fbu.ua Open in urlscan Pro
91.218.214.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fbu.ua/
Effective URL:
https://fbu.ua/
Submission: On October 14 via api (October 14th 2022, 4:35:20 am UTC) from GB — Scanned from GB

Summary HTTP 365 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 49 IPs in 14 countries across 47 domains to perform 365 HTTP transactions. The main IP is 91.218.214.18, located in Ukraine and belongs to QOS, UA. The main domain is fbu.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 7th 2022. Valid for: a year.

This is the only time fbu.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 98	91.218.214.18 91.218.214.18	42352 (QOS) (QOS)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
13	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
11	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
8	212.42.76.150 212.42.76.150	8856 (UKRNET Kiev) (UKRNET Kiev)
4	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 22	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
2 7	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
3 3	3.126.140.73 3.126.140.73	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
5 11	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	8.2.110.114 8.2.110.114	46636 (NATCOWEB) (NATCOWEB)
1 6	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
18 44	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
7 15	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7	65.9.66.45 65.9.66.45	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 3	2606:4700:440... 2606:4700:4400::6812:230b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2600:9000:205... 2600:9000:2057:c000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 7	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
6 6	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1 2	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	18.157.92.103 18.157.92.103	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	72.251.249.13 72.251.249.13	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.67 65.9.66.67	16509 (AMAZON-02) (AMAZON-02)
2	54.154.96.207 54.154.96.207	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
365	49

98 91.218.214.18 (Ukraine) 1 redirects

ASN42352 (QOS, UA)
PTR: unallocated.qos.kiev.ua

fbu.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.76.150 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv150.fwdcdn.com

sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sinst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 146.0.227.109 (Ascension Island) 1 redirects

ASN20773 (GODADDY, DE)

prebid-inv-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.140.73 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-140-73.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.89.210.82 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 142.250.181.226 (United States) 18 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.80.39.216 (Canada) 7 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.66.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-45.fra56.r.cloudfront.net

adno.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:230b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.248 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:c000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.89.9.254 (London, United Kingdom) 5 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.45 (Amsterdam, Netherlands) 6 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.7 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.83.142.19 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.92.103 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-92-103.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-67.fra56.r.cloudfront.net

bucket.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.96.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-96-207.eu-west-1.compute.amazonaws.com

neural33.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
98	fbu.ua 1 redirects fbu.ua	3 MB
69	doubleclick.net 18 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	491 KB
57	googlesyndication.com fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	475 KB
35	admixer.net 1 redirects cdn.admixer.net — Cisco Umbrella Rank: 43529 prebid-inv-eu.admixer.net — Cisco Umbrella Rank: 241287 inv-nets.admixer.net — Cisco Umbrella Rank: 2396	356 KB
16	casalemedia.com 8 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	13 KB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	564 KB
12	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 232 secure.adnxs.com — Cisco Umbrella Rank: 438	11 KB
10	cdnwebcloud.com adno.cdnwebcloud.com — Cisco Umbrella Rank: 209392 bucket.cdnwebcloud.com — Cisco Umbrella Rank: 39424 neural33.cdnwebcloud.com — Cisco Umbrella Rank: 167141	95 KB
8	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	122 KB
7	onetag-sys.com 5 redirects onetag-sys.com — Cisco Umbrella Rank: 777	2 KB
7	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 107	303 B
7	fwdcdn.com sinst.fwdcdn.com — Cisco Umbrella Rank: 227872	38 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	259 KB
6	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 657 prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6233	1 KB
6	pubmatic.com image8.pubmatic.com — Cisco Umbrella Rank: 590 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470 image6.pubmatic.com — Cisco Umbrella Rank: 671	480 B
4	1rx.io 4 redirects sync.1rx.io — Cisco Umbrella Rank: 543	3 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 828 s.tribalfusion.com — Cisco Umbrella Rank: 2234	2 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 763 gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786	7 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	200 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 931	88 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	4 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294	1008 B
3	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 3993 c1.adform.net — Cisco Umbrella Rank: 627	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	2 KB
3	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 83483	1 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5147	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 680	58 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 766 r.turn.com — Cisco Umbrella Rank: 3362	869 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 599	1 KB
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 2392	184 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 765	2 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1137	460 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1094	1 KB
2	ck-ie.com us.ck-ie.com — Cisco Umbrella Rank: 5171	258 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2142	1 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9029	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2865	104 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 40043	608 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	265 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 717	439 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	461 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 13419	554 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	861 B
1	sinoptik.ua sinoptik.ua — Cisco Umbrella Rank: 106751	881 B
0	atdmt.com Failed ad.atdmt.com Failed
365	47

	Domain	Requested by
98	fbu.ua	1 redirects fbu.ua
44	cm.g.doubleclick.net	18 redirects googleads.g.doubleclick.net fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
29	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
23	tpc.googlesyndication.com	securepubads.g.doubleclick.net fbu.ua tpc.googlesyndication.com fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com googleads.g.doubleclick.net
15	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
14	s0.2mdn.net	fbu.ua s0.2mdn.net adno.cdnwebcloud.com fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
13	cdn.admixer.net	fbu.ua cdn.admixer.net prebid-inv-eu.admixer.net
12	prebid-inv-eu.admixer.net	fbu.ua cdn.admixer.net
11	ib.adnxs.com	5 redirects fbu.ua googleads.g.doubleclick.net cdn.admixer.net
11	securepubads.g.doubleclick.net	fbu.ua securepubads.g.doubleclick.net www.googletagservices.com
10	inv-nets.admixer.net	1 redirects cdn.admixer.net fbu.ua
8	googleads.g.doubleclick.net	fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com fbu.ua
7	onetag-sys.com	5 redirects fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
7	adno.cdnwebcloud.com	fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com adno.cdnwebcloud.com
7	www.facebook.com	2 redirects fbu.ua connect.facebook.net
7	sinst.fwdcdn.com	sinoptik.ua sinst.fwdcdn.com
6	googleads4.g.doubleclick.net	fbu.ua
6	www.googletagservices.com	fbu.ua cdn.admixer.net fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	fbu.ua tpc.googlesyndication.com fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
5	fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	sync.1rx.io	4 redirects
4	hbopenbid.pubmatic.com	cdn.admixer.net
4	prebid-eu.creativecdn.com	cdn.admixer.net
4	connect.facebook.net	fbu.ua connect.facebook.net
4	use.fontawesome.com	fbu.ua use.fontawesome.com
4	fonts.googleapis.com	fbu.ua securepubads.g.doubleclick.net
3	ups.analytics.yahoo.com	3 redirects
3	x.bidswitch.net	3 redirects
3	m.trafmag.com	fbu.ua cdn.admixer.net
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.co.uk	securepubads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.admixer.net static.criteo.net
2	neural33.cdnwebcloud.com	fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
2	ap.lijit.com	2 redirects
2	tr.blismedia.com	1 redirects fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
2	pm.w55c.net	2 redirects
2	sync.teads.tv	1 redirects fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
2	sync.targeting.unrulymedia.com	2 redirects
2	c1.adform.net	2 redirects
2	s.tribalfusion.com	fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
2	a.tribalfusion.com	2 redirects
2	creativecdn.com	1 redirects fbu.ua
2	us.ck-ie.com	fbu.ua
2	ads.betweendigital.com	2 redirects
2	www.gstatic.com	securepubads.g.doubleclick.net
2	counter.yadro.ru	1 redirects fbu.ua
2	www.google-analytics.com	fbu.ua www.google-analytics.com
1	mug.criteo.com
1	bucket.cdnwebcloud.com	adno.cdnwebcloud.com
1	ssum-sec.casalemedia.com	1 redirects
1	dclk-match.dotomi.com	fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
1	r.turn.com	fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
1	secure.adnxs.com	1 redirects
1	image6.pubmatic.com	fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	sync.mathtag.com	1 redirects
1	bidder.criteo.com	cdn.admixer.net
1	adx.adform.net	cdn.admixer.net
1	image8.pubmatic.com	fbu.ua
1	sinoptik.ua	fbu.ua
0	ad.atdmt.com Failed	fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
365	68

This site contains links to these domains. Also see Links.

Domain
www.fiba.basketball
www.championsleague.basketball
esport.in.ua
ticketsbox.com
www.youtube.com
www.facebook.com
www.instagram.com
ua.sinoptik.ua
z.cdn.adpool.bet
errea.kiev.ua
pm.ua
veneto.ua
www.obozrevatel.com
amberbev.com
www.tascombank.com.ua
svitsportu.com.ua
1tv.com.ua
www.segodnya.ua
xsport.ua
www.kissfm.ua
24tv.ua
inter.ua
www.kievtv.com.ua
unian.tv
www.5.ua
sport.ua
estafeta.com.ua
media.fbu.kiev.ua
basket.com.ua
superleague.in.ua
www.liveinternet.ru
digital-promo.com.ua

Subject Issuer	Validity	Valid
fbu.ua Sectigo RSA Domain Validation Secure Server CA	`2022-07-07` - `2023-07-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sinoptik.uk Sectigo RSA Domain Validation Secure Server CA	`2021-11-01` - `2022-12-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-23` - `2022-10-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2021-11-12` - `2022-12-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.cdnwebcloud.com Amazon	`2022-09-21` - `2023-10-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://fbu.ua/
Frame ID: 7C7E9A0141387535620606CB8D5673E5
Requests: 200 HTTP requests in this frame

Frame: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1142BDBB5714CF705D8647F0BA9F3A25
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 3629DC3BC762F1DF8350E8DC0D3BD432
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 315572BEF524D0048378262F659C277B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js
Frame ID: 34ACDF60A97C064C8102ABC61C0D0BF1
Requests: 5 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 9EF678A041D3DEC03354C52960EA518A
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D502927040048276%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df32e24fe19b5dac%2526domain%253Dfbu.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ffbu.ua%25252Ff35f05acb5a7858%2526relation%253Dparent.parent%26container_width%3D341%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUkrBasket%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse
Frame ID: 2A55DE6F285F728140AC10A1411963E0
Requests: 1 HTTP requests in this frame

Frame: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DDA48079D2176DE1A68A95AF3F0D2C01
Requests: 15 HTTP requests in this frame

Frame: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BAF0DB3AE15808038B135E58517E7D3A
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D502927040048276%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df10476fcf353348%2526domain%253Dfbu.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ffbu.ua%25252Ff35f05acb5a7858%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUkrBasket%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse
Frame ID: 1A1BC5E745C0AAA37A52F4EEF18AB33F
Requests: 1 HTTP requests in this frame

Frame: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D48409F76E52BB2DBC2D93D0E14509CD
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C109AC5823F559C36E9ED3DC24B2CBD4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5547EF5EA25928DB3D2696D2F4462425
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYgOq2vgEwAQ&v=APEucNUw8l8QZfR-ceShTYEGpohbbtkRnd0XkAmy37JMPc1l1iUjCyinUZTSnClH-kNGIFolcnMwhfoz4EcbjdUe7cnUiZ6MxoNivw3sY3X_TDyaUGEvfpQD3yi57uLBixtd9441TsfQ-Fi7u9X6IJuqiGAogzsNyjOAemwlpeAIFUpc4edZh9w
Frame ID: 170F2F0B7006ECEB253E5EE2ED6857DB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY-sLAxAEwAQ&v=APEucNXyKsISSUbW060KIIvrZ7-ywMpNfmJx1CdWVA2PJZRdoq20uNZ0vxhHHspnIlC7xiIv3lNmjU1fDGURQapdkUSrj5vTv142qeJ5Jpn4tyU6DCMPwPWdRmGztiDHGUB9anTNuzGMG59dSKKlHma5E4VHixoLXMmxa2rSEh0n8MJEKYwo5Bs
Frame ID: 74BBAB3E40392529AEAF5B1254D12E80
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYtb2B0QEwAQ&v=APEucNV9YigXCKiSsMEpyI-pYXB3uHcbUtGyz5ME6x87CSXWsbNYCAxcm2zsS-0PU5Yrq8KLdSmQ349jA07BEsM7f7k3msQIyR90FCtwT_hhCehvcRjlqIhZRU3XwT9YeMxbMpn0QfZDsk7Rr27befbn8jNWlN4ukiSNq5C8ie0kZ3egn-IEMbc
Frame ID: 00BD9157E615FA9E8C1702733359F38A
Requests: 5 HTTP requests in this frame

Frame: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 41CAD44B8055D89FC7DA6440F926C2C7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGO3MqtIBMAE&v=APEucNX3GSB8-Q-uU_-X9OznwDqkhgdYXN4YOpsmrDAyh0Xd3BbHpacUiwE4_qKi9N6JUQPSG8im99_VDHiRsj4-bG-WDSn4B_xaqFLtrLvoFFWkqivPw6VpXEKGsDIgkNAw_KPvF837gDFycvJFpYT-Qs-McWzhiebcZ-F5AY0MvzP7l_IObc8
Frame ID: 07CA5A368E8C2C887E9698712D157328
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 808E7424DF0E1B092FC9FBA6E94CBE57
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3A721261C3CA59886A43143E0844B9AF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02AEF6CA320F5669851538941776F28B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 06BE4083EBB2FAF799E658F29117ED5B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4257D0996D4AFC9EFAE26803E0BDE97D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AFF272EBE704EB2C86263B226E21C83C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3631544119932340464/970x250/banner/index.html
Frame ID: 5800C8DE66367DE3364A98103193D1D0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6487489697849585523/970x250/index.html
Frame ID: BFB9BC49E3D5BC61985CB2929C57473C
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4739297498604741592/970x250.html
Frame ID: D97DF0EC06B000A08B07330B1021745F
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 081A6B890D45BF4553F457B719C42302
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A5DF7FD7C85D586C13A1DFD425B3D7F4
Requests: 9 HTTP requests in this frame

Frame: https://adno.cdnwebcloud.com/store/creatives/1687/index.html?tc_alt=84886&n_o_ct=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0e9IAedIY-KxIqS5x_AP2cGmuA2dsIvMa6Hd9NLDEMeNmbGFMRABIOPgvCNgu4aAgNAKoAGTjM_uAsgBCakCjC0yCFRjsD6oAwGqBOQBT9Ccrp-ngohSmkPHOS4JE7BOGX2dzHNM-wRG-TVk0z9-kElbl9g9dmmVcjuLH7exxlcYmv2RrG4zWRxt8UOhFw8M8aX7Kgqim4cbV77Zen5ZzjoXvezrl8VORgrImwCMpbRFfRZmYo8W_77H9nIpYTkTDTYzrZFQqcVdTj_tgbJC51e1LZ2bc5OhQnoh_8UnLO14lu1UsLtTg5n87UsEbin9BtY5NVz_kvzEbd8_aR2I_C4zL0MI_cOehRrwmk6ao-Ub-UV68gQnM8wN-2PQO9eSS16wyzAZeItlkL3Ct_dx1L0kwAT7xJXvgwTgBAOQBgGgBk2AB9XzsJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPG378Q0BMA2BMNiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4%26sig%3DAOD64_3gq3Ss0JkzwPt03n6IUWE1UZs4Kg%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-BLxU8iqnm_a751PciGlVWslOenceRjtikqVl4lO19jh-GZvn9QPnU1oI_0mTd1k9SmJh8T2naEyDPHrBGZuaK1mkavQZM4JDAKi5FmgGyC3VRCdoUdpgjnddn_PlSibH22uGLNySNU-jx6JuhH9M25tsYTn9mul45Fkn_LJ-sWVe_naw4%26cry%3D1%26dbm_d%3DAKAmf-B5Wa9agM3kZwt9jnjSVz-kbXpeEMskEZovoEO0BDxxBfkFxQypapIzZHMPmO5oJ_er_5ozFwfTPhGLMzZnGOUYfXjPNjcYySVjDNqy21KNJA0XtL13tUvKv6kMPpq8zTDix_frP8FZlQn5ejk0kZ4aBKSca0GOhtQ7zdnjFAMQgxemvDwCH1j7P8APFuvK5g1GUHPUkUV85_UOuZIvZtGYaeMZfrjLn32zRRwguWsthlgrhISee60L5H06TUPff8y1QafdJjjeAxqSVeQhIQqx3f96BXOzvIDlVab3DHy8kRyFmkhxs83TZR5eOSaCD8FaX8QiFNox8_sRmsydXVOxZ9E73RCQNIjPi-7xUwCjas9DwVFUo5-YjVllDytWimgReOvCa7cayEucUJJ-4FE6dQeDL7a-p7zUU0gK_1PDySPy33eo8cUOB-zbIQwZ8PULWr1J0GKNV_nuZrY7YTC7Ge19rVpUZwyNptBi9-nGkm9z1y1a2-k1DpADrHA7VpSEqX-4DmNxKY3G9zhnOpMGZPLkEg%26adurl%3D&n_o_crd=https%3A%2F%2Fneural33.cdnwebcloud.com%2Fatc%3Ftc%3D84886%26n_o_ord%3D%5BCACHEBUSTER%5D%26url_n_o%3D&n_o_cu=https%3A%2F%2Fhotelfarolopesancollection.com%2Fen%2F%3Futm_source%3D22Grados%26utm_medium%3DBannerV2%26utm_campaign%3DMediosCollection%26utm_term%3D300x250
Frame ID: 1313EF43725EACB17972C811EB7A171F
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=fbu.ua
Frame ID: 0A5339F4CA902D30A0455937089674CE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини баскетболу в Україні і світі на офіційному сайті федерації баскетболу України

Page URL History Show full URLs

http://fbu.ua/ HTTP 301
https://fbu.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yii (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

/yii\.(?:validation|activeForm)\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

365
Requests

86 %
HTTPS

39 %
IPv6

47
Domains

68
Subdomains

49
IPs

14
Countries

5931 kB
Transfer

11015 kB
Size

53
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fiba.basketball/eurobasket/2022/game/0509/Ukraine-Italy#|tab=boxscore

Search URL Search Domain Scan URL

URL: https://www.fiba.basketball/eurobasket/2022/game/0609/Greece-Ukraine#|tab=boxscore

Search URL Search Domain Scan URL

URL: https://www.fiba.basketball/eurobasket/2022/game/0809/Croatia-Ukraine#|tab=boxscore

Search URL Search Domain Scan URL

URL: https://www.fiba.basketball/eurobasket/2022/game/1109/Ukraine-Poland#|tab=boxscore

Search URL Search Domain Scan URL

URL: https://www.fiba.basketball/eurobasket/2022/game/1609/Poland-France/

Search URL Search Domain Scan URL

URL: https://www.fiba.basketball/eurobasket/2022/game/1609/Germany-Spain#tab=boxscore

Search URL Search Domain Scan URL

URL: https://www.fiba.basketball/eurobasket/2022/game/1809/Germany-Poland#|tab=boxscore

Search URL Search Domain Scan URL

URL: https://www.fiba.basketball/eurobasket/2022/game/1809/Spain-France#|tab=boxscore

Search URL Search Domain Scan URL

URL: https://www.championsleague.basketball/22-23/qualifiers/game/2309/Brose-Bamberg-Budivelnyk#tab=boxscore

Search URL Search Domain Scan URL

URL: https://www.fiba.basketball/europecup/22-23/game/1210/Happy-Casa-Brindisi-BC-Budivelnyk-Kyiv#tab=boxscore

Search URL Search Domain Scan URL

URL: https://esport.in.ua/uk
Title: Купити квиток за 55 сек

Search URL Search Domain Scan URL

URL: https://ticketsbox.com/ua/basketbol/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/MediaUkrbasket

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UkrBasket

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fbu_official/

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D0%BA%D0%B8%D1%97%D0%B2
Title: Погода у Києві+7°вологість: 98%тиск: 754 ммвітер: 0.2 м/с, південно-східний

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D0%B2%D1%96%D0%BD%D0%BD%D0%B8%D1%86%D1%8F/
Title: sinoptik.ua

Search URL Search Domain Scan URL

URL: https://z.cdn.adpool.bet/load?z=1687989802

Search URL Search Domain Scan URL

URL: http://errea.kiev.ua/index.php?route=common/home

Search URL Search Domain Scan URL

URL: https://pm.ua/uk/regtel?adtag=u674b89c37b9abe28_b1877014052_c1227261564_d2044453026_e1497245535

Search URL Search Domain Scan URL

URL: https://veneto.ua/

Search URL Search Domain Scan URL

URL: https://www.obozrevatel.com/

Search URL Search Domain Scan URL

URL: https://amberbev.com/

Search URL Search Domain Scan URL

URL: http://www.tascombank.com.ua/

Search URL Search Domain Scan URL

URL: http://svitsportu.com.ua/sport/basketbol

Search URL Search Domain Scan URL

URL: http://errea.kiev.ua/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/269925507203416/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/173302223309090/

Search URL Search Domain Scan URL

URL: http://1tv.com.ua/

Search URL Search Domain Scan URL

URL: http://www.segodnya.ua/

Search URL Search Domain Scan URL

URL: http://xsport.ua/

Search URL Search Domain Scan URL

URL: http://www.kissfm.ua/

Search URL Search Domain Scan URL

URL: http://24tv.ua/

Search URL Search Domain Scan URL

URL: http://inter.ua/uk/

Search URL Search Domain Scan URL

URL: http://www.kievtv.com.ua/

Search URL Search Domain Scan URL

URL: https://unian.tv/

Search URL Search Domain Scan URL

URL: http://www.5.ua/

Search URL Search Domain Scan URL

URL: http://sport.ua/

Search URL Search Domain Scan URL

URL: https://estafeta.com.ua/c139-basketbol

Search URL Search Domain Scan URL

URL: https://media.fbu.kiev.ua/
Title: Медіа файли для преси

Search URL Search Domain Scan URL

URL: https://basket.com.ua/
Title: Basket

Search URL Search Domain Scan URL

URL: https://superleague.in.ua/
Title: Superleague

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click;ukrbasket

Search URL Search Domain Scan URL

URL: https://digital-promo.com.ua/
Title: Digital Promo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fbu.ua/ HTTP 301
https://fbu.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://counter.yadro.ru/hit;ukrbasket?t16.6;r;s1600*1200*24;uhttps%3A//fbu.ua/;0.8055157387930518 HTTP 302
https://counter.yadro.ru/hit;ukrbasket?q;t16.6;r;s1600*1200*24;uhttps%3A//fbu.ua/;0.8055157387930518

Request Chain 154

https://x.bidswitch.net/sync?ssp=admixer&user_id=44409016d2bf44208075ffa918bd053f&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=44409016d2bf44208075ffa918bd053f&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=52b6bac7-cdb0-521f-a8d9-9f64cb917865&ssp=admixer&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=542adbed-71fe-417a-a7e4-c90dc0f23673&gdpr=&consent=&gdpr_pd=

Request Chain 155

https://ib.adnxs.com/setuid?entity=533&code=44409016d2bf44208075ffa918bd053f HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D44409016d2bf44208075ffa918bd053f

Request Chain 158

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 195

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=502927040048276&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32e24fe19b5dac%26domain%3Dfbu.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffbu.ua%252Ff35f05acb5a7858%26relation%3Dparent.parent&container_width=341&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FUkrBasket&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D502927040048276%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df32e24fe19b5dac%2526domain%253Dfbu.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ffbu.ua%25252Ff35f05acb5a7858%2526relation%253Dparent.parent%26container_width%3D341%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUkrBasket%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse

Request Chain 206

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=502927040048276&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10476fcf353348%26domain%3Dfbu.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffbu.ua%252Ff35f05acb5a7858%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FUkrBasket&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D502927040048276%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df10476fcf353348%2526domain%253Dfbu.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ffbu.ua%25252Ff35f05acb5a7858%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUkrBasket%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse

Request Chain 235

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1

Request Chain 236

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0jnAvdWOvvt.cfqy-a4ywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2

Request Chain 237

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1

Request Chain 238

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1

Request Chain 240

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0jnAvdWOvvt.cfqy-a4ywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2

Request Chain 241

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1

Request Chain 242

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D

Request Chain 243

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1

Request Chain 244

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0jnAvdWOvvt.cfqy-a4ywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1

Request Chain 246

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D

Request Chain 274

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1

Request Chain 275

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0jnAvdWOvvt.cfqy-a4ywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1

Request Chain 277

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D

Request Chain 280

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECyC9WBxPQVnB5st4aY_Hl0&google_cver=1&google_push=AZmPxg_qc-xUaM237B8QalT4FOsDzmxHYdSdCRgMh5t9prBadNuRJe9harxVylnuj1qllnReY9Xy75fTh7th90z0tfQNDSOHXJE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_qc-xUaM237B8QalT4FOsDzmxHYdSdCRgMh5t9prBadNuRJe9harxVylnuj1qllnReY9Xy75fTh7th90z0tfQNDSOHXJE

