651162056492056576/362437226.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4a7ba87ff08127253564f6d997be58f8e11109edf659f6677f6af8f8459a69d7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 05 Apr 2022 08:39:31 GMT
last-modified: Wed, 05 Feb 2020 13:46:42 GMT
server: nginx
etag: "5e3ac742-e67"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3687
x-proxy-cache: HIT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E45B 0
0 89ms
89ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022033101&jk=1363436574031943&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js Show response
pagead2.googlesyndication.com/bg/ Frame 7892 35 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 08:58:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13680
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 08:58:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7892 0
9 B 40ms
40ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FPJK8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:39:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022033101&jk=1363436574031943&bg=!e3ileDzNAAZku-1yRLs7ACkAdvg8WrToaAjTW37NeDvOvGFBY2tE5NPI0gkF1XEgAx95uMHA6C-CzAIAAAB7UgAAAAFoAQcKAB6GyrFzhUP3NPY6qyLGitPAkwqYximpzmjgj_767HOZAsPN--WoQHfimHXR9MnXdMnuCWmrCHvuXXEod_gQ2lWmjdRr3l-8eZktUD1en7fIE4jg5XcGDPZ7YB0iHQpEil8qoMc2qaKDnF3sMOtcfI0feOWBsgsqVrBhAbsGbi-R1ll95jKP_T3c2GK3rpQxw2NIa0OXvsjf5Jr5btTh4ztse-LTDZVCqW5RRQkAnaA-vETRW4fHh6-_7ZHs_Vz2PW1dnVih6S4_h8XY2Gi3rNN488Rg_W-faf0JExpUFgktG6avZ7t_9ZALPhAP-8NmpcCq2QDY5FYHHYVj8xyaT-gcoH_SAag4WMNeodAkvRyyQDlBZ2mt-biI3FNfBq2WRuMboHxXlpuUR5vBLWPIspI9U0qsR0OR9NeJtrCMEyt2-fILkHwhCdF1SiixbvDgtfvww9vUcqe1FMmdV6Q5JD66tC_-APvx5AHsBfnD65EAEIuD3EmhoRJBh1iEuV71DfuwOXM17tmOi81wyqXvsV45niuLHPLepyCOpETWEzlhi1jTpUIW0ZbPcFqmVlYebXMThQRDPhu4qu6lujLsRRJNy3lbDX3b6uPMy23N7__YaTn41CSlr1S4HymGreLwfjjTvcIPxX7CXFLIPK6jZR1DSIKrkjKaGTavfn8q4CvqcUmNvfKH9t3HxuZNG13qyj9ktN5DWNeKT8reigRa3qbkJ4Xw0BX3UD7QavFcFjAjQICGiW8A5t2vkh_1sup6CJqCha0rQ2S8EWSzF0F_tD1em0747OhNffOiY2cDmRkqeU4VgLRg4E141CcY2usxQoss3DzNaL3OgGuyGySDBsnYQtBFMFPbi03CGhZkSCQGH7_GlGqll4-_RuKpVAyD2SZduYOFKi8xk77Oq0X8INscsvxw_XJwLMpdn-jsoKwmQht2QX6GX53SBfLOdG0-JLYL0gITtvTUxx0hBfZPtIgYBX1WUA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Apr 2022 08:39:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 640A 43 B
301 B 98ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=7eb6d20f-b5d9-8286-5449-979d620dc0cb&tv=%7Bc:8TKcs8,pingTime:5,time:6771,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D,%7Bpiv:100,vs:i,r:,t:1770%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1770,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1765~0,0~100%5D,as:%5B1765~300.250%5D%7D%7D,%7Bsl:i,t:1770,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:102,fm:t27mNt3+11%7C12%7C13%7C14*.949060-60756785%7C141%7C15.949060-60756784%7C151%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:32 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 640A 43 B
301 B 100ms
99ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=949060&asId=7eb6d20f-b5d9-8286-5449-979d620dc0cb&tv=%7Bc:8TKcs9,pingTime:5,time:6772,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D,%7Bpiv:100,vs:i,r:,t:1770%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:1770,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1765~0,0~100%5D,as:%5B1765~300.250%5D%7D%7D,%7Bsl:i,t:1770,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:102,fm:t27mNt3+11%7C12%7C13%7C14*.949060-60756785%7C141%7C15.949060-60756784%7C151%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Apr 2022 08:39:32 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vsim.ua
URL: https://vsim.ua/push-worker.js?version=6&appKey=d9345397765ace7e36f5036f718db82e&track_inactive=true