Request Chain 281

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJKPr2ntHO3Cb_4oABX0iJU&google_cver=1&google_push=AZmPxg9jU_KXXGzi5Grqkwxm8VZpcJ9DChuP4PTfuZ6UhdThoJqVavqaumWLPi1-BAjuaRcIp4ue817im1q_DkXkCoLSDdM0Vcr3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9jU_KXXGzi5Grqkwxm8VZpcJ9DChuP4PTfuZ6UhdThoJqVavqaumWLPi1-BAjuaRcIp4ue817im1q_DkXkCoLSDdM0Vcr3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJKPr2ntHO3Cb_4oABX0iJU&google_cver=1&google_push=AZmPxg9jU_KXXGzi5Grqkwxm8VZpcJ9DChuP4PTfuZ6UhdThoJqVavqaumWLPi1-BAjuaRcIp4ue817im1q_DkXkCoLSDdM0Vcr3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9jU_KXXGzi5Grqkwxm8VZpcJ9DChuP4PTfuZ6UhdThoJqVavqaumWLPi1-BAjuaRcIp4ue817im1q_DkXkCoLSDdM0Vcr3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 282

https://ads.travelaudience.com/google_pixel?google_gid=CAESEN_iLm4Ra8GicgnJHyXM1sM&google_cver=1&google_push=AZmPxg_Awt0ItNELZKKMFJfrcW4b6MFXcuiwcXHqDS0Tqb4QixdG9CLGZgZIyUFNr2565gcqUlAwLUff9uZuTzb8gkm9dEchEvYI HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qTCPJggbQZufKxKmGIZEmg2&google_push=AZmPxg_Awt0ItNELZKKMFJfrcW4b6MFXcuiwcXHqDS0Tqb4QixdG9CLGZgZIyUFNr2565gcqUlAwLUff9uZuTzb8gkm9dEchEvYI

Request Chain 283

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHfEsPwl_BLAZsdLjncncYA&google_cver=1&google_push=AZmPxg_JgVkOh3WH586YfNtTwJChYdGrZ3fkyqjopu1_Czjiy50dqegJlcNMWcxkBI3p3BGamaxRpo-VwlJd5Ld01Cs-A4JziYc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHfEsPwl_BLAZsdLjncncYA&google_cver=1&google_push=AZmPxg_JgVkOh3WH586YfNtTwJChYdGrZ3fkyqjopu1_Czjiy50dqegJlcNMWcxkBI3p3BGamaxRpo-VwlJd5Ld01Cs-A4JziYc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU4NzM2MTQ0MDg4MTU3Mzg4&google_push=AZmPxg_JgVkOh3WH586YfNtTwJChYdGrZ3fkyqjopu1_Czjiy50dqegJlcNMWcxkBI3p3BGamaxRpo-VwlJd5Ld01Cs-A4JziYc

Request Chain 284

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPS_EejfnOiuHpf5u8G48eo&google_cver=1&google_push=AZmPxg_iul9MHe6Ds_rq2ScRI7y_Ai1BNtpnZIdwry-f7yNFvcHzReohPWTjCQYWappa3jlEcw-pgfgZydbsPGVTpqhLOPv0sEAu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3WlhUREwtMjAtS0ZCRw==&google_push=AZmPxg_iul9MHe6Ds_rq2ScRI7y_Ai1BNtpnZIdwry-f7yNFvcHzReohPWTjCQYWappa3jlEcw-pgfgZydbsPGVTpqhLOPv0sEAu

Request Chain 285

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL2V1MxNGDSmYbg0mcCBnVs&google_cver=1&google_push=AZmPxg_qp2U8GeWDbZJ3VeOU17hONxmeSv0-5uJDTvqyKYOVDMML11RyAuaQ4WgkvhWE11FoYZjFBm_sT8RvaQJoR6JeyYzp5SI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_qp2U8GeWDbZJ3VeOU17hONxmeSv0-5uJDTvqyKYOVDMML11RyAuaQ4WgkvhWE11FoYZjFBm_sT8RvaQJoR6JeyYzp5SI

Request Chain 286

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMSxjbMmU6DNou7NrFnCLMM&google_cver=1&google_push=AZmPxg-cb6Pm0BaXK43X-4sIZEZFno3DbEZilDkDUjnbfLR-DQ62g7Z2CflYJPBBLcB8BtcdsZq5mya6lVVAkLDCIe6mPICDJSOJgA HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMSxjbMmU6DNou7NrFnCLMM&google_cver=1&google_push=AZmPxg-cb6Pm0BaXK43X-4sIZEZFno3DbEZilDkDUjnbfLR-DQ62g7Z2CflYJPBBLcB8BtcdsZq5mya6lVVAkLDCIe6mPICDJSOJgA&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02Z0hZUHFGRTJ1RWpaaVVDZTZGSXRjMExkalRNZWVFSn5B&google_push=AZmPxg-cb6Pm0BaXK43X-4sIZEZFno3DbEZilDkDUjnbfLR-DQ62g7Z2CflYJPBBLcB8BtcdsZq5mya6lVVAkLDCIe6mPICDJSOJgA

Request Chain 291

https://a.tribalfusion.com/i.match?p=b6&u=CAESEL5IWVhP_IlLeUlp-sR29Fc&google_cver=1&google_push=AZmPxg_J7lKa3dqiFbxitY-SVJx2erU2eysaglOgL2VyOojH8zUrqsoFwsXTuaf33A5D694u3Dwv0ASfuStGyv9hgzrBc_F9x1w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_J7lKa3dqiFbxitY-SVJx2erU2eysaglOgL2VyOojH8zUrqsoFwsXTuaf33A5D694u3Dwv0ASfuStGyv9hgzrBc_F9x1w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL5IWVhP_IlLeUlp-sR29Fc&google_cver=1&google_push=AZmPxg_J7lKa3dqiFbxitY-SVJx2erU2eysaglOgL2VyOojH8zUrqsoFwsXTuaf33A5D694u3Dwv0ASfuStGyv9hgzrBc_F9x1w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_J7lKa3dqiFbxitY-SVJx2erU2eysaglOgL2VyOojH8zUrqsoFwsXTuaf33A5D694u3Dwv0ASfuStGyv9hgzrBc_F9x1w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 293

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF4wZj8RdFDU5DFj6KWYrv8&google_cver=1&google_push=AZmPxg-WEjKd6Tm8Rafam1rlRgkEiFkPhk9EjXILbd2DK8g017XVy4wybFHMD-Yp_vhT4GHBXxVb2PD5RNQVezHmNTPw05_LUhd6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-WEjKd6Tm8Rafam1rlRgkEiFkPhk9EjXILbd2DK8g017XVy4wybFHMD-Yp_vhT4GHBXxVb2PD5RNQVezHmNTPw05_LUhd6

Request Chain 294

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBe6fRVYhUd6ODyMOQbwUIE&google_cver=1&google_push=AZmPxg8ppY0p2B8cP23j0EtkTneXarg5pbDHdonwtDt8jlGXrRRykYeVOI3-tn35BTl80Fpb9TyM9ORDqAqWMhA1ReZQjgUzp6de HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg8ppY0p2B8cP23j0EtkTneXarg5pbDHdonwtDt8jlGXrRRykYeVOI3-tn35BTl80Fpb9TyM9ORDqAqWMhA1ReZQjgUzp6de&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1665722114487 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-377830a7-2d62-4e91-bac6-9ae9ec4cbc06-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg8ppY0p2B8cP23j0EtkTneXarg5pbDHdonwtDt8jlGXrRRykYeVOI3-tn35BTl80Fpb9TyM9ORDqAqWMhA1ReZQjgUzp6de%26google_hm%3DAzd4MKctYk6Rusaa6exMvAY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8ppY0p2B8cP23j0EtkTneXarg5pbDHdonwtDt8jlGXrRRykYeVOI3-tn35BTl80Fpb9TyM9ORDqAqWMhA1ReZQjgUzp6de&google_hm=Azd4MKctYk6Rusaa6exMvAY

Request Chain 295

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF4wZj8RdFDU5DFj6KWYrv8&google_cver=1&google_push=AZmPxg-AHWFUsKERUJ6jNxKwdh5e2eq_Dm75Z3PXq_twf25PX0UfL4yoDamU0b8DM6sEDwTWpZXVdzTChlCk8V9Cr3Has1xFP35Lrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-AHWFUsKERUJ6jNxKwdh5e2eq_Dm75Z3PXq_twf25PX0UfL4yoDamU0b8DM6sEDwTWpZXVdzTChlCk8V9Cr3Has1xFP35Lrw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 296

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECWdhcV5GlKF--9emzfhlXY&google_cver=1&google_push=AZmPxg9ThOf-Y6Z3FMRHvsZZ99AtRPZaEQNbMbkSe-Ok5anULzebRm8CTyLxQUxftBBgUYv9qObRkjHz7DiyG0WZrORdOlBm_t-nmA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AZmPxg9ThOf-Y6Z3FMRHvsZZ99AtRPZaEQNbMbkSe-Ok5anULzebRm8CTyLxQUxftBBgUYv9qObRkjHz7DiyG0WZrORdOlBm_t-nmA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 297

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENOFHuGjDIbgz-F6rmXE8Sw&google_cver=1&google_push=AZmPxg952DyG-TIbSQn-wqM_S2cnW7juXfbMmG7arfAXEPtgWDjlBB0J16bs-aAQu3btrLJlmelNNxEyxFhk3ztWUfgGXT-LCL5Z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D&google_gid=CAESENOFHuGjDIbgz-F6rmXE8Sw&google_cver=1&google_push=AZmPxg952DyG-TIbSQn-wqM_S2cnW7juXfbMmG7arfAXEPtgWDjlBB0J16bs-aAQu3btrLJlmelNNxEyxFhk3ztWUfgGXT-LCL5Z

Request Chain 300

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDwQKfw2sVVNl58_2baH7yc&google_cver=1&google_push=AZmPxg9V0SFqE-DaJuiaVB_IGrdx6w6iFFmx1S9i6Xd1xOmvIkNXiBB_ex1xFQ_wsKMmEvwUrBuydIYqGzSk31ONZeh3uGPYPHc HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDwQKfw2sVVNl58_2baH7yc&google_cver=1&google_push=AZmPxg9V0SFqE-DaJuiaVB_IGrdx6w6iFFmx1S9i6Xd1xOmvIkNXiBB_ex1xFQ_wsKMmEvwUrBuydIYqGzSk31ONZeh3uGPYPHc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M0w3d3ZWOGQxT0pjcEk1&google_gid=CAESEDwQKfw2sVVNl58_2baH7yc&google_cver=1&google_push=AZmPxg9V0SFqE-DaJuiaVB_IGrdx6w6iFFmx1S9i6Xd1xOmvIkNXiBB_ex1xFQ_wsKMmEvwUrBuydIYqGzSk31ONZeh3uGPYPHc

Request Chain 302

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIiw5xUhVofgmGzo660SW0s&google_cver=1&google_push=AZmPxg92_aYFCIBKv7I2544MPJRvit8vGNsIm96Kf6W6WuwujLzTQ8Vcf3RaW2imTj1a3ug0GQnCvHuzK0KITf4tj4YwIl4RJC7R HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg92_aYFCIBKv7I2544MPJRvit8vGNsIm96Kf6W6WuwujLzTQ8Vcf3RaW2imTj1a3ug0GQnCvHuzK0KITf4tj4YwIl4RJC7R&google_hm=Bc9_aKwjRL6z8IwpYDr4HWc

Request Chain 304

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENt4HMQEo-LH_Qou26y4EJA&google_cver=1&google_push=AZmPxg-09u8nggCaJYiv9pl47SCWWjQex4bDiS86TEPbveXcnKV8X8CmLyjCMEaXKNkDiQNjNImEJdKUQDU-ly-3IfrV0x1Vq-Nh HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENt4HMQEo-LH_Qou26y4EJA&google_cver=1&google_push=AZmPxg-09u8nggCaJYiv9pl47SCWWjQex4bDiS86TEPbveXcnKV8X8CmLyjCMEaXKNkDiQNjNImEJdKUQDU-ly-3IfrV0x1Vq-Nh&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg-09u8nggCaJYiv9pl47SCWWjQex4bDiS86TEPbveXcnKV8X8CmLyjCMEaXKNkDiQNjNImEJdKUQDU-ly-3IfrV0x1Vq-Nh&google_hm=FekzqGZHHYel3dbdR4WcoaIs

Request Chain 305

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEH7EAgO48Ym6VUBmEWNDmEY&google_cver=1&google_push=AZmPxg_ZRG6lXT8oQnLXttvB5jhuUuAzW8ER_uP7EA8dfK7NRkolCMLdwTZWu6UautC5vso7cfQWT2PxnOVqaHOZibGpek3n-qif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_ZRG6lXT8oQnLXttvB5jhuUuAzW8ER_uP7EA8dfK7NRkolCMLdwTZWu6UautC5vso7cfQWT2PxnOVqaHOZibGpek3n-qif

Request Chain 306

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPvGEZt1dyiZnqmeebBxsXk&google_cver=1&google_push=AZmPxg_QKA-HiAnFBlYy4Ncxe8Jb2P5Kmj8mCuPHxSLvDaRrBkv5Eim46v0N8kFv-TBtwJPUnox5KM5rU5jyGi4oq8VH-S1JwMd9 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg_QKA-HiAnFBlYy4Ncxe8Jb2P5Kmj8mCuPHxSLvDaRrBkv5Eim46v0N8kFv-TBtwJPUnox5KM5rU5jyGi4oq8VH-S1JwMd9&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1665722114486 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-377830a7-2d62-4e91-bac6-9ae9ec4cbc06-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_QKA-HiAnFBlYy4Ncxe8Jb2P5Kmj8mCuPHxSLvDaRrBkv5Eim46v0N8kFv-TBtwJPUnox5KM5rU5jyGi4oq8VH-S1JwMd9%26google_hm%3DAzd4MKctYk6Rusaa6exMvAY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_QKA-HiAnFBlYy4Ncxe8Jb2P5Kmj8mCuPHxSLvDaRrBkv5Eim46v0N8kFv-TBtwJPUnox5KM5rU5jyGi4oq8VH-S1JwMd9&google_hm=Azd4MKctYk6Rusaa6exMvAY

Request Chain 328

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAJ1PBfMYm-Yb5BbeciJn4Q&google_cver=1&google_push=AZmPxg_2w9FNu09nGWr3ba_Xj8cUIUXG0xs1EpcGbZuMtvXutkUhwpFnK8gUip51Zbx_Ahh4Aq_Ae6y6AqqmcKysCMfA2tYKDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg5MjQwNjE3MjMyMjE4OTI1NA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAJ1PBfMYm-Yb5BbeciJn4Q&google_cver=1

Request Chain 330

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECcqpBo4ESC31CZUQgv9oVY&google_cver=1&google_push=AZmPxg9e5-zgGCD6RlI7oHWRwlP3tZumz0PuFK1kJEvpuAZjWqwBqsGK9ZXl2z5abjGcMSWKFuCXVInFd6wNpbeXdBf1GlwK8mA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9e5-zgGCD6RlI7oHWRwlP3tZumz0PuFK1kJEvpuAZjWqwBqsGK9ZXl2z5abjGcMSWKFuCXVInFd6wNpbeXdBf1GlwK8mA&google_hm=hmNI5wKJUv0gmlgMeQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6348E7028952FD209A580C79BLIS

Request Chain 331

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK-p9HrjIdjG5fNTWfcGqWI&google_cver=1&google_push=AZmPxg9-2rC2mGQVaqpj0-wv3ePDYo99ZwLoBzRZmBjpB7pZpL-cU4CJlUfUliqYO2yKthXT_ku7aipoMJgG8ed0LnxsjIsCtXo HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-p9HrjIdjG5fNTWfcGqWI&google_hm=Y0jnAvdWOvvt-cfqy_a4ywAADLwAAAIB&google_nid=index&google_push=AZmPxg9-2rC2mGQVaqpj0-wv3ePDYo99ZwLoBzRZmBjpB7pZpL-cU4CJlUfUliqYO2yKthXT_ku7aipoMJgG8ed0LnxsjIsCtXo

Request Chain 332

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKJx8I0ChzA6dYZeCs3s2lM&google_cver=1&google_push=AZmPxg-Azk4OTJgYhOaKcUiC68DaYUh9N2nxNGU7mPPtTmebeaFpg3v7-ErNICrpr2lY9ZfSYEYlTHAgMsq9SWAiGwoNN-zEUAU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-Azk4OTJgYhOaKcUiC68DaYUh9N2nxNGU7mPPtTmebeaFpg3v7-ErNICrpr2lY9ZfSYEYlTHAgMsq9SWAiGwoNN-zEUAU

Request Chain 333

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGT8fZ4TOHprK7cnl38APNY&google_cver=1&google_push=AZmPxg_cd9qotWfIWrzUHQ9hT-3NeZF7-kXpNt3_j73CokhayQGUO_ZmSVWyvY7LMXU1-WapFxhMSM4eTOAGPoyw3L9nakV-p0ZK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02Z0hZUHFGRTJ1RWpaaVVDZTZGSXRjMExkalRNZWVFSn5B&google_push=AZmPxg_cd9qotWfIWrzUHQ9hT-3NeZF7-kXpNt3_j73CokhayQGUO_ZmSVWyvY7LMXU1-WapFxhMSM4eTOAGPoyw3L9nakV-p0ZK

Request Chain 334

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKJx8I0ChzA6dYZeCs3s2lM&google_cver=1&google_push=AZmPxg-419xLcbRClQEG0FEy-Miqsdfn1yAldGp8t-8S6UknYMaP-l7pvKsb6nrmokGyij0GdeFfi2ECkbpOEOHIiGSawdYWhB1P HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-419xLcbRClQEG0FEy-Miqsdfn1yAldGp8t-8S6UknYMaP-l7pvKsb6nrmokGyij0GdeFfi2ECkbpOEOHIiGSawdYWhB1P HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 360

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NDQ0MDkwMTZkMmJmNDQyMDgwNzVmZmE5MThiZDA1M2Y=&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEG2o36E8GZVYUmrtJpnDqs0&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=44409016d2bf44208075ffa918bd053f

Request Chain 361

https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=NDQ0MDkwMTZkMmJmNDQyMDgwNzVmZmE5MThiZDA1M2Y=&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESECOWnkGxc5GoEeOLpD1Niyk&google_cver=1

Request Chain 364

https://gum.criteo.com/sid/json?origin=publishertag&domain=fbu.ua&sn=ChromeSyncframe&so=0&topUrl=fbu.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=gEGPnHxFZjlQMkpFTzJrVjliU0VLbDFwaEtKMHl5M1k0ekJCNWo3YmVBWFdYMmNadUo3N29aVnlEZ29VbHpzL3d3YW1rOFJVTHhVVHRzcFFaajR5cFFKTTE2SGZtdEZ3NEhzaldZb3lOcmdKSENEMklkcG1qdjhqTHBVMi9RZktCNlRueGlVakt5MERrMjZWWEw2aitleXN0cHhXYzYrVURhbkFRd3BWdzVHbGFkdllDd25GV1pTVTN3Um9wVm1pMXBrZVBneU5vOTFkTUNaYVZ6QksxaWJpWjhUL2g4NFZEVUtOM1hCZ0c0aUUvcWxFTys3aU0rTjFVUzE2UldiNGI5YTZjTWh2djFpSnZ1MHFSRzJySHFCd1o2dz09fA&cppv=2

365 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fbu.ua/
Redirect Chain

http://fbu.ua/
https://fbu.ua/

110 KB
22 KB

1210ms
1047ms

Document
text/html

91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: bfd14cb735645e59a8c60956edbe30ed4c12577354e8958d38b587fcf2458080

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 04:35:11 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 14 Oct 2022 04:35:10 GMT
Location: https://fbu.ua/
Server: nginx

GET
H2 200 bootstrap.css
fbu.ua/assets/f79f2636/css/ 143 KB
21 KB 81ms
80ms Stylesheet
text/css 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/assets/f79f2636/css/bootstrap.css
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 21:55:17 GMT
server: nginx
etag: W/"607dfc45-23a5a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.css
fbu.ua/css/ 3 KB
1 KB 82ms
81ms Stylesheet
text/css 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/css/owl.carousel.css
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 1886411e5b9625d7100d3123e759ef12e8833401b69a57553684ab77d4393dbf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Tue, 19 Jun 2018 09:28:08 GMT
server: nginx
etag: W/"5b28cca8-d47"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
fbu.ua/css/ 30 KB
7 KB 154ms
153ms Stylesheet
text/css 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/css/font-awesome.min.css
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 09:43:28 GMT
server: nginx
etag: W/"5a718fc0-791c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css7.css
fbu.ua/css/ 119 KB
21 KB 155ms
154ms Stylesheet
text/css 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/css/css7.css?v=3.8
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 8619a2504ed7df000233a73fcc41c48ba5b6924308a3b35d895608e2285c4974

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 23:09:18 GMT
server: nginx
etag: W/"61b13b1e-1da67"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.fancybox.min.css
fbu.ua/js/fancybox/ 13 KB
3 KB 156ms
155ms Stylesheet
text/css 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/js/fancybox/jquery.fancybox.min.css
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: ed3c979ebd98534e34cdf48ffab11ccf6f60816e23e7afee8d33f08cccf2a856

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 09:43:30 GMT
server: nginx
etag: W/"5a718fc2-358a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 138ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700&subset=cyrillic,cyrillic-ext

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4ebbbe9e2cb7f812044295bf4773dbd8e6170652eb80e91cba87643fe176ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 04:35:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 04:35:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 140ms
52ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i&subset=cyrillic,cyrillic-ext,greek-ext

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7fa895719671f50136115e5a8ac3773e46a820cebce1876a5dcb1fa2f095fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 04:35:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 04:35:11 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 429ms
136ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:39 GMT
server: nginx
etag: W/"63049f2f-2c101"
x-cached-since: 2022-10-14T04:26:55+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Tue, 23 Aug 2022 09:45:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
28 KB 170ms
51ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

8acf1ffbbcc142b283291ffd54ba66f96791d17aa281a99e523b187abbd73c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27654
x-xss-protection: 0
server: sffe
etag: "1363 / 851 of 1000 / last-modified: 1665698735"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Oct 2022 04:35:11 GMT

GET
H2 200 ukraine_79_79.jpg
fbu.ua/web/img/1/gameswidget/ 632 B
825 B 109ms
93ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/ukraine_79_79.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: ed25c4a25b63c73316fdb49ef8f61865adb723672d7ff461f36d8cb013dc2651

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Sun, 04 Feb 2018 19:17:50 GMT
server: nginx
etag: "5a775c5e-278"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 632
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Italy_79_79.png
fbu.ua/web/img/1/gameswidget/ 358 B
550 B 109ms
93ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/Italy_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 72a3b19f170904ac99b4c0ee169de752125b8e0d67f068113a2e0249548082b0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 19 Jun 2019 08:31:41 GMT
server: nginx
etag: "5d09f2ed-166"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 358
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Greece_79_79.png
fbu.ua/web/img/1/gameswidget/ 1 KB
1 KB 110ms
94ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/Greece_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: e18c95508a00c5ae9ccc7f7ce92e65fb807b0859c5cc174cfdb430d980581218

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Sun, 21 Jul 2019 05:33:32 GMT
server: nginx
etag: "5d33f92c-40d"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1037
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CROATIA_79_79.png
fbu.ua/web/img/1/gameswidget/ 3 KB
3 KB 110ms
94ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/CROATIA_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 5533f7b486c954dfc9d2d381c0f6840ce5049686a7281ab9faf8ec005ecdd841

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Fri, 28 Jun 2019 20:18:15 GMT
server: nginx
etag: "5d167607-d14"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3348
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Poland_79_79.png
fbu.ua/web/img/1/gameswidget/ 3 KB
3 KB 110ms
94ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/Poland_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 18fc9e6e33922ff6c851213c5cc537537893a1203a999b1bf488f54b8114f9be

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Mon, 25 Jun 2018 09:07:29 GMT
server: nginx
etag: "5b30b0d1-bc5"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3013
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 france_79_79.png
fbu.ua/web/img/1/gameswidget/ 341 B
533 B 110ms
94ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/france_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 8bae876f80797d89e79d93e25e3fce2f541a71f51eb16ce259125d63b38630ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Sun, 09 Jun 2019 20:32:01 GMT
server: nginx
etag: "5cfd6cc1-155"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 341
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Germany_79_79.png
fbu.ua/web/img/1/gameswidget/ 376 B
568 B 110ms
94ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/Germany_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 37891cdd39c0477728c977368ea63c3b93a78a7c2ef743ab5a3f8887cfef006e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Fri, 27 Aug 2021 20:54:27 GMT
server: nginx
etag: "61295103-178"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 376
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spain_79_79.jpg
fbu.ua/web/img/1/gameswidget/ 1 KB
1 KB 110ms
95ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/spain_79_79.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 7b6434a08fdf10503dd752aa7efc5f986be3346a9774a23b09ea398054cf0c83

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Fri, 21 Jun 2019 10:40:40 GMT
server: nginx
etag: "5d0cb428-523"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1315
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Norrkoping-Dolphins_79_79.jpg
fbu.ua/web/img/1/gameswidget/ 2 KB
2 KB 110ms
95ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/Norrkoping-Dolphins_79_79.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 5e61a6ffef714ee0a0c1afde01be15088eecab94ec95f09c1493313596020cc1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 14 Sep 2022 11:31:44 GMT
server: nginx
etag: "6321bba0-923"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 2339
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bud_79_79.png
fbu.ua/web/img/1/gameswidget/ 19 KB
20 KB 110ms
95ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/bud_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 5015e53b1ed71961ba1c96e253724e8d67f2ba0091d23a732f96a85f8780b4f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Tue, 09 Jan 2018 14:58:36 GMT
server: nginx
etag: "5a54d89c-4d89"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 19849
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bamberg_79_79.png
fbu.ua/web/img/1/gameswidget/ 7 KB
7 KB 110ms
95ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/bamberg_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: cd166c20cfb08626181fce3c15008e50a6aaf40e8dbb26ac5eb4884e1840d78f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 21 Sep 2022 19:01:14 GMT
server: nginx
etag: "632b5f7a-1bf2"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 7154
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Flag-of-Egypt_79_79.png
fbu.ua/web/img/1/gameswidget/ 2 KB
2 KB 110ms
96ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/Flag-of-Egypt_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 8d80da72270fb97258b383b081bae3df4763b39595887a6e76d9c202bf77f8bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Sun, 02 Jun 2019 21:29:34 GMT
server: nginx
etag: "5cf43fbe-70b"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1803
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 netherlands_79_79.png
fbu.ua/web/img/1/gameswidget/ 970 B
1 KB 111ms
96ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/netherlands_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: c7ac8b848ded88911520da797729df494d1e4a10ceafd54db5e02a3f6cdd6545

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 30 May 2019 22:37:25 GMT
server: nginx
etag: "5cf05b25-3ca"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 970
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 romania_79_79.png
fbu.ua/web/img/1/gameswidget/ 350 B
542 B 111ms
96ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/romania_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: a9055d7e2ed2e71bcf2a490ff7d02a02b69070c518b80992796daf325c086512

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Sat, 15 Jun 2019 13:28:11 GMT
server: nginx
etag: "5d04f26b-15e"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 350
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chili_79_79.jpg
fbu.ua/web/img/1/gameswidget/ 2 KB
2 KB 111ms
96ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/chili_79_79.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: becab6e0d88b68a60155edb6d76839a628dd973cd9f11c6f3ccc04417144eb6d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 29 Sep 2022 07:35:23 GMT
server: nginx
etag: "63354abb-631"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1585
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Brazil_79_79.png
fbu.ua/web/img/1/gameswidget/ 5 KB
5 KB 111ms
97ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/Brazil_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 2c96e2ea6f1713dc941a7ca26bc3ae1d163c8c1830c3015da40f8f7fa3ef97f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Tue, 24 Aug 2021 10:55:40 GMT
server: nginx
etag: "6124d02c-1388"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 United-States_79_79.png
fbu.ua/web/img/1/gameswidget/ 3 KB
3 KB 111ms
97ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/United-States_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 2f25b6c3caa4710be57c217781d9c9b9c862982c78773487f2a4fb8c22f9635b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Tue, 02 Jul 2019 21:42:18 GMT
server: nginx
etag: "5d1bcfba-a58"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 2648
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Brindisi-logo_79_79.png
fbu.ua/web/img/1/gameswidget/ 11 KB
11 KB 111ms
97ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/gameswidget/Brindisi-logo_79_79.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 2395814a5ba2979f0332ceb8dfb03c278289a2d54a862d6b3d033834e2e26388

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Mon, 10 Oct 2022 07:13:45 GMT
server: nginx
etag: "6343c629-2c44"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 11332
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
fbu.ua/web/img/ 17 KB
18 KB 111ms
97ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/logo.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 30176507c26a6cd85f2b10339acb0edd3ebbc343f125757ed20724178705ba7d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:49 GMT
server: nginx
etag: "5a718fd5-45fa"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 17914
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 start-1000x500_760_400.jpg
fbu.ua/web/img/1/42869/ 48 KB
48 KB 112ms
98ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42869/start-1000x500_760_400.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 110ca78a6fa25805c2b3ea404d16acc17582a783a76daf1992c5d043058a0100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 14:29:35 GMT
server: nginx
etag: "634820cf-bf94"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 49044
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-13142627_760_400.jpg
fbu.ua/web/img/1/42867/ 62 KB
62 KB 112ms
98ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42867/%D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-13142627_760_400.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 8f193c05de4888a76fcd47916ef139f9e71d5390ef24df61f80903150b484ca1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 16:45:02 GMT
server: nginx
etag: "6348408e-f863"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 63587
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 311565644-550234810436517-5962390031184531593-n_760_400.jpg
fbu.ua/web/img/1/42868/ 78 KB
78 KB 112ms
98ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42868/311565644-550234810436517-5962390031184531593-n_760_400.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: cea94077d05c920d5400cd3002e161ad08a78c2af7c43bdaab1de024a45870eb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 13:36:21 GMT
server: nginx
etag: "63481455-13859"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 79961
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image2_760_400.jpeg
fbu.ua/web/img/1/42866/ 72 KB
72 KB 112ms
98ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42866/image2_760_400.jpeg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 19d119447df71ea31ced3776d9357a0fd20bb41f49d91269ac4195f6fac12724

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 07:00:24 GMT
server: nginx
etag: "6347b788-11fbb"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 73659
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-13093451_760_400.jpg
fbu.ua/web/img/1/42865/ 78 KB
78 KB 176ms
162ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42865/%D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-13093451_760_400.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 10a9a6de10070e1496b24cb94d6df38b21ca113e249a6c41d13326eea7386da7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 06:37:44 GMT
server: nginx
etag: "6347b238-137fd"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 79869
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-13085049_760_400.jpg
fbu.ua/web/img/1/42864/ 58 KB
58 KB 176ms
163ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42864/%D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-13085049_760_400.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 9ad11ce9333e919251d51f4962f8cc3552e1b5428b0fc417a38b01b7cda959bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 06:01:38 GMT
server: nginx
etag: "6347a9c2-e643"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 58947
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-13080307_760_400.jpg
fbu.ua/web/img/1/42863/ 51 KB
51 KB 176ms
163ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42863/%D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-13080307_760_400.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 6276169ad9b8423750bdbbf268a643fc7311efbc382f27f57da8cd7dc94b4bdf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 05:04:07 GMT
server: nginx
etag: "63479c47-ca38"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 51768
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imageBOBBY_75_75.jpeg
fbu.ua/web/img/1/42862/ 3 KB
3 KB 177ms
164ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42862/imageBOBBY_75_75.jpeg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: a9ad4b3592680204fcf1bb8f3c6edeaef240c2af2522709d89696010e667db67

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 16:45:02 GMT
server: nginx
etag: "6348408e-c50"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3152
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-12170554_75_75.jpg
fbu.ua/web/img/1/42861/ 3 KB
3 KB 177ms
164ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42861/%D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-12170554_75_75.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 278ce823f1e395ae1ca9e2edf897e52daa3ea90ee2e7a5b78a7999e45619e043

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 14:29:35 GMT
server: nginx
etag: "634820cf-b60"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 2912
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imageBBB_75_75.jpeg
fbu.ua/web/img/1/42860/ 3 KB
3 KB 177ms
164ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42860/imageBBB_75_75.jpeg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: a2fe9eb2f02139db03b9740aeb8ed6f9fbc61ff8ecc611bf49ccc765b420fbe7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 13:36:21 GMT
server: nginx
etag: "63481455-b4e"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 2894
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 informers_js.php Show response
sinoptik.ua/ 1 KB
881 B 140ms
44ms Script
application/json 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://sinoptik.ua/informers_js.php?title=4&wind=2&cities=303010783&lang=ua

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv150.fwdcdn.com

Software

nginx /

Resource Hash

a6d93c16c8f8e06a2bd880c8f1f016c6dc61042c5f0ae2d4e38a61e3c3b22a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-store, no-cache, must-revalidate
date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
x-server-by: sinfe1
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/json
cache-control: must-revalidate, post-check=0, pre-check=0
expires: 0

GET
H2 200 1280x720px-2-_800_400.png
fbu.ua/web/img/1/42733/ 357 KB
358 KB 177ms
164ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42733/1280x720px-2-_800_400.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 45abfe92617efc248736f0958fbb2677c76968366185994a5352b98210bf60e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 21 Sep 2022 12:09:11 GMT
server: nginx
etag: "632afee7-594b0"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 365744
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imagetkachhh_240_210.jpeg
fbu.ua/web/img/1/42726/ 14 KB
15 KB 177ms
165ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42726/imagetkachhh_240_210.jpeg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 3a404fbaae5a7c923d84b91bfa720d4f823cc0cae68c7c5f48a4d4d9b351ca31

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 21 Sep 2022 12:09:12 GMT
server: nginx
etag: "632afee8-39f3"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 14835
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Juancho_240_210.jpeg
fbu.ua/web/img/1/42722/ 19 KB
20 KB 177ms
165ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42722/Juancho_240_210.jpeg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: ee7ea49b657ab7fbec96a31b893c97bc0400c66fe9cafe3c5cf60acefee278d3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Mon, 19 Sep 2022 09:00:38 GMT
server: nginx
etag: "63282fb6-4df2"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 19954
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-2022-09-18T200549_240_210.455
fbu.ua/web/img/1/42719/ 22 KB
23 KB 178ms
165ms Image
application/octet-stream 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42719/image-2022-09-18T200549_240_210.455
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 0455e8cb4379a4ce87b4602eb0edb999338809d299c412e5047868cbda6d4f44

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Mon, 19 Sep 2022 05:33:08 GMT
server: nginx
etag: "6327ff14-59cd"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 22989
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-2022-10-10T075150_75_75.731
fbu.ua/web/img/1/42846/ 4 KB
4 KB 178ms
165ms Image
application/octet-stream 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42846/image-2022-10-10T075150_75_75.731
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 899b91f8f52a3fdf6b74081eb01cb351a846bd83b0c5374b8654da2d03ee1721

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Mon, 10 Oct 2022 04:52:15 GMT
server: nginx
etag: "6343a4ff-f0e"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3854
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-08092746_75_75.jpg
fbu.ua/web/img/1/42835/ 3 KB
3 KB 178ms
166ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42835/%D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-08092746_75_75.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 4280b85060284a2d4bc4a7c3c24eea145dfabc876dc0056057c3fe94f1e24ae9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Sat, 08 Oct 2022 06:43:11 GMT
server: nginx
etag: "63411bff-aac"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 2732
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 oETbRYPmuUygHKlnLuNH7A_75_75.jpg
fbu.ua/web/img/1/42788/ 3 KB
3 KB 178ms
166ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42788/oETbRYPmuUygHKlnLuNH7A_75_75.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: efcbbe5b532585fbbd7f6b2858412e6221ac6157283c347a81c64f84bd488c2d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Fri, 30 Sep 2022 13:00:40 GMT
server: nginx
etag: "6336e878-c1d"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3101
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image-2022-09-29T152132_75_75.243
fbu.ua/web/img/1/42785/ 4 KB
4 KB 178ms
166ms Image
application/octet-stream 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42785/image-2022-09-29T152132_75_75.243
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 211e76cc19b1ef64fcb783b88e71e7180ba0c81fbe6eed6d0b8135c280635cfa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 29 Sep 2022 12:25:25 GMT
server: nginx
etag: "63358eb5-e3e"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3646
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1200x90.jpg
fbu.ua/web/img/ 114 KB
114 KB 178ms
167ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1200x90.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 8cc2be55cfd2ab58f2fd9ed10416075823a3cd116c2da787a728c52e44abb5eb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 16 Jun 2022 12:31:04 GMT
server: nginx
etag: "62ab2288-1c867"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 116839
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 errea_banner.jpg
fbu.ua/web/img/ 17 KB
17 KB 179ms
167ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/errea_banner.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 05d8d7446846c643ec93f739c9b57f749a914fd9e0e2a89c6e8ebfdf78778642

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:41 GMT
server: nginx
etag: "5a718fcd-4210"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 16912
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 start-1000x500_530_300.jpg
fbu.ua/web/img/1/42869/ 31 KB
31 KB 179ms
167ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42869/start-1000x500_530_300.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 60dc9e41e67f63eda2f73723a26335632993eccb8633c480e5878183fa9dcea0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 14:29:35 GMT
server: nginx
etag: "634820cf-7c86"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 31878
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%9E%D0%86-1_530_300.png
fbu.ua/web/img/1/42772/ 200 KB
201 KB 179ms
168ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42772/%D0%9E%D0%86-1_530_300.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 0139874a4b1999b28cc3821d6b70cf77dcb51e4a0c197a5aecff141a3ede1f81

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 28 Sep 2022 07:00:22 GMT
server: nginx
etag: "6333f106-32113"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 205075
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-11131702_530_300.jpg
fbu.ua/web/img/1/42855/ 36 KB
36 KB 179ms
168ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42855/%D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-11131702_530_300.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: a70c6959e692fdb1888a40e93e2f094e4f35d56b6b4a4e6e27c6638928aabd6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Tue, 11 Oct 2022 10:22:10 GMT
server: nginx
etag: "634543d2-8fac"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 36780
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imageua2_530_300.jpeg
fbu.ua/web/img/1/42850/ 38 KB
38 KB 179ms
168ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42850/imageua2_530_300.jpeg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 4e2af3b901e91efff5ed19dead110fc98d0b5e04617bac299deba66486891f7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Mon, 10 Oct 2022 13:47:24 GMT
server: nginx
etag: "6344226c-97bf"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 38847
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-13093451_530_300.jpg
fbu.ua/web/img/1/42865/ 50 KB
50 KB 179ms
168ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42865/%D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-13093451_530_300.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: a4b919975a7ee94c3cc068c4e6c31079ea4502e6cd7e4f4f8faa12203364f8d4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 06:37:44 GMT
server: nginx
etag: "6347b238-c6d8"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 50904
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-13142627_530_300.jpg
fbu.ua/web/img/1/42867/ 39 KB
39 KB 179ms
169ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42867/%D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-13142627_530_300.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 8fba032834bbadc3af987c4d26890f525ec64e489def709569d1ae051b087568

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 16:45:03 GMT
server: nginx
etag: "6348408f-9acc"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 39628
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 272157581-2280693422083938-3079454153767290771-n_530_300.jpeg
fbu.ua/web/img/1/42857/ 49 KB
50 KB 180ms
169ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42857/272157581-2280693422083938-3079454153767290771-n_530_300.jpeg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 6e8a24115031c0da0e68a9449911c0a43967125946f17f2b39d210899d907510

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Tue, 11 Oct 2022 16:33:25 GMT
server: nginx
etag: "63459ad5-c58d"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 50573
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image2_530_300.jpeg
fbu.ua/web/img/1/42866/ 44 KB
44 KB 180ms
169ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42866/image2_530_300.jpeg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: b5471b0f645385693d7dc5ed3257fbfaf7fa3800ed64b39ba708cdf7e538b873

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 13 Oct 2022 07:00:25 GMT
server: nginx
etag: "6347b789-affb"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 45051
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-08140100_530_300.jpg
fbu.ua/web/img/1/42839/ 32 KB
32 KB 180ms
170ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42839/%D0%97%D0%BD%D1%96%D0%BC%D0%BE%D0%BA%D0%B5%D0%BA%D1%80%D0%B0%D0%BD%D0%B02022-10-08140100_530_300.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: fe0b255c1648167303f127e54b803eea2949271c02bcbbd53b72a0ce1c67ab97

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Sun, 09 Oct 2022 08:00:13 GMT
server: nginx
etag: "63427f8d-7eba"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32442
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 80d02c7c02990da0_530_300.jpeg
fbu.ua/web/img/1/42800/ 46 KB
46 KB 185ms
175ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42800/80d02c7c02990da0_530_300.jpeg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 7d13be1ca3632c021174055e5e8d9e55319cb161ac05529d90809438762d78f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Sun, 02 Oct 2022 08:44:52 GMT
server: nginx
etag: "63394f84-b806"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 47110
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 310919875-519542053510357-9093078334577428382-n_530_300.jpg
fbu.ua/web/img/1/42824/ 44 KB
44 KB 186ms
175ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1/42824/310919875-519542053510357-9093078334577428382-n_530_300.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 1f195dd81114e17430de9ead33a5d1a05f37623b2c5d622317e5a3e7afd64c4a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 06 Oct 2022 12:11:52 GMT
server: nginx
etag: "633ec608-ae9c"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 44700
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pari.png
fbu.ua/web/img/ 26 KB
26 KB 186ms
176ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/pari.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: e60b1a3f87aac1baaa8777e1cfbd2ac5b423811d882bba3d278b0200d414f09d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 07 Feb 2019 15:38:43 GMT
server: nginx
etag: "5c5c5103-6664"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 26212
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 veneto.png
fbu.ua/web/img/ 5 KB
5 KB 189ms
179ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/veneto.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: e3b708360607c356fd25c6cc00fd98ea78107bb13ab74fcfeafd623158fa69b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:52 GMT
server: nginx
etag: "5a718fd8-1530"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5424
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 obozrevatel2.png
fbu.ua/web/img/ 9 KB
9 KB 189ms
179ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/obozrevatel2.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 2ebc5dfa842742dce4db4da7771e98da6e925dfd88ad6b005bf3f9658cd5464d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Tue, 06 Mar 2018 13:02:54 GMT
server: nginx
etag: "5a9e917e-2524"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 9508
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amber.png
fbu.ua/web/img/sponsors/ 25 KB
25 KB 189ms
180ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/sponsors/amber.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 1175b8dc9cf5f18c2d8842db0e2af0d65dac4ff66b230c16965f10e4ad7efb3b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Tue, 02 Aug 2022 13:15:53 GMT
server: nginx
etag: "62e92389-648b"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 25739
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tac.png
fbu.ua/web/img/ 4 KB
4 KB 189ms
180ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/tac.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 3a92718af21251034cb45090b0a8bfc6d4fece89fd2cf7a69f12cdfcc830e19d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:51 GMT
server: nginx
etag: "5a718fd7-f84"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3972
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wilson.png
fbu.ua/web/img/ 16 KB
17 KB 189ms
180ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/wilson.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 86a29ab2fc6f1c05534c8366fa0a7a923c7918cbd2deb2ec076fa8bc38753b51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:53 GMT
server: nginx
etag: "5a718fd9-41ff"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 16895
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 errea.png
fbu.ua/web/img/ 14 KB
14 KB 190ms
180ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/errea.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 498dfaf68aabc43125a258dd9f4b0fab4c7f7b2b1d93521743d20047cf378711

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:41 GMT
server: nginx
etag: "5a718fcd-38a2"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 14498
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Fiba.jpg
fbu.ua/web/img/ 163 KB
163 KB 190ms
181ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/Fiba.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 9fde02f8e5287b6defe4344a582605f60634f7a78f964fa9e9b6f4ca7118daef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 14 May 2020 10:59:50 GMT
server: nginx
etag: "5ebd24a6-28a55"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 166485
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fiba2.jpg
fbu.ua/web/img/ 30 KB
30 KB 190ms
181ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/fiba2.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 9aef6a7623dcf0740fc1366aa3847a8df6f635ce75786e2be5692e27fe2b3148

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 14 May 2020 10:59:50 GMT
server: nginx
etag: "5ebd24a6-76fa"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30458
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 estafeta.png
fbu.ua/web/img/ 19 KB
19 KB 190ms
181ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/estafeta.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 5d64e4814ec56daa81772d46f48c38a097fd15dfe8b5a5f0abf690218655c3a2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 11 Apr 2018 10:13:49 GMT
server: nginx
etag: "5acddfdd-4c0e"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 19470
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mastercard.png
fbu.ua/web/img/ 1005 B
1 KB 190ms
181ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/mastercard.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 5f1efb9d3d383608023bec8b3da35223890186043af8762c9934f5120b298549

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Fri, 26 Oct 2018 11:00:58 GMT
server: nginx
etag: "5bd2f3ea-3ed"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1005
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 visa_white.png
fbu.ua/web/img/ 2 KB
2 KB 190ms
182ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/visa_white.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: e207b5abcbae45c224ebfca08a452b8ac970af880247b8576d05c933dfeb15ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Thu, 28 Jul 2022 15:42:55 GMT
server: nginx
etag: "62e2ae7f-7cd"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1997
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
fbu.ua/assets/a1c549cd/ 132 KB
38 KB 81ms
81ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/assets/a1c549cd/jquery.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: efba4dc39d340c8bb235863f252dd44612d67050977b693881e1aa15ab5fffd3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 21:55:17 GMT
server: nginx
etag: W/"607dfc45-20e9a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.v2.3.min.js Show response
fbu.ua/js/ 43 KB
11 KB 88ms
75ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/js/owl.carousel.v2.3.min.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 104a099fd12f846c24c7375b82d1d13137bef45b2724ffbc9d8e9de93ad3eada

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Tue, 19 Jun 2018 08:22:43 GMT
server: nginx
etag: W/"5b28bd53-ac33"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 yii.js Show response
fbu.ua/assets/b6aff73c/ 20 KB
6 KB 108ms
90ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/assets/b6aff73c/yii.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 2d2c633510fab074bcb369197749bbdf51605de89d9ccaac52803f94ab0ce632

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 21:55:17 GMT
server: nginx
etag: W/"607dfc45-4eeb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.js Show response
fbu.ua/assets/f79f2636/js/ 68 KB
15 KB 108ms
90ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/assets/f79f2636/js/bootstrap.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 21:55:17 GMT
server: nginx
etag: W/"607dfc45-1104b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.js Show response
fbu.ua/js/ 22 KB
7 KB 108ms
91ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/js/owl.carousel.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: bdfe1b9bed7fd0fe71122ff6ed06c74184342c50ce96e494bf3403ee609ab486

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 09:43:29 GMT
server: nginx
etag: W/"5a718fc1-59f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 input.mask.js Show response
fbu.ua/js/ 7 KB
3 KB 108ms
91ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/js/input.mask.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 363ede10c6ee5e0531301152d3a54bfc2db8efff53419a031e686ff399ba59dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 09:43:29 GMT
server: nginx
etag: W/"5a718fc1-1d60"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.fancybox.min.js Show response
fbu.ua/js/fancybox/ 51 KB
17 KB 109ms
91ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/js/fancybox/jquery.fancybox.min.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: c33a2ad0fef0daa2f345c26c177d7dcba1bd3a2964de7539099f2d9d8f538c52

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 11:21:02 GMT
server: nginx
etag: W/"5a71a69e-cc4e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scroll.js Show response
fbu.ua/js/ 14 KB
3 KB 109ms
91ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/js/scroll.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: c7096647244a1c6d7899bfb9b8383a61b85db33885477de89e54f37623971902

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 09:43:29 GMT
server: nginx
etag: W/"5a718fc1-390b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.imagemapster.js Show response
fbu.ua/js/ 163 KB
39 KB 109ms
92ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/js/jquery.imagemapster.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: cd591d32dd791d9dfdfc0f2d6297121acd305fef369bbdd09b799b8b2fe7ffd8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 09:43:29 GMT
server: nginx
etag: W/"5a718fc1-28c9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.cookie.js Show response
fbu.ua/js/ 4 KB
2 KB 109ms
92ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/js/jquery.cookie.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 970d4acabcfc91a11bf6b9155f028b1ac976064d6836b12b44c9f6d5e036f233

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 09:43:29 GMT
server: nginx
etag: W/"5a718fc1-e9e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 common.js Show response
fbu.ua/js/ 21 KB
5 KB 109ms
92ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/js/common.js?v=1.3
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 1ce9ac0c8dfdc87a757563dc664a31c5b1b40258f2959566097d7556b1068f78