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vsim.ua/	1970-01-20 02:05:48	Name: Value: undefined
.vsim.ua/	1970-01-20 04:15:23	Name: _fbp Value: fb.1.1649147964075.1310621062
vsim.ua/	1970-01-20 19:36:59	Name: GN_USER_ID_KEY Value: b922021f-16d4-407e-b744-c57979598772
vsim.ua/	1970-01-20 02:05:49	Name: GN_SESSION_ID_KEY Value: 444d5f0d-9422-47dd-b801-f354580a609a
.vsim.ua/	1970-01-20 02:05:51	Name: AMP_TOKEN Value: %24NOT_FOUND
.vsim.ua/	1970-01-20 19:36:59	Name: _ga Value: GA1.2.2115800258.1649147964
.vsim.ua/	1970-01-20 02:07:14	Name: _gid Value: GA1.2.858404526.1649147964
.vsim.ua/	1970-01-20 02:05:48	Name: _gat Value: 1
.facebook.com/	1970-01-20 04:15:23	Name: fr Value: 0H45Cvv771Ic9RZJp..BiTAA8...1.0.BiTAA8.
vsim.ua/	1970-01-20 02:05:48	Name: browser_id Value: 0cae4fee-1f80-4627-b424-77dd90b351f5
vsim.ua/	1970-01-20 02:05:48	Name: remp_session_id Value: 402e1bea-3bb9-4f3e-81dc-cfa05e8e930e
vsim.ua/	1970-01-20 02:48:59	Name: _pbjs_userid_consent_data Value: 3524755945110770
.vsim.ua/	1970-01-20 10:51:23	Name: _pubcid Value: 13137260-70c3-48c5-972b-c1e75e9eb25e
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-22 15:24:59	Name: E Value: AJ7w6/5CKKkUyNz8
a4p.adpartner.pro/	1970-01-20 03:32:11	Name: apuid Value: 6e018d51-1f59-456d-a627-5d6e165e5080
.adnxs.com/	1970-01-20 04:15:23	Name: icu Value: ChgI4axaEAoYASABKAEwvICwkgY4AUABSAEQvICwkgYYAA..
.adnxs.com/	1970-01-20 04:15:23	Name: uuid2 Value: 2859143338027051001
.vsim.ua/	1970-01-20 11:27:23	Name: __gads Value: ID=0c7dcad8792ee5ba-22f17b056fcd0038:T=1649147964:S=ALNI_Mb-cgRc5KeFNb94djwn2dakcncnaA
.doubleclick.net/	1970-01-20 11:27:23	Name: IDE Value: AHWqTUnXOYwRM5LU-15ZqiaOKtufUuWwamQcGekrYQmtWM1Lj51C4pxOOhFXBY3BHZ8
.casalemedia.com/	1970-01-20 10:51:23	Name: CMID Value: YkwAPb-BMp0tcSvQjQ28YwAA
.casalemedia.com/	1970-01-20 04:15:23	Name: CMPS Value: 712
.adnxs.com/	1970-01-20 04:15:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImRnTC0N!@wnfH8K6pQK`!5=E<L5?%K-4Jux9kk:Og4?m51dXckf0tJ1@@.)]cP1U4t%nugO%v4VB%nnK9#!!b
.casalemedia.com/	1970-01-20 04:15:23	Name: CMPRO Value: 1845
.casalemedia.com/	1970-01-20 02:07:14	Name: CMST Value: YkwAPWJMAD0A
.casalemedia.com/	1970-01-20 10:51:23	Name: CMRUM3 Value: 2d624c003d2760CAESED9dFRgJKsdfBeGPpP2zAD8
.adtelligent.com/	1970-01-20 03:35:04	Name: vmuid Value: 04e32365f15e1b3a
.adtelligent.com/	1970-01-20 03:35:04	Name: a307558 Value: 6e018d51-1f59-456d-a627-5d6e165e5080
.vsim.ua/	1970-01-20 11:27:23	Name: cto_bundle Value: Tu4SKV9TNFVHRlBuS1p6MSUyQlpZSXdjdnJ0JTJCcEZSTDlrbjclMkJaVXN5TlAlMkJZOHFlJTJCNVNXeU4lMkJwNDlnT3djVEdOaTZCRjhzUFlGS2FHdTdSblRNJTJGdTdqaEMyWXRnaDdEZ0hqa3UlMkIlMkZVVDNaS1JLOGtFdyUzRA
.vsim.ua/	1970-01-20 11:27:23	Name: cto_bidid Value: lc0Xe19iSmZDViUyQnFYUjBFZUh2aUd4U3Fvb0tRWlpVS0hSV3hNN3JqTWl6WlREJTJGWFFqeTZNbmFpb2t6MHUwejh5M2xyWWJ5TDdBS0NYMlpEdlU3U0xKQ0s4RlElM0QlM0Q
vsim.ua/	1978-01-11 21:31:40	Name: subscriber_life Value: %7B%22order%22%3A%5B%22modal_mail%22%5D%2C%22modal_mail%22%3Afalse%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://leokross.com/vAW/aGeq.js Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5b23380c6f12133715495f5483c2212c.safeframe.googlesyndication.com
a4p.adpartner.pro
accounts.google.com
ad.doubleclick.net
adservice.google.co.uk
adservice.google.com
adtelligent-d.openx.net
ampcid.google.com
api.gravitec.media
cdn.gravitec.media
cdn.gravitec.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id5-sync.com
leokross.com
mug.criteo.com
pagead2.googlesyndication.com
pbjs.e-planning.net
player.adtelligent.com
prebid-eu.creativecdn.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
tracker_beam.20minut.ua
unpkg.com
vsim.ua
www.facebook.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
vsim.ua
104.244.36.20
137.74.6.209
142.250.185.102
142.250.185.130
142.250.74.194
172.217.18.98
178.250.0.157
185.184.8.90
185.64.189.112
193.200.65.5
23.32.59.34
23.35.236.247
2600:9000:2156:1c00:8:48e:53c0:93a1
2606:4700::6810:7daf
2606:4700::6811:180e
2a00:1450:4001:802::2002
2a00:1450:4001:803::200e
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:828::2006
2a00:1450:4001:829::2001
2a00:1450:4001:829::200d
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c02::9b
2a02:2638:1::13
2a02:6ea0:c700::4
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a0c:5c81:5142::2
31.41.216.82
31.41.220.94
34.240.82.67
34.98.64.218
37.252.173.215
45.133.44.3
45.133.44.4
46.249.52.248
51.89.20.87
52.174.47.89
62.149.0.72
79.171.117.17
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
00247086d14d3a1c732b3d326ff7694a1725c5bfb39f1a632d0479ef87b3eb0a
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0953ebba2aa7b2bd492739ca1512abb19827ed99c78b1d83485d77c27d982b24
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c738f63294911fa02ec8a944c0f3c4e3ff3763829ffe5c624b5601a6b17d9a9
0da2445c53d0eefdb65d202aac86151387718a7353556201f54b1cae82c5d1af
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12146c17ed6a3ea6d9235454101be7eadafef29741b59e8492bcb6d5ad7687ca
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13454269d8b389caedf05a2cbfa7302c46a4d8b1c64a993cf32f27b137b219b1
14e4699a9706867363ccdfcc60f64545b6529ff6eb4ce7b0072183b2acb20816
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
160c2109756177ceeabd9e45815f52f067392578317eec9faddc11ea26ddc62b
1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882
1799d1b31ae11b0e141165aecd64dba5cb2377cb7ba908f12b5ffe8104c60b35
17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1
1be7106423871507802c41a0be19b72b7f10992d528e0c7fe953792bf6fd7e9d
1f07d63f8d3829a2796d3389f2834ee6b190cd5484423373ee5a34f3a5cd8227
1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
270afa1b13087c609baef1d8a4f7652ac5be30b175ff7f78822f8a2d9be5dee1
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fe641c879c0b030433071133a3771588c6c6e91aeb05f692617ea9e168eb1
2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a
34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa
3549e1d4456d5b1ccebf231d36099ad60df5f40c5024efdd7a7b23adab2ab3c1
37593767f544317c9c3e032830d3ee92b32efb73404c3f6cee45c97690ec5acd
3835872b71aee14c22183c37232435d279ea32f7b471109c1f9f74d73f7c2761
3843083d5492f24db762a867afd4ddd2169f152650cf93395d1949f012deb8fc
389284ed2bd4ef6a355bdf8bc6af3880cb569705306f703d50a684e67afc215c
391548b8d077f2e682d395abe332892756f6be82fb143903c5ddd4d4c7fc974e
3b4adf3e7444b642b7e94801788b225d1a7719ce24846a4149ea7911742210e5
3de757ea3642efac86cf233ec7d7330b44d12747c41d1be5ea071b614b69111f
3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721
410a9484ef4b4b78d85a7fcabfd3744fb131969b5df11cbd0b2675a54c92c46e
4158128b65aa992a274bc679ae1cd022b4480dbf8f280a5c2ffd438f8b2cfd05
42e2ae1549344309792056adec51ce8016b52e9adfb71afae09290171dc9eb9f
436be4c53fa6627c2bc16713691011f12dc977e6747500eacb0d12d1c2243b7f