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 01:37:40 GMT
server: nginx
etag: W/"61a82364-5310"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 yii.validation.js Show response
fbu.ua/assets/b6aff73c/ 15 KB
3 KB 109ms
93ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/assets/b6aff73c/yii.validation.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 1f0683bab944dcdf2f515d0c0239652f37ab8f308a48ace4046443a1d1977cf6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 21:55:17 GMT
server: nginx
etag: W/"607dfc45-3c90"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 yii.activeForm.js Show response
fbu.ua/assets/b6aff73c/ 31 KB
7 KB 110ms
93ms Script
application/javascript 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/assets/b6aff73c/yii.activeForm.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 1460adaed8878b17e05ad122c84c181b9f475a925bd08f1c561a196f459d7b81

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 21:55:17 GMT
server: nginx
etag: W/"607dfc45-7dee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8c00668183.js Show response
use.fontawesome.com/ 9 KB
4 KB 310ms
238ms Script
text/javascript 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/8c00668183.js
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36ebb6587354430123e1e1053538afe9eeb29901bcb91e324645c0392e21daa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Jun 2021 21:45:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: PEV3ESJ6MQQPFZPP
etag: W/"6826aa516207f7eeb7dbb9b915eb3db7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiYPPfyAKLwKh%2Fyw4HGie5zYvtXxhjzE3h%2B0MdadMtfTIYNCyyJUm%2FJin5VqaI6QT%2FntBORLrPsrQaTPThphtXy2emGGZDdNLN60LIQgNRQ4x7aAJ8Mh5k%2BaX9jgLm3Pa7cZaRWo2j48bIW%2BioxMDG8Z"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 759d9b5f8ba174a9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: v5irZLZPupQ7nR9uvCo1Oz/7W0ujVpc+clOfKQQbOi2SSaQjuKG7YuJqxMFVBDyZeOZ6v/GV73E=

GET
H2 200 css
fonts.googleapis.com/ 7 KB
769 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700

Requested by

Host: fbu.ua
URL: https://fbu.ua/css/css7.css?v=3.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97f2aae05698136e460333f1919da58d0a92df73d9cdc5dc40041b5bfef5acb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 04:35:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 04:35:11 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 156ms
68ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

043920c8260014c96ca227f7857b2d1011de812662a72c914e78774f912cf987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 04:35:11 GMT
content-md5: 4GghwH6rgOWZxgQj46U1BA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: WXEGdqXYMLM4hdMhlyzZ6LkR7ePuiJApRNE1NBHuHQTq4DbJP1j3dgbgmft51Qq315XjqCaDOr/zy+m/qjNuSg==
x-fb-trip-id: 917726464
x-fb-content-md5: c20cfc732179f0876c6632fd2cc35e68
cross-origin-opener-policy: same-origin-allow-popups
etag: "9eb1a96b005edd8e85f2d645d93a1f40"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Fri, 14 Oct 2022 04:44:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 150ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 03:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4754
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 14 Oct 2022 05:15:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 130ms
42ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Oct 2022 04:35:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26852
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: mPCnghPLsdpbgEfHY0FfzcyDvk6q9AdP+iz5z21wJmbYD3hwAzQvIoawrI071THHIAngrfyGxK5JQkU/65ONuw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 16 KB
16 KB 205ms
95ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fbu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:01:47 GMT
x-content-type-options: nosniff
age: 585204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:01:47 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 15 KB
15 KB 216ms
106ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fbu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 193709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14964
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 22:46:42 GMT

GET
H2 200 fontawesome-webfont.woff2
fbu.ua/fonts/ 75 KB
76 KB 95ms
88ms Font
font/woff2 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://fbu.ua/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: fbu.ua
URL: https://fbu.ua/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://fbu.ua/css/font-awesome.min.css
Origin: https://fbu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Sat, 19 Aug 2017 08:28:56 GMT
server: nginx
etag: "5997f6c8-12d68"
content-type: font/woff2
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 77160
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuHMR6WR.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 11 KB
11 KB 227ms
118ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuHMR6WR.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

998691c2c0c408e5cbf98147176c36679708ce66b26b77f3fc30b83fa5bab311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fbu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 22:57:34 GMT
x-content-type-options: nosniff
age: 193057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10800
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:07:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 22:57:34 GMT

GET
H2 200 ticket_white.png
fbu.ua/web/img/ 8 KB
8 KB 176ms
175ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/ticket_white.png?v2
Requested by: Host: fbu.ua
URL: https://fbu.ua/css/css7.css?v=3.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: efba27ef554afd94cde4db179aeb6e585c26bf1d4aa3e0b319f82f9f1c4048c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/css/css7.css?v=3.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Mon, 15 Nov 2021 22:42:24 GMT
server: nginx
etag: "6192e250-2083"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8323
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 games-bg.jpg
fbu.ua/web/img/ 245 KB
246 KB 175ms
175ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/games-bg.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/css/css7.css?v=3.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: d41cc46ce01114bebb7d19dc4a19cbe33946614b143bd0a82fe74eddf8a6a32a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/css/css7.css?v=3.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Fri, 30 Mar 2018 07:24:11 GMT
server: nginx
etag: "5abde61b-3d4c2"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 251074
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuHMR6WR.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 9 KB
9 KB 229ms
138ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuHMR6WR.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf6481fd9ca6cf5ea01c350f2e9a71321c5e4b99a116418ab2c9f0c4c01af81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fbu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 23:44:00 GMT
x-content-type-options: nosniff
age: 190271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:41:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 23:44:00 GMT

GET
H2 200 informers2.css
sinst.fwdcdn.com/css/ 15 KB
2 KB 51ms
44ms Stylesheet
text/css 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/informers_js.php?title=4&wind=2&cities=303010783&lang=ua
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
content-encoding: gzip
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 07:03:52 GMT
server: nginx
etag: W/"57469fd8-3d41"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Sat, 14 Oct 2023 04:35:11 GMT

GET
H/1.1

200
OK

hit;ukrbasket
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;ukrbasket?t16.6;r;s1600*1200*24;uhttps%3A//fbu.ua/;0.8055157387930518
https://counter.yadro.ru/hit;ukrbasket?q;t16.6;r;s1600*1200*24;uhttps%3A//fbu.ua/;0.8055157387930518

227 B
713 B

73ms
73ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;ukrbasket?q;t16.6;r;s1600*1200*24;uhttps%3A//fbu.ua/;0.8055157387930518

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

4ede94b9c80451a79c3f5150497d8263bd24ef024f42c672571f744e002e7d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:12 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 227
Expires: Wed, 13 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:12 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;ukrbasket?q;t16.6;r;s1600*1200*24;uhttps%3A//fbu.ua/;0.8055157387930518
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 13 Oct 2021 21:00:00 GMT

GET
H2 200 shop-banner.png
fbu.ua/web/img/ 236 KB
237 KB 97ms
96ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/shop-banner.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/css/css7.css?v=3.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: a6b1160a34be60c2a428801d99fcb88d1988a341e4ac6eaf4b1a065473d74d8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/css/css7.css?v=3.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 18 Apr 2018 15:10:55 GMT
server: nginx
etag: "5ad75fff-3b126"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 241958
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1tv.png
fbu.ua/web/img/ 14 KB
14 KB 152ms
138ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/1tv.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 8617160a84979ff8500516d5109baccfc11c45d4d09996c18858f1a10eb55d00

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:40 GMT
server: nginx
etag: "5a718fcc-389a"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 14490
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 obozrevatel3.png
fbu.ua/web/img/ 6 KB
6 KB 152ms
139ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/obozrevatel3.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: b121d0e4fa0de912f8e242feb8c0c61ece7adcf92dff4c15016e58eac7118887

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Tue, 06 Mar 2018 13:06:15 GMT
server: nginx
etag: "5a9e9247-1617"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5655
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 segodnya.png
fbu.ua/web/img/ 68 KB
68 KB 152ms
139ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/segodnya.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 2124c802121c8ee57dfc4089d22bcfac2bc46f55c575ca55e367490e54b13061

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:51 GMT
server: nginx
etag: "5a718fd7-10efd"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 69373
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 xsport2.png
fbu.ua/web/img/ 102 KB
102 KB 153ms
140ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/xsport2.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 647e878e0a88405df5f8fa5f6f8a4c015b9e6933004e622f37f6251312bd9cff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Tue, 11 Feb 2020 15:05:55 GMT
server: nginx
etag: "5e42c2d3-19769"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 104297
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_esport.png
fbu.ua/web/img/ 14 KB
14 KB 153ms
140ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/logo_esport.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 0fd02348665a1977a1200b885f9a99d952b64523259924cebe10bf3372a95826

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:49 GMT
server: nginx
etag: "5a718fd5-37cb"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 14283
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 kissfm.png
fbu.ua/web/img/ 7 KB
7 KB 153ms
140ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/kissfm.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 1666c73b0b582cab62cebc5cd1df47647f1a3b53714eea4999de9211d3c8e811

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:47 GMT
server: nginx
etag: "5a718fd3-1cdf"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 7391
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 24tv2.png
fbu.ua/web/img/ 9 KB
9 KB 144ms
141ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/24tv2.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 24cdb0dd17de61a592f8a8a3418590a32e05b7b2d6fe65d2a40cc1eefc1cd449

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:40 GMT
server: nginx
etag: "5a718fcc-2424"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 9252
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 inter.png
fbu.ua/web/img/ 28 KB
29 KB 145ms
141ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/inter.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: e3210ea88b74c6e0a52464a2e226dfbe30d0871a79f12a23ffde342b5dd34ddc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:46 GMT
server: nginx
etag: "5a718fd2-7139"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28985
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 kiev-tv.png
fbu.ua/web/img/ 7 KB
7 KB 145ms
141ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/kiev-tv.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 76b0aae7cf04fec9cc3c2c53b557013549718cd85060a430fc2d0d615582f314

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:47 GMT
server: nginx
etag: "5a718fd3-1bf2"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 7154
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 unian.jpg
fbu.ua/web/img/ 10 KB
10 KB 144ms
142ms Image
image/jpeg 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/unian.jpg
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 4f497c99423d3ef06f347c5c2adfb8fb9fe6724c89a4792e3f170d6d22fbcf2d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Tue, 21 Sep 2021 14:23:54 GMT
server: nginx
etag: "6149eafa-27f5"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 10229
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5tv.png
fbu.ua/web/img/ 3 KB
3 KB 145ms
142ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/5tv.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 9a168032f1cb579a64ab42557cea8d9d71abc3ccd003bb50997f19a41f1a5fab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:40 GMT
server: nginx
etag: "5a718fcc-cff"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3327
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sport.png
fbu.ua/web/img/ 41 KB
42 KB 145ms
142ms Image
image/png 91.218.214.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbu.ua/web/img/sport.png
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.214.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 91ab4ac84347894024c91b9ab5d5fceaf56e4adc600643a2ef825caec237d9dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:11 GMT
last-modified: Wed, 31 Jan 2018 09:43:51 GMT
server: nginx
etag: "5a718fd7-a545"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 42309
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 26 KB
26 KB 125ms
122ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i&subset=cyrillic,cyrillic-ext,greek-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fbu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 19:02:00 GMT
x-content-type-options: nosniff
age: 293591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 19:02:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 42ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i&subset=cyrillic,cyrillic-ext,greek-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fbu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 294277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 18:50:34 GMT

GET
H2 200 logo-t1.png
sinst.fwdcdn.com/img/informers/ 1 KB
1 KB 47ms
46ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/logo-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 56ae8084a1f412356c3e67087d606170c4518a5dc24c871fc925459686c5b6cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-4d5"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1237
expires: Sat, 14 Oct 2023 04:35:12 GMT

GET
H2 200 hlc-t1.png
sinst.fwdcdn.com/img/informers/ 181 B
389 B 48ms
47ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/hlc-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 6c886518dd2d1f700b72d1339199c5ab235e348f81e6e95c870d2f34cea4271e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
x-server-by: sinfe3
last-modified: Wed, 05 Nov 2014 09:28:02 GMT
server: nginx
etag: "5459eda2-b5"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 181
expires: Sat, 14 Oct 2023 04:35:12 GMT

GET
H2 200 term-t1.png
sinst.fwdcdn.com/img/informers/ 389 B
599 B 48ms
46ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/term-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-185"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 389
expires: Sat, 14 Oct 2023 04:35:12 GMT

GET
H2 200 s-informers.png
sinst.fwdcdn.com/img/informers/ 33 KB
33 KB 44ms
44ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/s-informers.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: b1793edea2c5e9f935b11981c437c4a9ac736fd9d71e9d7fa3ca8e49080581ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-82d9"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 33497
expires: Sat, 14 Oct 2023 04:35:12 GMT

GET
H2 200 frc-t1.png
sinst.fwdcdn.com/img/informers/ 155 B
364 B 88ms
88ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/frc-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-9b"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 155
expires: Sat, 14 Oct 2023 04:35:12 GMT

GET
H2 200 flc-t1.png
sinst.fwdcdn.com/img/informers/ 148 B
357 B 89ms
89ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/flc-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-94"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 148
expires: Sat, 14 Oct 2023 04:35:12 GMT

GET
H3 200 819977671543549 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 147ms
101ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/819977671543549?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e0359b3d025d57be58d8fb035682085f4183f766ac8d2420a8f8fe02ef8768ed

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Oct 2022 04:35:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: wHT9wHkN4/JvscshsueKdJXKNZNZ+2zhVfnwcWNGxAIsdJWq0wlenukYKxCy0kXfQpLJF0lJkkdJMqwfDsjblg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 307 KB
87 KB 85ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=67ba548d887fa906f140b419d97bd323

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4436c1658be46276577ad84141f0ae8007f84d69e396b4c3f731329a9e547afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://fbu.ua/
Origin: https://fbu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 04:35:12 GMT
content-md5: ELjc26ZEHnSN6YqNFwbhlQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88650
x-fb-rlafr: 0
x-fb-debug: 6/MRKR76Ud8zcSximMzWRGLzWLBeffDX4Wdb2QCVKMxZBuGKRl6sb3v2pnyiNH924pWMQvqNo0Td9p5zO/kHAw==
x-fb-content-md5: 9f93a615c1d654082e14182f2152db51
cross-origin-opener-policy: same-origin-allow-popups
etag: "b4842bb15a5bba91dc74e01f31e360dd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 13 Oct 2023 16:14:06 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 137ms
48ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=961908464&t=pageview&_s=1&dl=https%3A%2F%2Ffbu.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B1%D0%B0%D1%81%D0%BA%D0%B5%D1%82%D0%B1%D0%BE%D0%BB%D1%83%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%96%20%D1%81%D0%B2%D1%96%D1%82%D1%96%20%D0%BD%D0%B0%20%D0%BE%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%BE%D0%BC%D1%83%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20%D1%84%D0%B5%D0%B4%D0%B5%D1%80%D0%B0%D1%86%D1%96%D1%97%20%D0%B1%D0%B0%D1%81%D0%BA%D0%B5%D1%82%D0%B1%D0%BE%D0%BB%D1%83%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1913457758&gjid=766966990&cid=632958336.1665722112&tid=UA-64908043-1&_gid=1686987436.1665722112&_r=1&_slc=1&z=862527960

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fbu.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022101101.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
128 KB 141ms
42ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

0adb253f1936a498f71414d7807eb2feb8fc7269a8eda6146ef73627aa0ea898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 15:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131337
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 08:35:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 13 Oct 2023 15:07:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 81 B
99 B 216ms
51ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fbu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

52b217d997fdb001d98bce72bd236ce1330b42f07d3b21a27ef0785ad354e5ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
expires: Fri, 14 Oct 2022 04:35:12 GMT

GET
H2 200 8c00668183.css
use.fontawesome.com/ 1 KB
764 B 513ms
212ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/8c00668183.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/8c00668183.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae3d7a560e6a30e58c1c624ef9e2801800a0538e6ba21ab83ed63d39f53e7f8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Jun 2021 21:45:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: RDZZFKJWS0ZQ45KY
etag: W/"721dba99ed48f04f46b23debb9695f7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qYzZ1lcbfaZ1HXqxw4fwp2hY3ti87%2BdrJ%2BnJ0GKttYQ0fXvPJVjTlACdDkkW1%2FoTsdY3FYaqzgt2fnqa76wYA6vN4d0op0Zb7LzaB6sWF7uxfktkhTS3sZWDm1SNU0lmNJvCYsNgj%2B1YozbHH21d0x%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 759d9b633f0274a9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: J5UMVQslq80HaWZu9qxCxVv/lmOgWzmB++AnCpDbdJw2U57b6dPxxesQEA89+p2wLIUObRTLzVA=

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 10 KB
10 KB 151ms
48ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=5a26cb58-7f7e-4b07-aff7-ee3efcb3affc&_=1665722111938
Requested by: Host: fbu.ua
URL: https://fbu.ua/assets/a1c549cd/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 17bab718670e2e3bab91f191c47218db2c368659c89a8c4b30569785b0494a49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 04:35:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 9 KB
10 KB 144ms
45ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=bce072a4-44bd-43ed-8fe6-381fd5d8f1c8&_=1665722111939
Requested by: Host: fbu.ua
URL: https://fbu.ua/assets/a1c549cd/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 33a760affd2746dd6537ba5b400f0374bc9ec4493f2cb38798994d0fbc7c0a77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 04:35:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 9 KB
10 KB 145ms
46ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=8d8d3362-7f86-42f6-a932-47358901e670&_=1665722111940
Requested by: Host: fbu.ua
URL: https://fbu.ua/assets/a1c549cd/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 2335849d005412b688f069c4b22ca3ae4769aa9e8fcf955300337ab6c864d71a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 04:35:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 9 KB
10 KB 141ms
44ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=d597fe15-3cb6-4125-8933-08d0748db8a2&_=1665722111941
Requested by: Host: fbu.ua
URL: https://fbu.ua/assets/a1c549cd/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9c6a1bb124f8a979484206eab0919bf0e79f0131650af91ed237ee8cfdd5f572

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 04:35:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 124ms
41ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=502927040048276&ev=fb_page_view&dl=https%3A%2F%2Ffbu.ua%2F&rl=&if=false&ts=1665722112332&sw=1600&sh=1200&at=

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 04:35:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 107ms
42ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=819977671543549&ev=PageView&dl=https%3A%2F%2Ffbu.ua%2F&rl=&if=false&ts=1665722112349&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665722112348.536524842&it=1665722112023&coo=false&rqm=GET

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 04:35:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 163ms
72ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=fbu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 137ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fbu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 92 KB
28 KB 274ms
274ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1483455357927315&correlator=1775543185557306&eid=31068501%2C31070340&output=ldjh&gdfp_req=1&vrg=2022101101&ptt=17&impl=fif&iu_parts=29636627%3A22649497495%2Cfbu.ua_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=4251196040&sfv=1-0-38&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1665722112418&lmt=1665722112&dlt=1665722111623&idt=768&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffbu.ua%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=632958336.1665722112&ga_sid=1665722112&ga_hid=961908464&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

eeb150794bb77f9480827f8a11d4b8cfda8425ea8a05b48526c518304136a8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28452
x-xss-protection: 0
google-lineitem-id: 6129743680
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138407981293
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fbu.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1142 6 KB
4 KB 195ms
47ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:35:12 GMT
expires: Sat, 14 Oct 2023 04:35:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022101101.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 41ms
40ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022101101.js?cb=31070340

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

b0c61f4d39e7cda429be0271c1c87cd36a00bdd51226f0e87ee31ede992e5f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13931
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 08:35:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 12 Oct 2023 18:46:32 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/49044/ Frame 3629 738 B
518 B 126ms
125ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://fbu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Fri, 14 Oct 2022 04:35:12 GMT
etag: W/"63049f42-2e2"
expires: Mon, 02 Oct 2023 02:33:25 GMT
last-modified: Tue, 23 Aug 2022 09:34:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-10-01T02:33:25+00:00
x-id: fr5-up-gc8

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/49044/ 23 KB
8 KB 147ms
146ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:56 GMT
server: nginx
etag: W/"63049f40-5d41"
vary: Accept-Encoding
x-cached-since: 2022-10-10T16:28:38+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 11 Oct 2023 16:28:38 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/49044/ 75 KB
20 KB 137ms
137ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:45 GMT
server: nginx
etag: W/"63049f35-12c39"
vary: Accept-Encoding
x-cached-since: 2022-10-10T16:28:38+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 11 Oct 2023 16:28:38 GMT

GET
H2 200 prebidcdn.js Show response
cdn.admixer.net/prebidcdn/ 242 KB
89 KB 364ms
129ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,mc_hook,pubmaticBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=1259082910
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=d597fe15-3cb6-4125-8933-08d0748db8a2&_=1665722111941
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c46970fadf0dab3c674862fedbd556f9e7d9649f40cead9a2caf512634351c24

Request headers

Referer: https://fbu.ua/
Origin: https://fbu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 09:10:06 GMT
server: nginx
etag: W/"62fa0d6e-3c7cf"
vary: Accept-Encoding
x-cached-since: 2022-10-09T21:34:52+00:00
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: content-range
cache-control: max-age=31622400
cache: HIT
expires: Tue, 10 Oct 2023 21:34:52 GMT

GET
H2 200 load-gpt.js Show response
cdn.admixer.net/scripts/ 561 B
492 B 128ms
128ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts/load-gpt.js
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=d597fe15-3cb6-4125-8933-08d0748db8a2&_=1665722111941
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 12:25:34 GMT
server: nginx
etag: W/"61e5603e-231"
vary: Accept-Encoding
x-cached-since: 2022-10-10T16:29:24+00:00
content-type: application/javascript
access-control-expose-headers: content-range
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Wed, 11 Oct 2023 16:29:24 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 5 KB
2 KB 123ms
40ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=3102401528143283.5&cpv=d8e48819-81ba-402c-c62c-c73e6d9c8054&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22af5c2fae-a808-6ac6-6f1c-64d05621fb22%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ffbu.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224f2d56ec-3824-de42-d34b-0b489b3fe4e0%22%2C%22tagid%22%3A%22d765f72b-6873-4ab2-a57c-c4c73395089a%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_d765f72b68734ab2a57cc4c73395089a_zone_80470_sect_29441_site_23998%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

b6a85bb819e1878a27d5d79ee0607c095bf7328a699c0c75d192b430258564f0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 04:35:12 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 1881
X-Xss-Protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 3155 4 KB
636 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 03:18:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 04:35:12 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3155 205 B
742 B 130ms
41ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:50:06 GMT
x-content-type-options: nosniff
age: 2706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 14 Oct 2023 03:50:06 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3155 604 B
694 B 131ms
41ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:44:34 GMT
x-content-type-options: nosniff
age: 6638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 14 Oct 2023 02:44:34 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 3155 19 KB
8 KB 132ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 19:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8227
x-xss-protection: 0
server: cafe
etag: 5516984893510486959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 19:00:16 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 339ms
39ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/8c00668183.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://use.fontawesome.com/8c00668183.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: F0PS6ZDYMGAM5FTF
age: 30489135
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: PB+ZKlfPkZqnVWZp4e4qY8RuOl25N3dd3CTuKVz9s+JynOPMjgpHMEiDZOptFr3xdt+UtYwBC8I=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Or3vnUPfh%2BCHalM1I6OZSQJmufue3MHAKnRjMGdAqdk26t73zG3DKpPJqdkzlCJiPFSbksPi7kpdtI50aWy3n%2B5sKPB3obh8NrflzSKjLVEERCdg7azdIXebDslOX0SYpDCyOMTNxFGdrGlOD2TtV3r"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 759d9b66a9ce74a9-LHR

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/49044/ 28 KB
11 KB 133ms
131ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:35:01 GMT
server: nginx
etag: W/"63049f45-702f"
vary: Accept-Encoding
x-cached-since: 2022-10-01T02:33:27+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 02 Oct 2023 02:33:27 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/49044/ 42 KB
18 KB 152ms
148ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:35:02 GMT
server: nginx
etag: W/"63049f46-a793"
vary: Accept-Encoding
x-cached-since: 2022-10-01T02:33:27+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 02 Oct 2023 02:33:27 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/49044/ 13 KB
5 KB 145ms
141ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:54 GMT
server: nginx
etag: W/"63049f3e-326c"
vary: Accept-Encoding
x-cached-since: 2022-09-30T18:13:33+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sun, 01 Oct 2023 18:13:33 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/49044/ 11 KB
4 KB 145ms
142ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:52 GMT
server: nginx
etag: W/"63049f3c-2a79"
vary: Accept-Encoding
x-cached-since: 2022-10-01T02:33:27+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 02 Oct 2023 02:33:27 GMT

GET
H2 200 5927ef40e4a80e0040be.b.js Show response
cdn.admixer.net/scripts3/49044/ 215 KB
74 KB 164ms
161ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/5927ef40e4a80e0040be.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:51 GMT
server: nginx
etag: W/"63049f3b-35ac7"
vary: Accept-Encoding
x-cached-since: 2022-10-01T02:33:27+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 02 Oct 2023 02:33:27 GMT