472ce5fb62e67b2ae4b566deafd86bb11b63aa6ce6818b69c7e69e41b6ea19c9
47b3b86844b0c485cf17954bf3814c4961b91092016cf8beae1a2b68f081a0e2
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4a7ba87ff08127253564f6d997be58f8e11109edf659f6677f6af8f8459a69d7
4b1e9e63330327b64502548fd50d2a0e230d4a2eff692376c5548a1e956743f9
4b3490ae8091bbdb2779c0aa3b9c8c1186fb540d0fc48ce7a46b690840614419
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7a2ee9713cc12648e97aefdaec0ed35704f45006777628f1eee7c33423df1d
4d80a3d3a9acc1576dfc9dcf3b9c8036868fafa98da1038309f001fb1d1c9e1a
4e82d14ece55ca8598b6fc3a4ad09f6604459af4e18af6c2bafa38b69871f92c
4fd168e47313df31f7556b080d88a017146060cefc14266e78b1ce991ce86a74
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54a189c17ce1d32761c68589a5a248eab0cd69eb68c5822d90a389c100a35167
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5688c2cfeb2d94cf05f392a9450aadfbbe487ad50392cab270844858d72f1f53
57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0
58020c93a443b80a6ff3ac76b991e0938b0765e33b57f0e73b5caeba7031db94
5a5fe140b6863aea746a0ed563f5d890ea898f31a2694b2bf776af5de3fdc2f2
5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b
614971d382f22cf3fee5c173318b9f1ffdf0a5a8b2866595ed7848876be7a9dc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64b51e311a8aada28287d773cd45d08dd53dc2036399f22dbb445da71cd2259e
6667a05aeb04fb8f99dc7cb90e497ba059853ed720df414b81970fa0695cc7ee
675633e986b51ba09bf3f6d231198ab434700578a14677725f2607370176f751
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6a6a17b259e8c986118931770383c743447dfd021d8f8a9670983a0d05a27320
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
7a36953d8c9c0e8b19dc478d9bbcf13312609437b21eed3301f50eb0db0d14ac
7a845047955c1c47e88822bc3b74161e87a106f20f5fd980e369773b54222333
7bd3c36a08f6faf6cfeba1216166477c0ec70c06a799e195aa80b811e3ec1972
7d47753f01dccd5fc03bf6ab92ef3e85825902ff83a4da0b1e31d15700dfea5d
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
831f22023765270712404db1626b2f7333612495aa3fded125c6deded19c027f
844dd5c4919168a9e324dd2d63a0d6701370957f347e008c2bdeca9e3ae9ed39
865d5d6487d9cd23f0cde9431aa7e2d7c9b4584a95973700803ca47113654773
8b66de4a36158f43af238e29b05f84ab8e5f17716d74b0999e86572c3708fb8e
8ecf37b85cd93e114403e32b03c498cb1b33a6634ce2d2f66e00f976c17cda03
90a4e1f7dee4fee4b35a3b79efe319717693abbafd80bbb1af890a54df69ae58
90a63bc9c6eb93ea5ba108d8cbadadf97784b2fd146bc1169e8eaaa0ec91c0b4
91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695
93e3a393ad4961baeee191b1f104036a2be02438713f3d75385e030ca42ffa0a
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971
981575137eac343224e9e40d9d513ef2d162e3cc6744eb7d6d61746f3d80110d
9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9
9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6
9ceadbeb9e4886a2c3efef3c2bc20e01b193c6a3fe40e30c3d0ef845c8526cb1
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9df08fb576c4dfd3d6775f28d2e9571e230f837a3cc084e8902b96933204e447
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a45bde48d054197ab9ef7682cdbfc037cb21635f740801c31d8c6b1e5c925ef4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f7e9623e5d9231507a8d22bb4ed38650a87f6377512208adf7a4ef71a4daaa
a58d46d853c21c8e11eb057aba26dbeeb32041b51a61d4e2c3adc86c09c08704
a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
a8fad7ea6d56c85bc473f0091aa9870e4a7db6609c037eac826ed00c68ea3fb3
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad9f7214e3bd6aff1b0ab488e8414d88c24b9eac59349d7d4d8225c0bfe3eaa4
ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef231caad9876f19aba7e2abc99353c2a2f45b4fee982fd2ca7edc59978a8f4
afd354725ef3d5f5e824e37b79fc3a0cf0c237901044152117f29217d60e5bf7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f484070f3a01a04875ffb1e467f31eac8336a3456c807400b47f1c51f53a58
b2439eae7ad19c16b0ad134a337854e0064b518d8a630f0a48c6c37bfdc877d9
b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e
b55ca1fb960f2274f9b7b6ac5d7f40563b12b188fd8e33c5efe60aaaa245889b
b80e84868b0373832e2036b34aab7556e5f6574315ff1d218e4ccf128260591f
b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30
b961978bdc98282d20cb96bc9f71fd09780cb348b657ce7a4e677feff4014fc5
bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824
bc2f44c8186aa467f22ea050ba202fdf5b82e7300be307453dd8f51f5504066d
bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c
bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1
bd8d2476f80509e55fa65443474376dba9f813f054e43b74ac65d1eda14fe48f
c02db4c7d11b4eb62ecf6a448f30147afaaffde9b74bb52410820c342511be77
c6efeac29ee19ec00cf24f1dbc94fff5f6db3c6a5317a6023b3f10e88bfa50a9
c79da540ec541669b6cf9776518ae74b83c7998295dc8acd5bbb1717dd0d1c49
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d24a0e7c1114a40bcf40a51616fa4b86f382a38bf138e2e3b748542898293565
db0f4cb8e8cb5466e74ce5d90e8242c96c401a18ee0be15df4c29af8abc4ffb4
db24e08025c1ca223a8fa2c05a674fbd7c844e2b3b23b739d3417e2a2ef501dc
dbb3473ae34647e7cca37a468b7fe69f02bbb7f50bf3b742eae3472f8fe9c094
dd25050281541c6ea1efaf83db494f45be7922616430bf42de6a0714d80e78f8
dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8
dd6dd2b0a2ab33263f42e7c93cce96804208f6ba886279ffc6f58544b6360a9a
de8f49a7092682e031671c5051a1ebf8afde1c46c4ede6e47f16468ee6507001
e248ccf39aee781866abb6a97023d16144fb3394017395b0594174c9f1904a2b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1
e7987922371c9ece605f4e56bace633afb0ed67504258dc103eca94bf2566500
e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7
e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8
e9e9da6a7d6fc385b06adad87f8a61a896805739d08d458e7cb2c7f1c8ad33bf
ea2378774915641f9eaa0f5a3140a1058661dde8ac313719a7dd9b55e50c40da
eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571
ec7b6ca429c473fa2b8bdaaa13ca6e278f5a4a667fde815239ecdd6c04f244a2
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cb84bed6d6865114a1fa162235bc08fd10d80e0d6f02cc8f8eb701f6bb0a6c
f88208b602ddde6dd0d7d8d1da58fa57191ded13dd06faf500f7e2b6a3dbe93f
f97a89052ffc84b6fa1c758799aba88852b73f76ae9157783600dc59048e3245
fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0
fa790aa2667f45ccaceb5fdc2f784c856eb3d4ac5a3e8ba5b2aacec8c8b2722b
fd4f9fe93d29ccb8be85a52f79b1ea581fb3fc13843beaefbff93d9f460db7be

vsim.ua Open in urlscan Pro 31.41.220.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

246 Requests

93 %HTTPS

48 %IPv6

31 Domains

49 Subdomains

46 IPs

10 Countries

3623 kBTransfer

9239 kBSize

31 Cookies

11 Outgoing links

Page URL History

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vsim.ua Open in urlscan Pro
31.41.220.94 Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

93 %
HTTPS

48 %
IPv6

31
Domains

49
Subdomains

46
IPs

10
Countries

3623 kB
Transfer

9239 kB
Size

31
Cookies

246 HTTP transactions
5 data transactions