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 168ms
41ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=44409016d2bf44208075ffa918bd053f
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 14 Oct 2022 04:35:12 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=44409016d2bf44208075ffa918bd053f&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=44409016d2bf44208075ffa918bd053f&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26us...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26us...
https://x.bidswitch.net/sync?dsp_id=429&user_id=52b6bac7-cdb0-521f-a8d9-9f64cb917865&ssp=admixer&expires=30&user_group=1&gdpr=&gdpr_consent=
https://inv-nets.admixer.net/bs/cm.aspx?id=542adbed-71fe-417a-a7e4-c90dc0f23673&gdpr=&consent=&gdpr_pd=

43 B
463 B

41ms
40ms

Image
image/gif

146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=542adbed-71fe-417a-a7e4-c90dc0f23673&gdpr=&consent=&gdpr_pd=

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 04:35:13 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Location: //inv-nets.admixer.net/bs/cm.aspx?id=542adbed-71fe-417a-a7e4-c90dc0f23673&gdpr=&consent=&gdpr_pd=
Date: Fri, 14 Oct 2022 04:35:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=533&code=44409016d2bf44208075ffa918bd053f
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D44409016d2bf44208075ffa918bd053f

43 B
848 B

35ms
35ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D44409016d2bf44208075ffa918bd053f

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:12 GMT
AN-X-Request-Uuid: fec78042-3e1d-4520-9805-6f35b92ccae5
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:12 GMT
AN-X-Request-Uuid: 80e30dee-3954-4ba0-a1a7-7eef8db1d932
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D44409016d2bf44208075ffa918bd053f
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 109ms
29ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
content-length: 0

GET
H/1.1 204
No Content sfaf25.gif
us.ck-ie.com/ 0
129 B 316ms
102ms Image
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.ck-ie.com/sfaf25.gif?puid=44409016d2bf44208075ffa918bd053f
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 04:35:13 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

36ms
35ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Oct 2022 04:35:12 GMT, Fri, 14 Oct 2022 04:35:12 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Fri, 14 Oct 2022 04:35:12 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 34AC 23 KB
10 KB 73ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:57:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 34AC 3 KB
1 KB 85ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 34AC 0
0 148ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZcKqn-uhldj_6d5f9SPhodpdnC3UgRZ0SvxvgsdswQv-w2YnBvnm_0YajbrhMklhX-bk_Tanyi22xx7lggDu6Ko6S8g
Requested by: Host: fbu.ua
URL: https://fbu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34AC 152 KB
47 KB 139ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 04:35:12 GMT

GET
H3 200 2018401009917482972
tpc.googlesyndication.com/simgad/ Frame 34AC 153 KB
153 KB 137ms
41ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2018401009917482972

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f38b1a2f2b442b24a328d065b18c2cc095273d5b37fc661451a8d2502f6666e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:38:52 GMT
x-content-type-options: nosniff
age: 35780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156679
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:47:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Oct 2023 18:38:52 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 96ms
40ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=819977671543549&ev=Microdata&dl=https%3A%2F%2Ffbu.ua%2F&rl=&if=false&ts=1665722112852&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B1%D0%B0%D1%81%D0%BA%D0%B5%D1%82%D0%B1%D0%BE%D0%BB%D1%83%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%96%20%D1%81%D0%B2%D1%96%D1%82%D1%96%20%D0%BD%D0%B0%20%D0%BE%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%BE%D0%BC%D1%83%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20%D1%84%D0%B5%D0%B4%D0%B5%D1%80%D0%B0%D1%86%D1%96%D1%97%20%D0%B1%D0%B0%D1%81%D0%BA%D0%B5%D1%82%D0%B1%D0%BE%D0%BB%D1%83%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%22%2C%22meta%3Adescription%22%3A%22%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B1%D0%B0%D1%81%D0%BA%D0%B5%D1%82%D0%B1%D0%BE%D0%BB%D1%83%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%96%20%D1%81%D0%B2%D1%96%D1%82%D1%96%20%D0%BD%D0%B0%20%D0%BE%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%BE%D0%BC%D1%83%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20%D1%84%D0%B5%D0%B4%D0%B5%D1%80%D0%B0%D1%86%D1%96%D1%97%20%D0%B1%D0%B0%D1%81%D0%BA%D0%B5%D1%82%D0%B1%D0%BE%D0%BB%D1%83%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8.%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%2C%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D1%84%D0%B5%D1%80%D0%B8%2C%20%D1%81%D1%83%D0%B4%D0%B4%D1%96%D0%B2%D1%81%D1%82%D0%B2%D0%BE%2C%20%D0%B4%D0%BB%D1%8F%20%D1%82%D1%80%D0%B5%D0%BD%D0%B5%D1%80%D1%96%D0%B2%2C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D0%BB%D1%8F%D1%86%D1%96%D1%97%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Ffbu.ua%2Fimg%2Flogo_og.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665722112348.536524842&it=1665722112023&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 04:35:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 prebidcdn.js Show response
cdn.admixer.net/prebidcdn/ 29 KB
12 KB 126ms
126ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adfBidAdapter,criteoBidAdapter&no_core=true&dev=true&rnd=268435462&hash=848573896
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=5a26cb58-7f7e-4b07-aff7-ee3efcb3affc&_=1665722111938
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6f2d6cf2fc500483c9c05a19048536845ac7412b0cd4f608794dc5ab6d9a784a

Request headers

Referer: https://fbu.ua/
Origin: https://fbu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 09:09:06 GMT
server: nginx
etag: W/"62fa0d32-739b"
vary: Accept-Encoding
x-cached-since: 2022-08-15T09:27:55+00:00
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: content-range
cache-control: max-age=31622400
cache: HIT
expires: Wed, 16 Aug 2023 09:27:55 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
168 B 44ms
36ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,mc_hook,pubmaticBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=1259082910
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fbu.ua
date: Fri, 14 Oct 2022 04:35:13 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 9 KB
10 KB 74ms
74ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,mc_hook,pubmaticBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=1259082910

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

afbbfed5db2b92dd2a45601409629664ef8dbcd18874c30d8949ad05cf9b25c9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 14 Oct 2022 04:35:13 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://fbu.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 9719
X-Xss-Protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
54 B 167ms
76ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,mc_hook,pubmaticBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=1259082910
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fbu.ua
date: Fri, 14 Oct 2022 04:35:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
168 B 38ms
37ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,mc_hook,pubmaticBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=1259082910
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fbu.ua
date: Fri, 14 Oct 2022 04:35:13 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
496 B 140ms
71ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 14 Oct 2022 04:35:13 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://fbu.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
54 B 175ms
90ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,mc_hook,pubmaticBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=1259082910
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fbu.ua
date: Fri, 14 Oct 2022 04:35:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
496 B 147ms
72ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 14 Oct 2022 04:35:13 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://fbu.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 141ms
59ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,mc_hook,pubmaticBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=1259082910
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fbu.ua
date: Fri, 14 Oct 2022 04:35:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
168 B 37ms
36ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,mc_hook,pubmaticBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=1259082910
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fbu.ua
date: Fri, 14 Oct 2022 04:35:13 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9EF6 79 KB
27 KB 131ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52e0986305d8d469da060f63d936026847872cbc7788c6fc6dbd4ed79f048708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27655
x-xss-protection: 0
server: sffe
etag: "1363 / 894 of 1000 / last-modified: 1665698735"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Oct 2022 04:35:13 GMT

GET
H2 200 googletag-catfish.min.js Show response
cdn.admixer.net/scripts2/ Frame 9EF6 7 KB
3 KB 126ms
125ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts2/googletag-catfish.min.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ff18e6bf184bd659c14d230a8551bba2902c2b548050d9f3c746c78122e4228c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
last-modified: Fri, 21 Dec 2018 13:38:59 GMT
server: nginx
etag: W/"5c1cecf3-1c95"
vary: Accept-Encoding
x-cached-since: 2022-07-05T12:59:50+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 06 Jul 2023 12:59:50 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 83ms
40ms Image
image/gif 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=44409016d2bf44208075ffa918bd053f&cet=4&zone=D765F72B-6873-4AB2-A57C-C4C73395089A&rule=58BCF2ED-61A4-4996-AFDB-0112DC8A7C8C&requestId=ee93e1df-1fbf-4631-975e-3cb6ebd2b2f1&hp=1150966626&page=fbu.ua%2F&pvid=14ec1006-6258-4314-9378-d2c88c3de17e&inst=ADS-EU-6&ts=638013189127194373&sf=0

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 04:35:13 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 74ms
38ms Font
application/font-woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/8c00668183.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/8c00668183.css
Origin: https://fbu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0VGMPNW2V2N6RYMH
age: 310097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-amz-id-2: u7CAf3Aaf+PUTOgY/I7feviQInTOy/CdTrhj/d9nDElFWCFZrnJLe22iA/298Q3PpgVfxmCMuCk=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UlVi777JIUFREWdTuB8%2FM%2BNTEV3tnnuDrrB4eRhhi71Dr52n2%2BmDnAII%2FqqNZOIqA1vrm%2BoxTqBzG1LEOaRxOB5NQqZs3y6wQyRavklGGJ5Yp%2Few9xr%2BZ3k9kfKHo5au%2FbYILt8TmDYQEQgBaEwuyec"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 759d9b677919e660-LHR

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
168 B 37ms
36ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,mc_hook,pubmaticBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=1259082910
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fbu.ua
date: Fri, 14 Oct 2022 04:35:13 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
403 B 255ms
113ms XHR
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fbu.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
54 B 70ms
70ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,mc_hook,pubmaticBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=1259082910
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fbu.ua
date: Fri, 14 Oct 2022 04:35:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
496 B 42ms
42ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 14 Oct 2022 04:35:13 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://fbu.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
208 B 125ms
45ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.8.0&cb=89635443426&lsavail=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 14 Oct 2022 04:35:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://fbu.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
233 B 80ms
80ms Ping
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWtnvlzsnp0LZ35SC

Response headers

Access-Control-Allow-Origin: https://fbu.ua
Date: Fri, 14 Oct 2022 04:35:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 129ms
49ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=fbu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 131ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fbu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 334ms
334ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1483455357927315&correlator=1509516815468157&eid=31068501%2C31070340%2C44714449&output=ldjh&gdfp_req=1&vrg=2022101101&ptt=17&impl=fif&iu_parts=29636627%3A22649497495%2Cfbu.ua_970x250_hb_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90&ifi=2&adks=2550041922&sfv=1-0-38&fsapi=false&eri=1&sc=1&cookie=ID%3Dda7a77a6ada7c385-22ec84e347ce0003%3AT%3D1665722112%3AS%3DALNI_MYlS1A51FKUVpN77dQe1fYeOTyS_Q&gpic=UID%3D00000b7287436422%3AT%3D1665722112%3ART%3D1665722112%3AS%3DALNI_MZPjtE3TnFpGGBKxbxMVR4oczCKCA&abxe=1&dt=1665722113217&lmt=1665722113&dlt=1665722111623&idt=768&adxs=215&adys=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffbu.ua%2F&frm=20&vis=1&psz=1170x0&msz=1170x0&fws=4&ohw=1600&psts=APxP-9CUD6w8_YKiKQXGvS_dHMPHQnfpC0N3if2YAtzSNfeXVM7Cwd18J0PwCSaCJBYY8J26SCKbyC4Fj-ESpfi5IZ8&ga_vid=632958336.1665722112&ga_sid=1665722112&ga_hid=961908464&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

66269bc7bbb62f55ea8b5926fdc3054a3aaf4f5ddc0c49551de562a9c6bd5785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9927
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fbu.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
233 B 200ms
120ms XHR
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://fbu.ua
Date: Fri, 14 Oct 2022 04:35:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 355ms
354ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1483455357927315&correlator=1674786040438935&eid=31068501%2C31070340%2C44714449&output=ldjh&gdfp_req=1&vrg=2022101101&ptt=17&impl=fif&iu_parts=29636627%3A22649497495%2Cfbu.ua_970x250_hb_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90&ifi=3&adks=3201412746&sfv=1-0-38&fsapi=false&prev_scp=hb_format_admixer%3Dbanner%26hb_size_admixer%3D970x250%26hb_pb_admixer%3D0.10%26hb_adid_admixer%3D192c8fcb104a3cb%26hb_bidder_admixer%3Dadmixer%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.10%26hb_adid%3D192c8fcb104a3cb%26hb_bidder%3Dadmixer&eri=1&sc=1&cookie=ID%3Dda7a77a6ada7c385-22ec84e347ce0003%3AT%3D1665722112%3AS%3DALNI_MYlS1A51FKUVpN77dQe1fYeOTyS_Q&gpic=UID%3D00000b7287436422%3AT%3D1665722112%3ART%3D1665722112%3AS%3DALNI_MZPjtE3TnFpGGBKxbxMVR4oczCKCA&abxe=1&dt=1665722113231&lmt=1665722113&dlt=1665722111623&idt=768&adxs=215&adys=4065&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffbu.ua%2F&frm=20&vis=1&psz=1170x0&msz=1170x0&fws=4&ohw=1600&psts=APxP-9CUD6w8_YKiKQXGvS_dHMPHQnfpC0N3if2YAtzSNfeXVM7Cwd18J0PwCSaCJBYY8J26SCKbyC4Fj-ESpfi5IZ8&ga_vid=632958336.1665722112&ga_sid=1665722112&ga_hid=961908464&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

5c94f1f248a67a5a8fe23dc02ebc2108cae1b26f7b33ca88dc97fa5eafe705cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9651
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fbu.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
233 B 80ms
80ms Ping
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAJfqBLbzcgefdaR0

Response headers

Access-Control-Allow-Origin: https://fbu.ua
Date: Fri, 14 Oct 2022 04:35:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 361ms
361ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1483455357927315&correlator=2787101040599982&eid=31068501%2C31070340%2C44714449&output=ldjh&gdfp_req=1&vrg=2022101101&ptt=17&impl=fif&iu_parts=29636627%3A22649497495%2Cfbu.ua_970x250_hb_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&ifi=4&adks=686523744&sfv=1-0-38&fsapi=false&eri=1&sc=1&cookie=ID%3Dda7a77a6ada7c385-22ec84e347ce0003%3AT%3D1665722112%3AS%3DALNI_MYlS1A51FKUVpN77dQe1fYeOTyS_Q&gpic=UID%3D00000b7287436422%3AT%3D1665722112%3ART%3D1665722112%3AS%3DALNI_MZPjtE3TnFpGGBKxbxMVR4oczCKCA&abxe=1&dt=1665722113243&lmt=1665722113&dlt=1665722111623&idt=768&adxs=215&adys=2835&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffbu.ua%2F&frm=20&vis=1&psz=1170x0&msz=1170x0&fws=4&ohw=1600&psts=APxP-9CUD6w8_YKiKQXGvS_dHMPHQnfpC0N3if2YAtzSNfeXVM7Cwd18J0PwCSaCJBYY8J26SCKbyC4Fj-ESpfi5IZ8&ga_vid=632958336.1665722112&ga_sid=1665722112&ga_hid=961908464&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ffbb4e58c4f6f0cca2eec969bb855c87586b4314ccb198885efee4130ec2f2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9789
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fbu.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022101002.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9EF6 380 KB
128 KB 40ms
40ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js?cb=31070339

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131337
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 16:09:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 13 Oct 2023 14:19:31 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 9EF6 81 B
99 B 50ms
49ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fbu.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

52b217d997fdb001d98bce72bd236ce1330b42f07d3b21a27ef0785ad354e5ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
expires: Fri, 14 Oct 2022 04:35:13 GMT

GET
H3

200

/
www.facebook.com/login/ Frame 2A55
Redirect Chain

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=502927040048276&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D502927040048276%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

121ms
121ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D502927040048276%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df32e24fe19b5dac%2526domain%253Dfbu.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ffbu.ua%25252Ff35f05acb5a7858%2526relation%253Dparent.parent%26container_width%3D341%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUkrBasket%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=67ba548d887fa906f140b419d97bd323

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Oct 2022 04:35:13 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: KifMJlw1ss3FDJB9Vckxaai/4cdFSlI/J1dJCZUlY1+VNRKmWDC81JZ18W+u275goXwJmirI+9oMewtsOqQBLg==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 14 Oct 2022 04:35:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D502927040048276%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df32e24fe19b5dac%2526domain%253Dfbu.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ffbu.ua%25252Ff35f05acb5a7858%2526relation%253Dparent.parent%26container_width%3D341%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUkrBasket%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: AsEDuVD8VCT8s1hAQN/rZ0LwPWIOcvT2DnWvbTXmWOZ5KH5g5J7MwJk8rDjQyukBbQ7WRdEBxYcTa/9epkaCrg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 143ms
54ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60e7ef274d0263042af1eccd0a2f25ae706c91f36931f134017b71f3fb8a17ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11277
x-xss-protection: 0

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
233 B 81ms
81ms Ping
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarywUs7J4Lu1AqbGTDA

Response headers

Access-Control-Allow-Origin: https://fbu.ua
Date: Fri, 14 Oct 2022 04:35:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=fbu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fbu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
11 KB 388ms
388ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1483455357927315&correlator=1813116678196652&eid=31068501%2C31070340%2C44714449&output=ldjh&gdfp_req=1&vrg=2022101101&ptt=17&impl=fif&iu_parts=29636627%3A22649497495%2Cfbu.ua_300x600_hb_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=5&adks=2774183634&sfv=1-0-38&fsapi=false&eri=1&sc=1&cookie=ID%3Dda7a77a6ada7c385-22ec84e347ce0003%3AT%3D1665722112%3AS%3DALNI_MYlS1A51FKUVpN77dQe1fYeOTyS_Q&gpic=UID%3D00000b7287436422%3AT%3D1665722112%3ART%3D1665722112%3AS%3DALNI_MZPjtE3TnFpGGBKxbxMVR4oczCKCA&abxe=1&dt=1665722113471&lmt=1665722113&dlt=1665722111623&idt=768&adxs=1036&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffbu.ua%2F&frm=20&vis=1&psz=339x-1&msz=339x-1&fws=4&ohw=349&psts=APxP-9CUD6w8_YKiKQXGvS_dHMPHQnfpC0N3if2YAtzSNfeXVM7Cwd18J0PwCSaCJBYY8J26SCKbyC4Fj-ESpfi5IZ8&ga_vid=632958336.1665722112&ga_sid=1665722112&ga_hid=961908464&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

4fd92c5018479ddd28e9a3032ab6416c35efe75a65441b06e3cbd56ca19ea95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10831
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fbu.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 04:35:13 GMT

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
233 B 40ms
39ms Ping
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarykO2Yrkq5LdPCVF82

Response headers

Access-Control-Allow-Origin: https://fbu.ua
Date: Fri, 14 Oct 2022 04:35:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 container.html Show response
fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DDA4 6 KB
3 KB 128ms
45ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:35:12 GMT
expires: Sat, 14 Oct 2023 04:35:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
233 B 40ms
40ms Ping
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryymn5rC50wH1r9Hhb

Response headers

Access-Control-Allow-Origin: https://fbu.ua
Date: Fri, 14 Oct 2022 04:35:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 container.html Show response
fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BAF0 6 KB
3 KB 103ms
47ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:35:12 GMT
expires: Sat, 14 Oct 2023 04:35:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.facebook.com/login/ Frame 1A1B
Redirect Chain

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=502927040048276&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D502927040048276%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

144ms
144ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D502927040048276%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df10476fcf353348%2526domain%253Dfbu.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ffbu.ua%25252Ff35f05acb5a7858%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUkrBasket%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=67ba548d887fa906f140b419d97bd323

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Oct 2022 04:35:13 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: UDAGYBzI5kE8X/xlsjX+99eHOBXwZQdxWmU9qwXkOue6wh7pvP3sYwno5vk0wHnOiTO7wcEpGcRuvLCZ/dW2sw==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 14 Oct 2022 04:35:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D502927040048276%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df10476fcf353348%2526domain%253Dfbu.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ffbu.ua%25252Ff35f05acb5a7858%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUkrBasket%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: Gr5f3gxU6zD7c7AVvsvcOM+mrYiX2hMnn0Etb99cYMHF9Y19vVQneKYNPpboTZSGD5C8ghMwNrAZ4Z6ubhEL/A==
x-fb-rlafr: 0
x-xss-protection: 0

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
233 B 41ms
40ms Ping
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarykgA3YXOjcA23LWY5

Response headers

Access-Control-Allow-Origin: https://fbu.ua
Date: Fri, 14 Oct 2022 04:35:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 container.html Show response
fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D484 6 KB
3 KB 66ms
41ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:35:12 GMT
expires: Sat, 14 Oct 2023 04:35:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C109 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 26161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 21:19:12 GMT
expires: Fri, 13 Oct 2023 21:19:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5547 783 B
535 B 135ms
50ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0464bacc1a56eb5a6c41e6f723ff9d10f05fc3bc0d7e195fc36f79de836ad6b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Jyt660-aKywGUcWA8Wkngg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fbu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Jyt660-aKywGUcWA8Wkngg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:35:13 GMT
expires: Fri, 14 Oct 2022 04:35:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame C109 36 KB
16 KB 139ms
58ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 18:41:10 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 170F 624 B
733 B 221ms
46ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYgOq2vgEwAQ&v=APEucNUw8l8QZfR-ceShTYEGpohbbtkRnd0XkAmy37JMPc1l1iUjCyinUZTSnClH-kNGIFolcnMwhfoz4EcbjdUe7cnUiZ6MxoNivw3sY3X_TDyaUGEvfpQD3yi57uLBixtd9441TsfQ-Fi7u9X6IJuqiGAogzsNyjOAemwlpeAIFUpc4edZh9w

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:35:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D484 80 KB
34 KB 256ms
83ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6ublOEeDREJIxtXBK8ZFNXhN0MfY0gn4nRssciyDG1H9muRaVHEh9VKzp727Yg8E7TV2AD1otxM2wGK0aileljaopN_7NgYuXccJdRjAI2gbCTJPrRiUhGJPfYgVHtM2PgKz0KrpOV5C4Eo2TL5aYp6OmxtiUVYf34KglN4uOuui5G8s&dbm_d=AKAmf-BhY5Uv1QXHnQp9eXEZ4RVCJwpiRnYQQCsc7-sXsm1NbwBdPaLqrbioV0lnnUrfsylKrkcJfGAnaYQaut-L8dJQrrHZdF9NOshgQCXucsfWaDQM5xsCZnVJBrOKD9TIjgXSImJi5uin0O8wjf3FSLu59tbNni2YSALJCRfg0hR7cT-52BOzvtS2aNbtmxovC0LXKeht0GSJjPCxjvK3LZBqN2GKMAvSo7LiY_EKWH9FxMNAkTexSxUDCiuS5XFqIXjxdYj6jjRczPaY_-8nT-Z_SV7MsV8NCZXpiyc3K600_lflAVAuFD0kwBFEz5yPlFaBizXxUQCikTJyYSu0DkCvNpylSuf9mUe5XcTXlJAdEMIXsptVq2N8KSH8i4azLVNgEaU_96QCj8zEdAZh2CdxBQbMfvNnDWsIyGoUzcK97qXRDqBTBfKNEvST8arop0PQw-Sl-MpKQvc4m2Q1KDcxNCqDoJ3Q4A5gLNgbqc0ZVFGab0Sz-cq-_eXCGD4Ew9syCRJW8R6jAt-1epXcwDRHslTsOwJl0XNYeevMjQXjdzhfUrseb-kdZTAvqDfxDU93fldnMaSZ-QtysbEE8chiA-m5lF1m8UtNGzJGnpAlyIGMua7XDOHXLZjvgb0gjDyoZg71A1XRK0IezC6Dqo3I2U2wK9PuHx7UyWa-p0fKFHmTmMQqyMshUzb3M1LzGStEmOzSQxHhl-OQLzZYjTwterWIq2FR09C1lN80NyRiZcWEvl4vwpF-ThCCflifXvmcP6vOx9NVC1heOxQbsH4Dztlpr0cWepgcohL5gfYS3PY-p5mkmeEX3v_WmvJCRjMryMt9g1vSJASH50RvfnA7liblXmJ-XSrQFa7ffrbVDYIvCI2q9r-eJKVZUnrjiZwxZUEMgaF9DcivTSahsF2HgpiFgdpzGb8V0zpVvoc5EM6u2OU6KISUKHcDTwPmCTOexGlbz4s5Q7CyFWCJWhoX5IvIEhoZslpqJ8r1AtIVKoktXrldlsdfe_vburh_QGRuEgO6yol5vC-drXVJJpByBUy4Uirr97ovaP5olhmnSPnTahT2f6aKvxr03bDab3IicQ2XIlXEjYpoefsSXdfAz4tjH-jlEGTahpIb95AXSREG7PWis0pTrJFQLiB004_nE1iDE0J_FiAK4Twi8oVKX-wUvK8j94y36df15fydHIghDCkfiPu6nT-N-5DI_ywOGFVZ3zdMvQbDTM0fQgyC4ZCWOmuLPSI8QUMqqobLG5wyRw6b0hiRpvM1ppx1s6bf8lulFurr-pLt2tKloZ5CNXYoiH6BsXtTKeV4zlyR7fCkGCdvc8OzM62gt_aBoTAswYNBO3FZuKjX8ms5lH0mTRiDrYAYygRTVd6GqUe0bqGZmUb9t9u4ro-lVHLv36dhGAsAmJhcqrvMD1JqExfP5vy4O0pQNC4uBFC2LtAV_G_0pVU84E1sHYAKNq8zB1ckMdKNop0tEV68XzCcsi5YqW3nnyfdjQQFgnpXzXEOA71htCF6nc17reDeiTQzTjDNVmeuhrmj8jhgOpKJVyZI972_U3t5amitzY5ZQrZrfU2ZOsq6nyF3JRvf5iM2sEtkcCVv2qagXKy90TN2f-fOZz_E3nYvYiDYq-Td5ZrOZynYSi33J2maXmAaBUGPpnrfksmV3oFDNnaPdPyIlAfXYsWroDNZiGo6DcVZrjIKjZur62AVN7V0bhMWS6TIvSZJxytErPP0DcErU5F3lLTYDo9KlkPjPThix6pZQwhhx2MDZ_9XcScJJxzDw_oQRznJOdIOTyRy2hwDQAFqBDz5qlrFQTK5CPl2c4Y5D-EVa4wKg3UuKN1eCqm-bXHMee20DP7BEiq3VRSOPjprT757OKfjo13Cun-8l3fNmBwUTvRLidOvYGNp01xQZIBwCDdfY-M2fxejduT08VqCKIseblZ24L0XFS5c1S4zZpb31Ec9k_i5QD811jROpBBijEI7WerYWWAD-dc9IDdKzNooWI3i88kA_1hqyGJLzwzB0zgzGi0uE8cTqDACyUHmgqWGwe132cELLjqPbfzukyGIns85FJYmxkMoUTNvTnx9u5B4OuNs5ovFLAWXWp7RdUlvMFJNKcCfq5W6JX_zjnSRKWRd5utBQOM3Ckii4P6vtltvAqHg_l3r-fYJUdjwZwFmeY6Y09SUvOAXWFIwgueQZPp-c541BXqZw227eDHKd8BNEgnBzlHinzrr_0u3oDF9e6exkl0wvr0BdsErFqw1-Ieq2ahj8j4_MFrMxvhDJA6svAUP9RqEHQ400J_sQnv43aWJ1fAcZ_7VtrkFYRKORG0nV3GcLHhak8SiGPNTV_TKGIKnc-W2il32lq2kwmtEpSJ85Gvn-TFGfPdv4PEuWYGnbdj1y6IwLbupCE8nKmzQtTZ3JrpCQZirpAXKlRTSlhBzO2nD0c2gxsd_FoTJj5JPtmz3Dli-_qJAR51NKaKaSsSTNMlgjhETt9OrinpQ8VEkZodu1s5cGCNpdcvdH3jgVveWg2EV5-592AWcSFYOrvJulJuvvHNiF00fZOiHwD-CVMnY98qtXF0Ph7kQ8Lskui47_ksLwsSwvTA2AifIEgO61_Pl9c8qxPVdKrVYZXb5A7pWfnIOkb11isWVtXRpuoxBu0wJ10aqbm2A7fBqe47ly1ubEW-DpfcYT9PwL-kGh5nJfRib5o0YoeWRtZF88vcRjhAzwdfiRTmKkP5AMe3UWVzflgKFccjx1_NsXwdBNk_R0KfHWWZN87RTWgKHqsBEndt_noDSaYSiJ9iicl9dyS06Fx88qZyQxbn5vDuS5U31otbQVTZAlirmrE-H6mA_7oeIuAZfEVu4uZF1g5VnyAj6O_o8TDyphYxO5yJVxaTo_E--aioE2FiPrxXA3H9kugmfBbdUvYb-ROWh27iCdde3F3IAc-f21af57KNCt_6qAEHlSy5Gyp4U9Vq4_keUV-OjB1GQ2__mXgQkyBolCBAJrWYmCd7ten6U9oL1PWqBxUXGbqEQI8R2lcko1e5nyVo5_CuMUtzK4YHSfApgd-uQux1qfIznpbmdCX9kVx8mbYKD5jFFN0lZsXWqsICbnThLwdYg7y2uOxHXDR2O9XH0bWNQ6K3YsNBdt8hxVfFfTLZTOYaPr1aTrheC2KDE-NT6KgkmNleYI45GKbTsM2DLLAJZ1Cfs05Lw-K0I4rN6h6wL78NMsbGUFqqUavlQ5bUNuht_r7USSPrO7EA2httQWQcvBFYDgnx0Oq0zSyU9HhqEfUmkF0D60VduDewksn_Rqd-1fMSJOaPAOaV48kUec-nL_qjrGS26RDWURbyJhKEexvW9gxGIxkIa1ObAznBJQ3N5PIC5xhncZqQwxZuLeIHYGCpyCekEHOgr&cid=CAQSPADq26N9bEJC0QBUuWTIU1Oak6Id8fH_2Zj3z2DTRTTGtMyVb7m3mfJOiXfJ_nsUcasLwJnCTQHZ3rVjoxgBIA4&rfl=1%2Chttps%253A%252F%252Ffbu.ua%252F%240

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

942df76bea333855cf98cfeb83bcc04f08b9da9cb80aac42ed04f83d41c0fe94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34369
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D484 42 B
63 B 160ms
105ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSlE7EC_zYXCvj_sBjvT3Uk94pWj4LlgxD80jEdA5BKEKNs94A1T4AfEQKED6153eJ-vX2MF93p1D5KL-036fnwEcO6fR49JtPTt_y7x-_uvOctco

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame D484 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame D484 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D484 0
0 52ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1pT8tLTX7wlUmBXwSi1gkaLmQ0ooqenievjz98xYn6Se2j88RawFZ-j3nWZTNFPFB_EQyttJYE8K09JhbpXJVg1rFGg
Requested by: Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D484 152 KB
46 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 04:35:13 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 74BB 624 B
340 B 225ms
55ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY-sLAxAEwAQ&v=APEucNXyKsISSUbW060KIIvrZ7-ywMpNfmJx1CdWVA2PJZRdoq20uNZ0vxhHHspnIlC7xiIv3lNmjU1fDGURQapdkUSrj5vTv142qeJ5Jpn4tyU6DCMPwPWdRmGztiDHGUB9anTNuzGMG59dSKKlHma5E4VHixoLXMmxa2rSEh0n8MJEKYwo5Bs

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:35:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DDA4 80 KB
34 KB 291ms
122ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BH3B3hcpPexWh3gMVzgrmydGgPYxPvGxt8w4QgNbBF4SZ9exfhISDE1UMxPyBck0I76vEEKRp4C5hHlNiQjYCf3k9gaGtm-AR-moMycVHX7UfkR3IHzeoKAdWb3BExh_uSRwoSnM3LM5j1Cel8vG7W59r3SP132O6mXMEWYu0-yGHMgPc&dbm_d=AKAmf-CMqvEqs-mulTRBMaQkLvBctW5OG9tLUG8cnMOEfZVQCoJjv8R5A2vH6oSpf95P8HKZ8a1ixOlgHylH8IMavB0dnSVCj1fYqxrrwBn8NbbZtr-SZZnZxBHgbhqw0mBm58k2QsG3mO-hPFrfNiK7SUCbb-OTQm_0Io_tcMV-uzon4aD2982_m_Cbh9ra8kUwIw3TPs10YPJqVHkCH4dxbhPZN7tad39280pxRmIrQ6BqHCzOTY-wMlovRPddWmRr_ev65ux76fi3511jm4oUJviK-R7kLp6dS6b5zq6Og0_e7cICn7Cfy7aFfExhJ9SvKJjFWTD_GZpAIMrnGpM5rG5S0JOjdwu5OIq7IsirdoGmZLcHCJlyIqqgpQ2P53HUCuwFZEsNLXRmi9sT5VRdNxpLl6JIgisxBsPPXRzg78qGdKXcrPa8-X-xLSKhAhWJ8g7MnSJ4P4Tmuu41ZnEgGdOwoN5rwcf4dlWBlRChkexHcMAnGVF2Oylil463dgL8gBYB_YuFaZCsXQi42Z_2n74Y_HB6_VkbRFVX1cTyBthveoYsbzqSiP2IMbe_i-7lzWtwOLjmAS70rBqrlOzfRxxSEa8gD43Zb0xwonbRlgzSp1KQWk7iP5gPKITx3zl4mQZv69gWqvuR86SNFvfduqP7fCQ0j0UkDmNIWuR4TshXfQogPFxgrbrICWrVjZSem0SW_T_sxStvQ2TnWZW44IG0xE5FKJSnWIQK-nBRPRDuetjziuFghvux1zR0elM97K-zXN-f1YuKVJ0Lud5ouzqGNzirritYwm3Q9BWrqu3ZIinzWQRq3VbdQuT3U2jVnYZBIW8XjgmBbVI85qxTLipN1gVbjdkag6c1NYW7sRyelCkWuu2zj3XXq5sMCWvlEAkwJAn26b3NUbhtSedt3wh-qWaQ6yotoJK80PqZ-UhYBoyTo9TV2D-Ci3-vc1jGbFQ4LaUD9z7xFN4D3lEEAyz_E85mXwffS5Fwi20JFyFuFDof3Ba08DPvjh2esGgOMdRLJcEuSRFA2KbdxrwHpzwnjaY5iajwQdSsocb2XSXIlWXKOx81a72ToQg0W11iLvBxrJwelx4StYumGbqkSk0Zixs4Au1xRH2y59YsQyXVHVWhVmEk8ywvkbUkZ6IYofZCZsay8AQ08FvTlOS9AnngAotR8Z8w2a1v3GYmy0oMdrGaxBkQyfQYYkHUY686sxizPTIv6Vo6Mp4-CzOsUbNmdPs8AiB8h3ruO1PtbYSe5zwiORwhQTsu4uRDfFN8Q4xudEVLxOc75aLR3Z9rwGPvxJhW0vxZ_AzMCxeYuzn3dT79JX0ZxHn70chC5iMyylc9qXSo7J5Z6PiSiDJrfJb7_Oca1SNYeLXWAOq1xdgB3e9C7kwGxBD8k5Ec70nZzkuNl8bGRlut57ukP4DC1MLBcOnCMzSqDuxW5bvo4FNrJ9nc5d6oMY5MWNUOeO5FC2Js6a6XKyrGv4qtEHVY35R6eI4Olxgl5tXJJUGMHWuvwKsd_8Z3og7asMukNHfdxwVrbcgk9yAPNRRWRbaSGG8dA5OZT0NANV_prdWQJZEURxV1Y3PQpvU_Vtn8ENWUkgiXNCAPTwJ4GXY5lTR1mDreDD0eVg8yKKS3K68aP_9cCdB5WcT40hp2rQNywwqaYqFRJGJ_PF8nuzfPnOCCQBHImy0TcL5eh-I9zhE8dN56tJOc5qMpX2TC71O4Y4osagzLEUaOLuBDYrLOeNypmOP9XVjsFdeqPFFbnAzQdQHyKTfPkF2Yle1LUDs7N5ipgXnCatUBwl26cw9jvo0ddBPW6KJgQaxhz0em6zZZODU9D4N3V9mQS2QX63-JCQrFdOUYhWNLNl3jmPiLCFuD7chiKSKGX1eQ6eOQlL_YhKM2JLYpODbKE-kKQHzwGurlWd1ZYamiLv2zBMk0X5swt9wFWJbv3-fgbo4zqXHB9BTeGPxwu1KJyguh3rtOrLFxD_BBwvgG-jVb57HO240X-IlgKdWMwh3KbcSKSH4n1kskI7HXdFZ_yVNqr6JVbpNl1HvvrgeUBtBkT7o4U4_2pMAuX18_tB3mXYJADmBoM857xW-oudPa0kVWCr7YDtW25OJGxk-c0sXgQWBDwnm4jT2T7TmBQgnNAiskvRB5QM3VenUxFi700uN6bQUCWBbOYG-118k30SLcpsw1UHIt-V8aU6AzNuMC4DPoZGu8DmGihrdu2VDdLDJfvUEH-LWXg6Ha_Yb4fev37SH5hRV3ca9A6YNP7PdLl1N2_E0En7ALmW9jcEekOgrpzmC0jAIRxCoz-OD-lzT9dcMO7Ahb12qy_jWyGfAudq0YWbhbQU0vRzbYR3CV_BeJP3ZmY8Gu6ZEijOaUu9RoeDy8vve74svytupnBE5uTcsgir9pBabHiiV9ujqNKfqahMyi4YjOKlTqXYzV6yw5wJL4Lb7gHUaIxsgSPKPV9R58eJ1r1uftKW_HP74wz_OeLjCZ3d3HBRJl5vXh2f69q-3XjjpCw4xHcp4tZnoxZ4TnWPeyftBJ3no8yRSdQ_SZLdioTl4qXPj6_ZX1BjSuOm1YOXi9GOFLRrZ6yRzvQJIAbdpJLDekzViVd_W5TSraSSaRNzJtdusBv74JSlXgEnWu-oNNuk1Oj-p_Qwdr4DmQz4OWFqcNogaq0viGiSWBg8InpRadrGlY6isFctbXKqgOXjakdGVZpzQ3N57OMs3o30IxTBCgb_iH0mrknlJGkiDhmZoqHpCOM8qKAwQio1vVbbjR4R_hqSjJvykMR7CD7TLOM3yoF9majZp2OqmAcUMbaPvAH1gZ9bYNVW54MdygJECFZ8gPGKB156gU2wH99xsQ1TXnKcmEJfukpF12FdHAYj4pvv4Ob24DUJdKHIt9PIbGMgWG-ts-IZW5bN-SLwx5thoJGl11hqTlWeBGC4zup-JMjrhAA8ni9vgpxRS2mHriinkeavQFwAT_ku2Bqw_4TY4wx67z-M2a9Pu1fHtWr7DQR8gxLQPGgUQOWkafmYvTEx6PSnWh09UUIKEFZ6Tg8uzM5dpMO_ZuLfUBTtFc10tFbZUt7OnrVJMo5iiH5a1TB14WG58ONyMrt99ksMLml6PW7iL91Vxu4OjCMwO1cJQsPNE647oe9uHD-o7Hc5k_z2grCyRQ3pRoAfvGefhuQSvKEI9yn80&cid=CAQSPADq26N97cvkXQqNnFR5gMqetqhxmHIAN_Dzra_Gbv45E4gG65YSO5LJuEemqMb7YH8T0by7Edt1FEJtqhgBIA4&rfl=1%2Chttps%253A%252F%252Ffbu.ua%252F%240

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ba2a61b0da48f358260adaac2c03bffb0e0bded9c4feda7c3bd005a5073b552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34450
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DDA4 42 B
63 B 157ms
107ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DyJSIecLgs4ET_pfZqdovKTMiEqSCbz9wm8M0yjkt2Af5G7aICEPYK8ITVgu6J1kRekFiH70MUei6zfSKs4goGa6d9uqHX4uysU31yFANLYMuS0H4

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame DDA4 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame DDA4 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DDA4 0
0 50ms
49ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSz4ZQeStNmO1CtOQd4onPo-Obgrnqp67SevB-XHH8l50EOm1B8sEFZORPILFXOC4fNyel6wV2-m9fpx1A8b1OZ6ltA9g
Requested by: Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDA4 152 KB
46 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 04:35:13 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 00BD 624 B
340 B 214ms
50ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYtb2B0QEwAQ&v=APEucNV9YigXCKiSsMEpyI-pYXB3uHcbUtGyz5ME6x87CSXWsbNYCAxcm2zsS-0PU5Yrq8KLdSmQ349jA07BEsM7f7k3msQIyR90FCtwT_hhCehvcRjlqIhZRU3XwT9YeMxbMpn0QfZDsk7Rr27befbn8jNWlN4ukiSNq5C8ie0kZ3egn-IEMbc

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:35:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BAF0 80 KB
34 KB 313ms
149ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJFiY7VKgu9kA838SYmFX1Nr7IrLiSsNCGTGbzT0YyL7XDHgYm4NuhGUMFrQLnUkcVuE3QwS_Epc_ZiTCySaX-oAU0JbwyZJszt9_kX7qkmvlAjdDmPnoKDBkvExp-Z1TmuwvF7yFoRtI6QK0mh7_KakCwz0m9Db2m3YocH4P12AX9Nyk&dbm_d=AKAmf-BfBKORN2cLhBszLBhLx9g0K6h3x1sO_qXp1BLYvE2r_qNAiYRGsEXXCCcLu2zg9fI9YPMiK9TpJ_iCn6S6AhShWJkDrnDTMPPxdXe8Y5j72CP5IRxNFwKcZvhn-c6Iwkf3Xt9_FzknbwZAnc_QjcEIr6G6c3X8h_U2rZCUjCpxWwE8zMrwp1caQR3Ed1OS8YlqQwjJ0KOEF7ZTGb8wSvVctYugDKPhztsMNWrw6y93ASzEjJzBBwyZLEy0fI40URhwdW9OeOfzz2JgR3WFvDNFWAy3VXxivQX-nH35RFP_gPajHioI_XsZRPXImJSuVl-yqHV3sRlk7c3CkcCOYVbcA-P7GQ1usDRAb4-gHfnq4iqWF8WtsbYLuyDFg8C3qb7_l0wolXqariLQPg489I8Iqt6H9VgSmKVOK18GaChJ1PhYtz0HhscqqOJSfOI-AmKXQkNf5p6jnB8Jmbu8JAdIZtRRB1ijJHJ3SsAnk7g7Q82fJfzBMaz-BegKl0IWQcGpjgYF8M_vfHiXzXqmxLsW75WGdFiCiJnoX07EI6QzQb85Mo126v-vPvoV7PSp00SYd5Fk4aZ3rspZu1_chwTI2R4n_cyIsc_Eai60CnUuxVBGt5SsbCCCFGjwsXPpKpivdrkqcX1kPv_a8E-7yBBeO_-yACq_ul_T25xj3cl6LFWVkPXyc1kva_mTZHhLIxo1TH5vXJomEA2szJSq0qRvYbZsyK4jDz50-N0OqtzMZXBSN3OsEvXB-veqGRMjJrMJcyDp4XZZaNhUqMRedZk3b5z4wmWmUrDdLl-BsKKcDgf1NiTRo1VDpGIL0wayCySkuoBBeLoXEbEkDfdnJkEPXuqVk42Y3YAdUHANiyiUY6j1YVQilIN9KLIjkj44xGc7CtWPJCZoG5YIoJMaJi-FIxzfOAmAqYMgsnYsbURAhTFDpXMMaiOW0cUA4V1jjNW_4f_O415wXkzU8TXvlwRmZ675mPYJsayd3xL3hTsiGr2O_kTrwoJ9igzPVkfSjUbGcWa7nVg-61iT6lVVnMjPI4RLFuwcuZ8Um0RMbRHJT4AllsiWmWtmCzjxT6bDV7Lk8NrrxlVRWq3ZmwMABKYp3p7FsGVZA5qD-LHxrAmYlAM4oGYJYB-RSMMnTe_jRplQdSa8_bE2EQ3gNFbyHBDVPcDyW_Jsho4nv7NCNLBGV93Ih9_NSJ06vzTZOsWRgYbm1wJ7ERSRrqSJtZKHpFYnwaSbNIP8UMNNY8nQyW05T5_zSyhjFCwEiCjaeql4F32dr5j_RCGGcDL9oAl_ldVnqNwxu4YSLBv036yeZ9DcLRtcdfteVipULDS7ljySi8s10oijt3lrFNSdGuYqqKzImI8ahnWLNXJf0pKGI_kc4-SrTP_tDxfXkeCbezaOkKILYRCe420Nfl7S46es1JHAbRNrIJnbaoUg14kTPaIYwToYbzdN2n4peqQHIfAoJ943HFClPjgl720azNAkSXNdus4sUls8nj_9Y2-5AT1HaSeQCZSvCJYvXsIduAwLz37sJq3gasybFBP9k1QS_cuuIrR_xnswF8Vs_sLULwerhQrnltxvg6Ojar6lwmT2EbnGMe8EDxQz9YlezgR2UQ1CmB36laS0HyVhGqB3SqQEWQQOPN1OBwJd3DC3GtXG9lu6syv3_hFuy_kP-UWdUxyt8NqdHYFFDy6COUmrIchkpXLULD83DT_3aNKsvSh2w-y72e34pevy9dOkEncWGzDnf1dioECrBlPqxZdLZ9fJs17xQnr93UiWi1aCkygtdOJ_nR0Y1siro_dkXoW13IgT5bXag-y7PhnV61cN6kpwBruC-hrFki7J9UzB_Jc2m_I_8NvbA-vb7zbQgxOClEKGgtNjfxH0gioE2oyQHc474-g7xuKzK403cMX_cQEBX2c1QPuFDXI6-zK8Eg7Xye5u-l__0EJ98N6t2w3fa1qAEQMzYb15tPLHSwxGj5mCryhOWRvJRnGsUdKlcAKFCMmJfiTcdpehVz_PGChYAAvtGEjZaGB9o2rq-yBLiweClw8-R6qYyFCgs650hPIN8gdWFzabN4Uwj7BqtmS6kZfZH-HqHxo1tLixCJ8kuWAzMDB0QWcEhQR5Mr4mLXsMyJ6nDRCWWZLWwv6fPMMkv3FZIRGT28CCO7PUxKbX4IsMmgMuyE6Ldu5WOP4oD65Ur5zhyJAmPnKTXWQoHMUk19RivOqrHyf3dXV0MA6-6bd8N5IZFmN2OQNSPKBSnBUuplPKOB6PQeMIc-4KDCX37ccGkAGiBbP51q4yDafC9-n-Dx_iKzrUbmtC5K3ltE2CVMSTKHedZqRLrvxXpcC3cX4p6nwgpx8VTEgeR8EXhBOYKjMniIQ2KN8L4fLwvuXqfZ9mjNf7wdN2i4MnzdtmEZArKMMrnEa6A7FGNMUT9-foLZaIzv1zfn93Feyx1ITgIHCnZXpWbJzZ2jUjJ5SbTO-0I3qgsSsmd4iQtNSCVoHmxOGs1BeAOncmrsCp20WDtgZCq6h_zfafDVsRiUvogqJjDlcfzbNfrrQI9gAQQVZwSZNe1frRK1UoH5xDzN0c5BwZ3sq0qNSZLTkvG6t9GVVm11Z_yRrbFLnGA5R6lgeZpVjZd338wwse77XmJlh1dCjkNyp4OQv-b3jYcEVai1WaAGWCuUxaz84b1jXGpuShN0uPdBsqkpzY8nc-AwhyjkscYVJkDXdLMzcU8FwMVL1LKaL-WiM20BaMHYVvZu612UqmGBc_rsNJwVxFrsx6I20ESplgqD8zR92Kjvb5eIFVIVBBx_SeDnkR6UH4oyQ8IcqRyhJPC6g58invpBRIz6TMD-Oi5kEPusGGBLENeQ2ANqXHk72saiKdCK-nvOXBI2FlbdxiBC-ZIn_m5DN-qG88XOFd-Ry7D1D91_D_TgtjgwweR5jnXIq3foDhW91aHhXQMdaQxIQTciIWxz71Ua2vCpdJ6r5Snp_Z1dZOoTTwPqAmB_GavH12yyRPMS5GSzcUzqrjM_5uueZS307EWoC02Lsx__fnkTdlP4jo7ddL_WFI9relVcaUEf90VwmjyKjU9OAOXGl2uYphGFSoJrQDT3J02QAChpybrO1eQDVnAdoyN7xDttk6iJBnONF_NX7McZIZmjZePN2DJudWQfc_ldHQrVdLW3OUr_wC76P0GxCvVshiZNUSS91ZjsQpnnbQqdbhlaeCnU2fGy9SAtI3JtoDgH9RZy99WQrJ-ja_juvPr1Ms6IKnfdaKxlXuyI0knFoQoyz3sSMir8vE-fuP0Xyidxt2Y_7tmCz7gAwjV4AEBANkbV5AopV_G6QCShDR3d3p1h6DVg9t7_CGRgLbL_a1zIHSaMNU6Y_nZfMySrHVrF82I31AH5fAOYPzRlQZeDZ9&cid=CAQSPADq26N9IPR0WdBNeo6PpjxfbbT68z9qfjK2pRioqC5FT4exzR0RWADwPgAnlQk6aXObM96uelqmSUU6whgBIA4&rfl=1%2Chttps%253A%252F%252Ffbu.ua%252F%240

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0a20f4a5456fa75f0598268fa93bada6e516e32d46f3899dc3a51388deaa1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34541
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BAF0 42 B
63 B 153ms
108ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DnXSOcbHNiZpxyLe6demdV_8tlBuzGdFrIMMvSxxZajp5Ry779vZL2do1b1iRTuhm6SsSNAVQF_f36iGQ32x2s5Sh_JtsFTaQukuD6NmeOEuq2cMg

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame BAF0 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame BAF0 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BAF0 152 KB
46 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 04:35:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5547 0
0 99ms
98ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101101&jk=1483455357927315&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
233 B 55ms
54ms Ping
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryYexWy0RIpaT1Oz7c

Response headers

Access-Control-Allow-Origin: https://fbu.ua
Date: Fri, 14 Oct 2022 04:35:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 container.html Show response
fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 41CA 6 KB
3 KB 55ms
55ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101101.js?cb=31070340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:35:12 GMT
expires: Sat, 14 Oct 2023 04:35:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 170F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1

43 B
766 B

57ms
56ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYgOq2vgEwAQ&v=APEucNUw8l8QZfR-ceShTYEGpohbbtkRnd0XkAmy37JMPc1l1iUjCyinUZTSnClH-kNGIFolcnMwhfoz4EcbjdUe7cnUiZ6MxoNivw3sY3X_TDyaUGEvfpQD3yi57uLBixtd9441TsfQ-Fi7u9X6IJuqiGAogzsNyjOAemwlpeAIFUpc4edZh9w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 170F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0jnAvdWOvvt.cfqy-a4ywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2

43 B
766 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYgOq2vgEwAQ&v=APEucNUw8l8QZfR-ceShTYEGpohbbtkRnd0XkAmy37JMPc1l1iUjCyinUZTSnClH-kNGIFolcnMwhfoz4EcbjdUe7cnUiZ6MxoNivw3sY3X_TDyaUGEvfpQD3yi57uLBixtd9441TsfQ-Fi7u9X6IJuqiGAogzsNyjOAemwlpeAIFUpc4edZh9w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 170F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1

43 B
1020 B

53ms
53ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYgOq2vgEwAQ&v=APEucNUw8l8QZfR-ceShTYEGpohbbtkRnd0XkAmy37JMPc1l1iUjCyinUZTSnClH-kNGIFolcnMwhfoz4EcbjdUe7cnUiZ6MxoNivw3sY3X_TDyaUGEvfpQD3yi57uLBixtd9441TsfQ-Fi7u9X6IJuqiGAogzsNyjOAemwlpeAIFUpc4edZh9w

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
AN-X-Request-Uuid: d05b188c-6b31-467d-9470-1829cc0f8598
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 170F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D

170 B
232 B

115ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
AN-X-Request-Uuid: 64a64dd0-b2d8-40e3-9e40-abfdbb75e45a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 00BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1

43 B
766 B

58ms
47ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYtb2B0QEwAQ&v=APEucNV9YigXCKiSsMEpyI-pYXB3uHcbUtGyz5ME6x87CSXWsbNYCAxcm2zsS-0PU5Yrq8KLdSmQ349jA07BEsM7f7k3msQIyR90FCtwT_hhCehvcRjlqIhZRU3XwT9YeMxbMpn0QfZDsk7Rr27befbn8jNWlN4ukiSNq5C8ie0kZ3egn-IEMbc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 00BD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0jnAvdWOvvt.cfqy-a4ywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYtb2B0QEwAQ&v=APEucNV9YigXCKiSsMEpyI-pYXB3uHcbUtGyz5ME6x87CSXWsbNYCAxcm2zsS-0PU5Yrq8KLdSmQ349jA07BEsM7f7k3msQIyR90FCtwT_hhCehvcRjlqIhZRU3XwT9YeMxbMpn0QfZDsk7Rr27befbn8jNWlN4ukiSNq5C8ie0kZ3egn-IEMbc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 00BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1

43 B
1020 B

54ms
53ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYtb2B0QEwAQ&v=APEucNV9YigXCKiSsMEpyI-pYXB3uHcbUtGyz5ME6x87CSXWsbNYCAxcm2zsS-0PU5Yrq8KLdSmQ349jA07BEsM7f7k3msQIyR90FCtwT_hhCehvcRjlqIhZRU3XwT9YeMxbMpn0QfZDsk7Rr27befbn8jNWlN4ukiSNq5C8ie0kZ3egn-IEMbc

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
AN-X-Request-Uuid: c7b90ca8-e25e-4eb0-a3eb-e668c4671bc2
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 00BD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D

170 B
243 B

74ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
AN-X-Request-Uuid: 3abd8a1c-4063-4378-b8e4-f87938aeea85
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 74BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1

43 B
766 B

56ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY-sLAxAEwAQ&v=APEucNXyKsISSUbW060KIIvrZ7-ywMpNfmJx1CdWVA2PJZRdoq20uNZ0vxhHHspnIlC7xiIv3lNmjU1fDGURQapdkUSrj5vTv142qeJ5Jpn4tyU6DCMPwPWdRmGztiDHGUB9anTNuzGMG59dSKKlHma5E4VHixoLXMmxa2rSEh0n8MJEKYwo5Bs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 74BB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0jnAvdWOvvt.cfqy-a4ywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2

43 B
894 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY-sLAxAEwAQ&v=APEucNXyKsISSUbW060KIIvrZ7-ywMpNfmJx1CdWVA2PJZRdoq20uNZ0vxhHHspnIlC7xiIv3lNmjU1fDGURQapdkUSrj5vTv142qeJ5Jpn4tyU6DCMPwPWdRmGztiDHGUB9anTNuzGMG59dSKKlHma5E4VHixoLXMmxa2rSEh0n8MJEKYwo5Bs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 74BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1

43 B
1020 B

61ms
61ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY-sLAxAEwAQ&v=APEucNXyKsISSUbW060KIIvrZ7-ywMpNfmJx1CdWVA2PJZRdoq20uNZ0vxhHHspnIlC7xiIv3lNmjU1fDGURQapdkUSrj5vTv142qeJ5Jpn4tyU6DCMPwPWdRmGztiDHGUB9anTNuzGMG59dSKKlHma5E4VHixoLXMmxa2rSEh0n8MJEKYwo5Bs

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
AN-X-Request-Uuid: fde9ff10-81b8-4947-a90f-5d1430728195
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74BB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D

170 B
188 B

135ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
AN-X-Request-Uuid: 8546fe06-9a41-46a0-834b-4647516a52d7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 07CA 624 B
297 B 143ms
51ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGO3MqtIBMAE&v=APEucNX3GSB8-Q-uU_-X9OznwDqkhgdYXN4YOpsmrDAyh0Xd3BbHpacUiwE4_qKi9N6JUQPSG8im99_VDHiRsj4-bG-WDSn4B_xaqFLtrLvoFFWkqivPw6VpXEKGsDIgkNAw_KPvF837gDFycvJFpYT-Qs-McWzhiebcZ-F5AY0MvzP7l_IObc8

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 41CA 28 KB
17 KB 169ms
79ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3-7hV_12Id9i_TxeAx9tG0eiZyky9JKByFCg27tGcb7dHTOvcXrglLuVtlBXU8Cymd9NRHJKb0hMto7J2XznQyWQxCvqT6ecBjjszz7KJfIaMKTYpysGGdXJGablc-_9z-XRoUylqjH44vftA21o9_UvK_HC3av3iERUcbAs7RjM-rpQ&cry=1&dbm_d=AKAmf-DPGmEU8im-Mky8PPG1wCW86dvuod2oualjJomB7S01PGEaxaUrHRGS2bIC_AKzza0411lvIUHpbLI5n58P7AZKsF8AbF7NkAXaHiuzKLdpcz1HLyOekNf36HltnmV5KOvBcrg8rF4TTiFOsC5-ZLuSvO36KpndrYD5Ajw0ZRTi6y4TPycSqgRdoqGeImbJutVyVBRMHGjX2F1VXYUrEvaJfRVX8g2scwkX159UZbCFeJCLQg_wjhpyt5yLaJcGYccbn2woFfpg4Cs7mSGmbsSOYt-2D3hozdh9zch0AKVL7suW6HawK-LQDxgE1Qx3jg_IQr0plmVrIKbm2h-LJzL3xeAjwo-XmOVqkIA5idy70yp3PBF7zqkKffVZ_nGdHemJY94D5geM62vyCUGCsIdg2PObXWO-GBJm1FbEno7enL1wncyp5DgB-9WghgtpnE12p-oLn87YBe7gzQK2FutoopnyCSLAHvUL-o97PLqyqrnng-AAyTmUPDKEl5eM_o14E-XHd2WRsuECV_IYB-SZxLQp03ujrd4wgB8VWbHc4tuImwGpHR_XQ5QmFJxGlFY9omXGr2EExcqTGyoWbwxv7FDk67J4uKW4GnK-NYoooOfMWWOugubUcRY0S9X1S0NaZmX7P3K2a0y_kYgvZbmp_jVQC8TH4TThTayOLMCdLDrFQCteowAPvYOv1tkmuidFm3pW30stZZpVd2sQWYpeVwidljKfcJ_ajdx225VUH-UyBh4O6Uowe2FrVTmBeZsJrpZ0ap0JO1B3HGcQOIk5_4pRfSf73t0FOrHyMrsnKoFUGxDm3aIRHME2pZWUheF3GyEOAT30LvSg0jKsnKJBoahh0cusebcmtx56WikDhFGKvyVkDY1WlYGze-fGieIMmbj-mJaLUw6RoHoDL68FEppO4XoQlJG8CeKP7FRnEbzFrUvs4mAQZMa9s6kSG17dgKe8IJ33DMl9OlfITyygUWYZ9oPBkJzekIFtYe3uLAq0kYo8amEUKuobhLswYQp9QV3g-UtQsqyIToGtes96LdbJ_TQe_Hnkigbzm_CpHQjAwZxWs9VD3x-5smuyPlvostcVcUvzoMN_5FFw9MOMoc9vl7twv2wfagb9tx6t94RDeImSueEYlv3zEFo5hn0ogRd_pexICvpVG_yiOQ7BhtPn-tgj-c2SSfFhxwzS_zxET3Uk0c0qa7ArkTUFKyF7hmtcMGOMbd7RIp1h_gKpsQiEeyoK_lLfzEn30YKvRfEi_i53RrYJw-3XmvDFwKcOuwBFIdbWKUcmJr6ThIxZB3dC6jgH8UZmMHupmPL_O1Xpzh0wNKrgFBtcT5lxq54oU2O4efyb_BHw4tsNK2MyAiM9Oi1NlaExCug9SBUurE8YvqAJSE471yGQsGahSPJoGyqPn3mBZkZWHhXjw2yYfM4hnCKmhg3uB0R0ApPzLVsEGzIXig5CmGc7Qfwy5Um6GXpHn4kI7DWai4ivl2AUrPFH6gHrZoty9fPYWibFnT4MgK1r_kUDUYbLwhI1k-Pk_gRuNUZIBn-epjmFMHZOWIMLvvkID9gj_IT8zrU3xJC0QVJzqs09L1D3X91yWuUjl4M3s9z6svNQ39pvkLd21whpdzSKgfRebgqAIsJavTW1B-EsnU5mc8Pab2dPtE6F0wNZR_KP5GPfOHnTjZm-e4BDyyvsEhu7c56q1V9sskjeKwQb_kT4syAW3N7ntcN6sruBt9TPYW_xpgSqf8sqsgWduku_SwHciBlpH90GcSueoTQteo4DlZOg_vlpyO6qSN7rpXAeRRp6yg6ADHCQjytOWSQ4UMQbZM1tjGNbmf0cXPMkiirjVIhtNextAIUJmBDVN3rUDgs5IV2H9kL2Sd2eMFTtWMLDsUVCMBWCo1jiPD3MoE8NnBZQ2GgP_jPQDv4x3Jm5bzioSpRoJoXOFbW32YOGofmrqoa5lLPO5go_ah0I5gUN1AKPcV-G4hjTDkBVofNMqpP1eZdC2VtkeZbjw2_91XzV1GbIK8CaNl__vrXiemKTTcxosi1dxZlnwXVfTpj90eHwIf863ZcVQOLIdxquT4yR9cFWsT5sCiCEUQYtxJmlUBzkCqfknKG9L_3YZf4w_eclBNLzqnZXVrE1DC5P5aIiFOpZZ_tpMLgTILE8gy6bXbAuV3Z6VuWH-6b9RAtyxnOZajRXYTBVrvV6_9VzjEDue3H3ljP9vueX3865_VVpG4WqYz3DaJ5O6i8AO6_DSL7dHuo3Uo4NDtYi010o3AtbMDOAhG5PL1pnDUe60uuMprVMftBUiqbXtWPwO_2hsXM9oUw-eRYUFpkv1jBxtBs5jHM_UBKhwfQ-LCstOos14D6vwtJH5rATGZIrRjWvabvTJRZ8LHeHf81LU8utwTBe-ADxrfq10q1dG00-CIc1DQB-WASbv3XpKG3-bJlZw_xZGB0Iy6xIdJ6AHBmp6pzjLxz8XFf2MUiAewxS3iQKuRwkgw242anHLd3fQK4JBBQuv7-ESviubVyPDb6F47vcqBdUehuu5QdZb0___dbiZrgJRyB-_1txcjrxTz-AS2DXPnC1ympyK-VUNjJ1mA01DYV7s8OE3Y4xo0RIK87un83sS_gDl5i2DXLgG-T-MqLy54neXL2UMZvcUYwEAMswnfv0OcW-hkF-lt2Z7bioq8FhHOigUUqdzWgTNOZCbZisxYQUv33b1zxIlcUEn8wHFjupsoYxdHWxuPBLj-oKeyTGttC0nPKPyvPkMa65JcsAGdXLHQZ6caq4r8dvRgSMBF1U31A7XpAX9-JRA9twRhBdlBLqwgsYDHeAXXppcI-igvlFIdsU5in5V6vfj2az0eE7jbHcE2EwU8gVs1FDBPXZ5xLay50E96q8BB1nWHbENn0ZUDexUcizH6PBXpKoPqcnAUZ4pSNDCZrSuXGa3GH-1hR2Qdade69ja9L8xfaEVu8p5IXaezMgL-Q1Mtauu2_4L5CDPUpwmXtlUVN5VOx8rTzQZXhoSpACEdp54e2JaFnNWC_G1t3WbMDCCOYzMkJlKSXOeI9oWN1nrrHNaD7RsO2Ex6pYIYZ3lwD_NSOuvJrlS4EC60Lpt6Rt2sqswBLQ4P7itcZtAtzAHI3s-o2yJMNXyQ_I8vw5ygFbmKVo3vu1hTYqiiX7uCKYSkuI2GeufSWyxg3fBqkHkEWPz6a25xYjQD0fT5xEnBSkHlI_8Ex6zo7DM4IRj_tJfIfKa6WVxmkosjmr3KPsXx8ZyXwy7fZ4-kCstaW1plSN1HiTaz5fInisdLTXgUBb6iKNZR9MamdhrmeVz0u4_q4DFXfuzOOR1IQQn3cBad3XRf6qo2oAwLO_zpT10sF-GSh4YUYNFCwJPMxg776LsEtskO2sir2ShxEaE3gsPLwRW3dfP8SPKWEv8Wb0Epjb8WHY9XI-0vQ3bb2OYWpat3NRqluYG2BPCAPaUsbZhFXPMDMJLrmGPF4uOAaLB6rHDNjcGssje2yTBIwqz74R3DIMI_xM9BgE-VzoaMS8y1hC3lLxOa_kdHIJW0pFzNQrdojuPOCMcmPxRXUsdeK0VMm7UuXNezaMWgmPzZrJMGHGJALMeSqWpzBNxaMZAjdRC4l7lfPsNXJQzVa-1pSMcQN-IwcSxlFIEoVa_AWvAgE3PEgxYD6tm_4ZzF4_jK_9kiL7lBuSQWXpHDh3WiqKzRiuVqYA56Op2C-D6yk0CYhnSG8yF6NDnMjTUx0G3VzQl1GLz2zNYUE89gVTvWfMUE4A_OoXGXVSDDx6Ukc7&cid=CAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4&rfl=1%2Chttps%253A%252F%252Ffbu.ua%252F%240

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b631e4bc8257e64751d6d15e2e03e8aa7b82c5f4f49751d02c28c3bdc8bada8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17131
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 41CA 42 B
63 B 94ms
84ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D1hDJ86ixIe9APTWZDThtZRBt-OJVTYTQ2qXrfRHFnnRBQxKoL1b0lEADw42iDAsM7lv_8FilorhINkSDuRrJ5ZcApYQ0l-IZk1JHJA9rMKXYk9Z4

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 22grados-prospecting-farocollection-22-uk-300x250-v2-en-22grados-prospecting-collection-uk-22grados.js Show response
adno.cdnwebcloud.com/scripts/creatives/1687/ Frame 41CA 3 KB
2 KB 157ms
40ms Script
application/javascript 65.9.66.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adno.cdnwebcloud.com/scripts/creatives/1687/22grados-prospecting-farocollection-22-uk-300x250-v2-en-22grados-prospecting-collection-uk-22grados.js?n_o_ord=1665722113563426&n_o_ct=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C0e9IAedIY-KxIqS5x_AP2cGmuA2dsIvMa6Hd9NLDEMeNmbGFMRABIOPgvCNgu4aAgNAKoAGTjM_uAsgBCakCjC0yCFRjsD6oAwGqBOQBT9Ccrp-ngohSmkPHOS4JE7BOGX2dzHNM-wRG-TVk0z9-kElbl9g9dmmVcjuLH7exxlcYmv2RrG4zWRxt8UOhFw8M8aX7Kgqim4cbV77Zen5ZzjoXvezrl8VORgrImwCMpbRFfRZmYo8W_77H9nIpYTkTDTYzrZFQqcVdTj_tgbJC51e1LZ2bc5OhQnoh_8UnLO14lu1UsLtTg5n87UsEbin9BtY5NVz_kvzEbd8_aR2I_C4zL0MI_cOehRrwmk6ao-Ub-UV68gQnM8wN-2PQO9eSS16wyzAZeItlkL3Ct_dx1L0kwAT7xJXvgwTgBAOQBgGgBk2AB9XzsJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPG378Q0BMA2BMNiBQB2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4&sig=AOD64_3gq3Ss0JkzwPt03n6IUWE1UZs4Kg&client=ca-pub-3379969116950199&dbm_c=AKAmf-BLxU8iqnm_a751PciGlVWslOenceRjtikqVl4lO19jh-GZvn9QPnU1oI_0mTd1k9SmJh8T2naEyDPHrBGZuaK1mkavQZM4JDAKi5FmgGyC3VRCdoUdpgjnddn_PlSibH22uGLNySNU-jx6JuhH9M25tsYTn9mul45Fkn_LJ-sWVe_naw4&cry=1&dbm_d=AKAmf-B5Wa9agM3kZwt9jnjSVz-kbXpeEMskEZovoEO0BDxxBfkFxQypapIzZHMPmO5oJ_er_5ozFwfTPhGLMzZnGOUYfXjPNjcYySVjDNqy21KNJA0XtL13tUvKv6kMPpq8zTDix_frP8FZlQn5ejk0kZ4aBKSca0GOhtQ7zdnjFAMQgxemvDwCH1j7P8APFuvK5g1GUHPUkUV85_UOuZIvZtGYaeMZfrjLn32zRRwguWsthlgrhISee60L5H06TUPff8y1QafdJjjeAxqSVeQhIQqx3f96BXOzvIDlVab3DHy8kRyFmkhxs83TZR5eOSaCD8FaX8QiFNox8_sRmsydXVOxZ9E73RCQNIjPi-7xUwCjas9DwVFUo5-YjVllDytWimgReOvCa7cayEucUJJ-4FE6dQeDL7a-p7zUU0gK_1PDySPy33eo8cUOB-zbIQwZ8PULWr1J0GKNV_nuZrY7YTC7Ge19rVpUZwyNptBi9-nGkm9z1y1a2-k1DpADrHA7VpSEqX-4DmNxKY3G9zhnOpMGZPLkEg&adurl=
Requested by: Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d286aac33ff5c45ddbefb5aaf97e960c3f6705482d95bc79d5899041adcb5c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:19:32 GMT
content-encoding: br
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified: Tue, 30 Aug 2022 12:37:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 69343
etag: W/"25984ce9043cb4b1ded37678c7a7fe76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: MCScbtTliHeAC-MP2VNJ86mh3zkH_xZBKjJFav5d0cpWFzNPD6E4cw==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 41CA 3 KB
1 KB 49ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 41CA 17 KB
7 KB 50ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:55:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 41CA 0
0 77ms
67ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqa-UxXLT4eT0G8QNdmHbSOANZenl3HaxUaimW_3KLC5inByjUHhmEWzDhn0TcIniDWNWXuOWwmHLaO4-g9_3PWDt8tA
Requested by: Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41CA 152 KB
46 KB 83ms
74ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 04:35:14 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame D484 106 KB
38 KB 174ms
42ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Origin: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 10:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Oct 2022 10:24:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame D484 8 KB
3 KB 59ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6ublOEeDREJIxtXBK8ZFNXhN0MfY0gn4nRssciyDG1H9muRaVHEh9VKzp727Yg8E7TV2AD1otxM2wGK0aileljaopN_7NgYuXccJdRjAI2gbCTJPrRiUhGJPfYgVHtM2PgKz0KrpOV5C4Eo2TL5aYp6OmxtiUVYf34KglN4uOuui5G8s&dbm_d=AKAmf-BhY5Uv1QXHnQp9eXEZ4RVCJwpiRnYQQCsc7-sXsm1NbwBdPaLqrbioV0lnnUrfsylKrkcJfGAnaYQaut-L8dJQrrHZdF9NOshgQCXucsfWaDQM5xsCZnVJBrOKD9TIjgXSImJi5uin0O8wjf3FSLu59tbNni2YSALJCRfg0hR7cT-52BOzvtS2aNbtmxovC0LXKeht0GSJjPCxjvK3LZBqN2GKMAvSo7LiY_EKWH9FxMNAkTexSxUDCiuS5XFqIXjxdYj6jjRczPaY_-8nT-Z_SV7MsV8NCZXpiyc3K600_lflAVAuFD0kwBFEz5yPlFaBizXxUQCikTJyYSu0DkCvNpylSuf9mUe5XcTXlJAdEMIXsptVq2N8KSH8i4azLVNgEaU_96QCj8zEdAZh2CdxBQbMfvNnDWsIyGoUzcK97qXRDqBTBfKNEvST8arop0PQw-Sl-MpKQvc4m2Q1KDcxNCqDoJ3Q4A5gLNgbqc0ZVFGab0Sz-cq-_eXCGD4Ew9syCRJW8R6jAt-1epXcwDRHslTsOwJl0XNYeevMjQXjdzhfUrseb-kdZTAvqDfxDU93fldnMaSZ-QtysbEE8chiA-m5lF1m8UtNGzJGnpAlyIGMua7XDOHXLZjvgb0gjDyoZg71A1XRK0IezC6Dqo3I2U2wK9PuHx7UyWa-p0fKFHmTmMQqyMshUzb3M1LzGStEmOzSQxHhl-OQLzZYjTwterWIq2FR09C1lN80NyRiZcWEvl4vwpF-ThCCflifXvmcP6vOx9NVC1heOxQbsH4Dztlpr0cWepgcohL5gfYS3PY-p5mkmeEX3v_WmvJCRjMryMt9g1vSJASH50RvfnA7liblXmJ-XSrQFa7ffrbVDYIvCI2q9r-eJKVZUnrjiZwxZUEMgaF9DcivTSahsF2HgpiFgdpzGb8V0zpVvoc5EM6u2OU6KISUKHcDTwPmCTOexGlbz4s5Q7CyFWCJWhoX5IvIEhoZslpqJ8r1AtIVKoktXrldlsdfe_vburh_QGRuEgO6yol5vC-drXVJJpByBUy4Uirr97ovaP5olhmnSPnTahT2f6aKvxr03bDab3IicQ2XIlXEjYpoefsSXdfAz4tjH-jlEGTahpIb95AXSREG7PWis0pTrJFQLiB004_nE1iDE0J_FiAK4Twi8oVKX-wUvK8j94y36df15fydHIghDCkfiPu6nT-N-5DI_ywOGFVZ3zdMvQbDTM0fQgyC4ZCWOmuLPSI8QUMqqobLG5wyRw6b0hiRpvM1ppx1s6bf8lulFurr-pLt2tKloZ5CNXYoiH6BsXtTKeV4zlyR7fCkGCdvc8OzM62gt_aBoTAswYNBO3FZuKjX8ms5lH0mTRiDrYAYygRTVd6GqUe0bqGZmUb9t9u4ro-lVHLv36dhGAsAmJhcqrvMD1JqExfP5vy4O0pQNC4uBFC2LtAV_G_0pVU84E1sHYAKNq8zB1ckMdKNop0tEV68XzCcsi5YqW3nnyfdjQQFgnpXzXEOA71htCF6nc17reDeiTQzTjDNVmeuhrmj8jhgOpKJVyZI972_U3t5amitzY5ZQrZrfU2ZOsq6nyF3JRvf5iM2sEtkcCVv2qagXKy90TN2f-fOZz_E3nYvYiDYq-Td5ZrOZynYSi33J2maXmAaBUGPpnrfksmV3oFDNnaPdPyIlAfXYsWroDNZiGo6DcVZrjIKjZur62AVN7V0bhMWS6TIvSZJxytErPP0DcErU5F3lLTYDo9KlkPjPThix6pZQwhhx2MDZ_9XcScJJxzDw_oQRznJOdIOTyRy2hwDQAFqBDz5qlrFQTK5CPl2c4Y5D-EVa4wKg3UuKN1eCqm-bXHMee20DP7BEiq3VRSOPjprT757OKfjo13Cun-8l3fNmBwUTvRLidOvYGNp01xQZIBwCDdfY-M2fxejduT08VqCKIseblZ24L0XFS5c1S4zZpb31Ec9k_i5QD811jROpBBijEI7WerYWWAD-dc9IDdKzNooWI3i88kA_1hqyGJLzwzB0zgzGi0uE8cTqDACyUHmgqWGwe132cELLjqPbfzukyGIns85FJYmxkMoUTNvTnx9u5B4OuNs5ovFLAWXWp7RdUlvMFJNKcCfq5W6JX_zjnSRKWRd5utBQOM3Ckii4P6vtltvAqHg_l3r-fYJUdjwZwFmeY6Y09SUvOAXWFIwgueQZPp-c541BXqZw227eDHKd8BNEgnBzlHinzrr_0u3oDF9e6exkl0wvr0BdsErFqw1-Ieq2ahj8j4_MFrMxvhDJA6svAUP9RqEHQ400J_sQnv43aWJ1fAcZ_7VtrkFYRKORG0nV3GcLHhak8SiGPNTV_TKGIKnc-W2il32lq2kwmtEpSJ85Gvn-TFGfPdv4PEuWYGnbdj1y6IwLbupCE8nKmzQtTZ3JrpCQZirpAXKlRTSlhBzO2nD0c2gxsd_FoTJj5JPtmz3Dli-_qJAR51NKaKaSsSTNMlgjhETt9OrinpQ8VEkZodu1s5cGCNpdcvdH3jgVveWg2EV5-592AWcSFYOrvJulJuvvHNiF00fZOiHwD-CVMnY98qtXF0Ph7kQ8Lskui47_ksLwsSwvTA2AifIEgO61_Pl9c8qxPVdKrVYZXb5A7pWfnIOkb11isWVtXRpuoxBu0wJ10aqbm2A7fBqe47ly1ubEW-DpfcYT9PwL-kGh5nJfRib5o0YoeWRtZF88vcRjhAzwdfiRTmKkP5AMe3UWVzflgKFccjx1_NsXwdBNk_R0KfHWWZN87RTWgKHqsBEndt_noDSaYSiJ9iicl9dyS06Fx88qZyQxbn5vDuS5U31otbQVTZAlirmrE-H6mA_7oeIuAZfEVu4uZF1g5VnyAj6O_o8TDyphYxO5yJVxaTo_E--aioE2FiPrxXA3H9kugmfBbdUvYb-ROWh27iCdde3F3IAc-f21af57KNCt_6qAEHlSy5Gyp4U9Vq4_keUV-OjB1GQ2__mXgQkyBolCBAJrWYmCd7ten6U9oL1PWqBxUXGbqEQI8R2lcko1e5nyVo5_CuMUtzK4YHSfApgd-uQux1qfIznpbmdCX9kVx8mbYKD5jFFN0lZsXWqsICbnThLwdYg7y2uOxHXDR2O9XH0bWNQ6K3YsNBdt8hxVfFfTLZTOYaPr1aTrheC2KDE-NT6KgkmNleYI45GKbTsM2DLLAJZ1Cfs05Lw-K0I4rN6h6wL78NMsbGUFqqUavlQ5bUNuht_r7USSPrO7EA2httQWQcvBFYDgnx0Oq0zSyU9HhqEfUmkF0D60VduDewksn_Rqd-1fMSJOaPAOaV48kUec-nL_qjrGS26RDWURbyJhKEexvW9gxGIxkIa1ObAznBJQ3N5PIC5xhncZqQwxZuLeIHYGCpyCekEHOgr&cid=CAQSPADq26N9bEJC0QBUuWTIU1Oak6Id8fH_2Zj3z2DTRTTGtMyVb7m3mfJOiXfJ_nsUcasLwJnCTQHZ3rVjoxgBIA4&rfl=1%2Chttps%253A%252F%252Ffbu.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:52:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame D484 30 KB
11 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11730
x-xss-protection: 0
server: cafe
etag: 9319256901541695429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:52:53 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame DDA4 106 KB
37 KB 212ms
97ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Origin: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 10:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Oct 2022 10:24:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame DDA4 8 KB
3 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BH3B3hcpPexWh3gMVzgrmydGgPYxPvGxt8w4QgNbBF4SZ9exfhISDE1UMxPyBck0I76vEEKRp4C5hHlNiQjYCf3k9gaGtm-AR-moMycVHX7UfkR3IHzeoKAdWb3BExh_uSRwoSnM3LM5j1Cel8vG7W59r3SP132O6mXMEWYu0-yGHMgPc&dbm_d=AKAmf-CMqvEqs-mulTRBMaQkLvBctW5OG9tLUG8cnMOEfZVQCoJjv8R5A2vH6oSpf95P8HKZ8a1ixOlgHylH8IMavB0dnSVCj1fYqxrrwBn8NbbZtr-SZZnZxBHgbhqw0mBm58k2QsG3mO-hPFrfNiK7SUCbb-OTQm_0Io_tcMV-uzon4aD2982_m_Cbh9ra8kUwIw3TPs10YPJqVHkCH4dxbhPZN7tad39280pxRmIrQ6BqHCzOTY-wMlovRPddWmRr_ev65ux76fi3511jm4oUJviK-R7kLp6dS6b5zq6Og0_e7cICn7Cfy7aFfExhJ9SvKJjFWTD_GZpAIMrnGpM5rG5S0JOjdwu5OIq7IsirdoGmZLcHCJlyIqqgpQ2P53HUCuwFZEsNLXRmi9sT5VRdNxpLl6JIgisxBsPPXRzg78qGdKXcrPa8-X-xLSKhAhWJ8g7MnSJ4P4Tmuu41ZnEgGdOwoN5rwcf4dlWBlRChkexHcMAnGVF2Oylil463dgL8gBYB_YuFaZCsXQi42Z_2n74Y_HB6_VkbRFVX1cTyBthveoYsbzqSiP2IMbe_i-7lzWtwOLjmAS70rBqrlOzfRxxSEa8gD43Zb0xwonbRlgzSp1KQWk7iP5gPKITx3zl4mQZv69gWqvuR86SNFvfduqP7fCQ0j0UkDmNIWuR4TshXfQogPFxgrbrICWrVjZSem0SW_T_sxStvQ2TnWZW44IG0xE5FKJSnWIQK-nBRPRDuetjziuFghvux1zR0elM97K-zXN-f1YuKVJ0Lud5ouzqGNzirritYwm3Q9BWrqu3ZIinzWQRq3VbdQuT3U2jVnYZBIW8XjgmBbVI85qxTLipN1gVbjdkag6c1NYW7sRyelCkWuu2zj3XXq5sMCWvlEAkwJAn26b3NUbhtSedt3wh-qWaQ6yotoJK80PqZ-UhYBoyTo9TV2D-Ci3-vc1jGbFQ4LaUD9z7xFN4D3lEEAyz_E85mXwffS5Fwi20JFyFuFDof3Ba08DPvjh2esGgOMdRLJcEuSRFA2KbdxrwHpzwnjaY5iajwQdSsocb2XSXIlWXKOx81a72ToQg0W11iLvBxrJwelx4StYumGbqkSk0Zixs4Au1xRH2y59YsQyXVHVWhVmEk8ywvkbUkZ6IYofZCZsay8AQ08FvTlOS9AnngAotR8Z8w2a1v3GYmy0oMdrGaxBkQyfQYYkHUY686sxizPTIv6Vo6Mp4-CzOsUbNmdPs8AiB8h3ruO1PtbYSe5zwiORwhQTsu4uRDfFN8Q4xudEVLxOc75aLR3Z9rwGPvxJhW0vxZ_AzMCxeYuzn3dT79JX0ZxHn70chC5iMyylc9qXSo7J5Z6PiSiDJrfJb7_Oca1SNYeLXWAOq1xdgB3e9C7kwGxBD8k5Ec70nZzkuNl8bGRlut57ukP4DC1MLBcOnCMzSqDuxW5bvo4FNrJ9nc5d6oMY5MWNUOeO5FC2Js6a6XKyrGv4qtEHVY35R6eI4Olxgl5tXJJUGMHWuvwKsd_8Z3og7asMukNHfdxwVrbcgk9yAPNRRWRbaSGG8dA5OZT0NANV_prdWQJZEURxV1Y3PQpvU_Vtn8ENWUkgiXNCAPTwJ4GXY5lTR1mDreDD0eVg8yKKS3K68aP_9cCdB5WcT40hp2rQNywwqaYqFRJGJ_PF8nuzfPnOCCQBHImy0TcL5eh-I9zhE8dN56tJOc5qMpX2TC71O4Y4osagzLEUaOLuBDYrLOeNypmOP9XVjsFdeqPFFbnAzQdQHyKTfPkF2Yle1LUDs7N5ipgXnCatUBwl26cw9jvo0ddBPW6KJgQaxhz0em6zZZODU9D4N3V9mQS2QX63-JCQrFdOUYhWNLNl3jmPiLCFuD7chiKSKGX1eQ6eOQlL_YhKM2JLYpODbKE-kKQHzwGurlWd1ZYamiLv2zBMk0X5swt9wFWJbv3-fgbo4zqXHB9BTeGPxwu1KJyguh3rtOrLFxD_BBwvgG-jVb57HO240X-IlgKdWMwh3KbcSKSH4n1kskI7HXdFZ_yVNqr6JVbpNl1HvvrgeUBtBkT7o4U4_2pMAuX18_tB3mXYJADmBoM857xW-oudPa0kVWCr7YDtW25OJGxk-c0sXgQWBDwnm4jT2T7TmBQgnNAiskvRB5QM3VenUxFi700uN6bQUCWBbOYG-118k30SLcpsw1UHIt-V8aU6AzNuMC4DPoZGu8DmGihrdu2VDdLDJfvUEH-LWXg6Ha_Yb4fev37SH5hRV3ca9A6YNP7PdLl1N2_E0En7ALmW9jcEekOgrpzmC0jAIRxCoz-OD-lzT9dcMO7Ahb12qy_jWyGfAudq0YWbhbQU0vRzbYR3CV_BeJP3ZmY8Gu6ZEijOaUu9RoeDy8vve74svytupnBE5uTcsgir9pBabHiiV9ujqNKfqahMyi4YjOKlTqXYzV6yw5wJL4Lb7gHUaIxsgSPKPV9R58eJ1r1uftKW_HP74wz_OeLjCZ3d3HBRJl5vXh2f69q-3XjjpCw4xHcp4tZnoxZ4TnWPeyftBJ3no8yRSdQ_SZLdioTl4qXPj6_ZX1BjSuOm1YOXi9GOFLRrZ6yRzvQJIAbdpJLDekzViVd_W5TSraSSaRNzJtdusBv74JSlXgEnWu-oNNuk1Oj-p_Qwdr4DmQz4OWFqcNogaq0viGiSWBg8InpRadrGlY6isFctbXKqgOXjakdGVZpzQ3N57OMs3o30IxTBCgb_iH0mrknlJGkiDhmZoqHpCOM8qKAwQio1vVbbjR4R_hqSjJvykMR7CD7TLOM3yoF9majZp2OqmAcUMbaPvAH1gZ9bYNVW54MdygJECFZ8gPGKB156gU2wH99xsQ1TXnKcmEJfukpF12FdHAYj4pvv4Ob24DUJdKHIt9PIbGMgWG-ts-IZW5bN-SLwx5thoJGl11hqTlWeBGC4zup-JMjrhAA8ni9vgpxRS2mHriinkeavQFwAT_ku2Bqw_4TY4wx67z-M2a9Pu1fHtWr7DQR8gxLQPGgUQOWkafmYvTEx6PSnWh09UUIKEFZ6Tg8uzM5dpMO_ZuLfUBTtFc10tFbZUt7OnrVJMo5iiH5a1TB14WG58ONyMrt99ksMLml6PW7iL91Vxu4OjCMwO1cJQsPNE647oe9uHD-o7Hc5k_z2grCyRQ3pRoAfvGefhuQSvKEI9yn80&cid=CAQSPADq26N97cvkXQqNnFR5gMqetqhxmHIAN_Dzra_Gbv45E4gG65YSO5LJuEemqMb7YH8T0by7Edt1FEJtqhgBIA4&rfl=1%2Chttps%253A%252F%252Ffbu.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:52:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame DDA4 30 KB
11 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11730
x-xss-protection: 0
server: cafe
etag: 9319256901541695429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:52:53 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame BAF0 106 KB
37 KB 247ms
145ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Origin: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 10:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Oct 2022 10:24:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame BAF0 8 KB
3 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJFiY7VKgu9kA838SYmFX1Nr7IrLiSsNCGTGbzT0YyL7XDHgYm4NuhGUMFrQLnUkcVuE3QwS_Epc_ZiTCySaX-oAU0JbwyZJszt9_kX7qkmvlAjdDmPnoKDBkvExp-Z1TmuwvF7yFoRtI6QK0mh7_KakCwz0m9Db2m3YocH4P12AX9Nyk&dbm_d=AKAmf-BfBKORN2cLhBszLBhLx9g0K6h3x1sO_qXp1BLYvE2r_qNAiYRGsEXXCCcLu2zg9fI9YPMiK9TpJ_iCn6S6AhShWJkDrnDTMPPxdXe8Y5j72CP5IRxNFwKcZvhn-c6Iwkf3Xt9_FzknbwZAnc_QjcEIr6G6c3X8h_U2rZCUjCpxWwE8zMrwp1caQR3Ed1OS8YlqQwjJ0KOEF7ZTGb8wSvVctYugDKPhztsMNWrw6y93ASzEjJzBBwyZLEy0fI40URhwdW9OeOfzz2JgR3WFvDNFWAy3VXxivQX-nH35RFP_gPajHioI_XsZRPXImJSuVl-yqHV3sRlk7c3CkcCOYVbcA-P7GQ1usDRAb4-gHfnq4iqWF8WtsbYLuyDFg8C3qb7_l0wolXqariLQPg489I8Iqt6H9VgSmKVOK18GaChJ1PhYtz0HhscqqOJSfOI-AmKXQkNf5p6jnB8Jmbu8JAdIZtRRB1ijJHJ3SsAnk7g7Q82fJfzBMaz-BegKl0IWQcGpjgYF8M_vfHiXzXqmxLsW75WGdFiCiJnoX07EI6QzQb85Mo126v-vPvoV7PSp00SYd5Fk4aZ3rspZu1_chwTI2R4n_cyIsc_Eai60CnUuxVBGt5SsbCCCFGjwsXPpKpivdrkqcX1kPv_a8E-7yBBeO_-yACq_ul_T25xj3cl6LFWVkPXyc1kva_mTZHhLIxo1TH5vXJomEA2szJSq0qRvYbZsyK4jDz50-N0OqtzMZXBSN3OsEvXB-veqGRMjJrMJcyDp4XZZaNhUqMRedZk3b5z4wmWmUrDdLl-BsKKcDgf1NiTRo1VDpGIL0wayCySkuoBBeLoXEbEkDfdnJkEPXuqVk42Y3YAdUHANiyiUY6j1YVQilIN9KLIjkj44xGc7CtWPJCZoG5YIoJMaJi-FIxzfOAmAqYMgsnYsbURAhTFDpXMMaiOW0cUA4V1jjNW_4f_O415wXkzU8TXvlwRmZ675mPYJsayd3xL3hTsiGr2O_kTrwoJ9igzPVkfSjUbGcWa7nVg-61iT6lVVnMjPI4RLFuwcuZ8Um0RMbRHJT4AllsiWmWtmCzjxT6bDV7Lk8NrrxlVRWq3ZmwMABKYp3p7FsGVZA5qD-LHxrAmYlAM4oGYJYB-RSMMnTe_jRplQdSa8_bE2EQ3gNFbyHBDVPcDyW_Jsho4nv7NCNLBGV93Ih9_NSJ06vzTZOsWRgYbm1wJ7ERSRrqSJtZKHpFYnwaSbNIP8UMNNY8nQyW05T5_zSyhjFCwEiCjaeql4F32dr5j_RCGGcDL9oAl_ldVnqNwxu4YSLBv036yeZ9DcLRtcdfteVipULDS7ljySi8s10oijt3lrFNSdGuYqqKzImI8ahnWLNXJf0pKGI_kc4-SrTP_tDxfXkeCbezaOkKILYRCe420Nfl7S46es1JHAbRNrIJnbaoUg14kTPaIYwToYbzdN2n4peqQHIfAoJ943HFClPjgl720azNAkSXNdus4sUls8nj_9Y2-5AT1HaSeQCZSvCJYvXsIduAwLz37sJq3gasybFBP9k1QS_cuuIrR_xnswF8Vs_sLULwerhQrnltxvg6Ojar6lwmT2EbnGMe8EDxQz9YlezgR2UQ1CmB36laS0HyVhGqB3SqQEWQQOPN1OBwJd3DC3GtXG9lu6syv3_hFuy_kP-UWdUxyt8NqdHYFFDy6COUmrIchkpXLULD83DT_3aNKsvSh2w-y72e34pevy9dOkEncWGzDnf1dioECrBlPqxZdLZ9fJs17xQnr93UiWi1aCkygtdOJ_nR0Y1siro_dkXoW13IgT5bXag-y7PhnV61cN6kpwBruC-hrFki7J9UzB_Jc2m_I_8NvbA-vb7zbQgxOClEKGgtNjfxH0gioE2oyQHc474-g7xuKzK403cMX_cQEBX2c1QPuFDXI6-zK8Eg7Xye5u-l__0EJ98N6t2w3fa1qAEQMzYb15tPLHSwxGj5mCryhOWRvJRnGsUdKlcAKFCMmJfiTcdpehVz_PGChYAAvtGEjZaGB9o2rq-yBLiweClw8-R6qYyFCgs650hPIN8gdWFzabN4Uwj7BqtmS6kZfZH-HqHxo1tLixCJ8kuWAzMDB0QWcEhQR5Mr4mLXsMyJ6nDRCWWZLWwv6fPMMkv3FZIRGT28CCO7PUxKbX4IsMmgMuyE6Ldu5WOP4oD65Ur5zhyJAmPnKTXWQoHMUk19RivOqrHyf3dXV0MA6-6bd8N5IZFmN2OQNSPKBSnBUuplPKOB6PQeMIc-4KDCX37ccGkAGiBbP51q4yDafC9-n-Dx_iKzrUbmtC5K3ltE2CVMSTKHedZqRLrvxXpcC3cX4p6nwgpx8VTEgeR8EXhBOYKjMniIQ2KN8L4fLwvuXqfZ9mjNf7wdN2i4MnzdtmEZArKMMrnEa6A7FGNMUT9-foLZaIzv1zfn93Feyx1ITgIHCnZXpWbJzZ2jUjJ5SbTO-0I3qgsSsmd4iQtNSCVoHmxOGs1BeAOncmrsCp20WDtgZCq6h_zfafDVsRiUvogqJjDlcfzbNfrrQI9gAQQVZwSZNe1frRK1UoH5xDzN0c5BwZ3sq0qNSZLTkvG6t9GVVm11Z_yRrbFLnGA5R6lgeZpVjZd338wwse77XmJlh1dCjkNyp4OQv-b3jYcEVai1WaAGWCuUxaz84b1jXGpuShN0uPdBsqkpzY8nc-AwhyjkscYVJkDXdLMzcU8FwMVL1LKaL-WiM20BaMHYVvZu612UqmGBc_rsNJwVxFrsx6I20ESplgqD8zR92Kjvb5eIFVIVBBx_SeDnkR6UH4oyQ8IcqRyhJPC6g58invpBRIz6TMD-Oi5kEPusGGBLENeQ2ANqXHk72saiKdCK-nvOXBI2FlbdxiBC-ZIn_m5DN-qG88XOFd-Ry7D1D91_D_TgtjgwweR5jnXIq3foDhW91aHhXQMdaQxIQTciIWxz71Ua2vCpdJ6r5Snp_Z1dZOoTTwPqAmB_GavH12yyRPMS5GSzcUzqrjM_5uueZS307EWoC02Lsx__fnkTdlP4jo7ddL_WFI9relVcaUEf90VwmjyKjU9OAOXGl2uYphGFSoJrQDT3J02QAChpybrO1eQDVnAdoyN7xDttk6iJBnONF_NX7McZIZmjZePN2DJudWQfc_ldHQrVdLW3OUr_wC76P0GxCvVshiZNUSS91ZjsQpnnbQqdbhlaeCnU2fGy9SAtI3JtoDgH9RZy99WQrJ-ja_juvPr1Ms6IKnfdaKxlXuyI0knFoQoyz3sSMir8vE-fuP0Xyidxt2Y_7tmCz7gAwjV4AEBANkbV5AopV_G6QCShDR3d3p1h6DVg9t7_CGRgLbL_a1zIHSaMNU6Y_nZfMySrHVrF82I31AH5fAOYPzRlQZeDZ9&cid=CAQSPADq26N9IPR0WdBNeo6PpjxfbbT68z9qfjK2pRioqC5FT4exzR0RWADwPgAnlQk6aXObM96uelqmSUU6whgBIA4&rfl=1%2Chttps%253A%252F%252Ffbu.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:52:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame BAF0 30 KB
11 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11730
x-xss-protection: 0
server: cafe
etag: 9319256901541695429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:52:53 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D484 41 KB
15 KB 47ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 10:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Oct 2023 10:22:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 808E 1 KB
643 B 46ms
42ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 40204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 17:25:10 GMT
etag: 48472445140208031
expires: Fri, 14 Oct 2022 17:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D484 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdecfa6f25642edbbde35ac710bb5d11a39bc73b19d936ed94b3b585dff368f9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C109 0
10 B 46ms
40ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0BYuZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DDA4 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 10:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Oct 2023 10:22:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3A72 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 40204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 17:25:10 GMT
etag: 48472445140208031
expires: Fri, 14 Oct 2022 17:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DDA4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 347bb5263c4ecdd7ebeaf380cda54c1289d6ac6061cda1dc1ae8a6acec97291b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BAF0 41 KB
15 KB 96ms
91ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 10:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Oct 2023 10:22:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 02AE 1 KB
643 B 94ms
92ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 40204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 17:25:10 GMT
etag: 48472445140208031
expires: Fri, 14 Oct 2022 17:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BAF0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1084e647373106ea035e98b202bd81437858e81f10caa18163173ef462a58eb5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 07CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1

43 B
894 B

60ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGO3MqtIBMAE&v=APEucNX3GSB8-Q-uU_-X9OznwDqkhgdYXN4YOpsmrDAyh0Xd3BbHpacUiwE4_qKi9N6JUQPSG8im99_VDHiRsj4-bG-WDSn4B_xaqFLtrLvoFFWkqivPw6VpXEKGsDIgkNAw_KPvF837gDFycvJFpYT-Qs-McWzhiebcZ-F5AY0MvzP7l_IObc8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 07CA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0jnAvdWOvvt.cfqy-a4ywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2

43 B
766 B

61ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGO3MqtIBMAE&v=APEucNX3GSB8-Q-uU_-X9OznwDqkhgdYXN4YOpsmrDAyh0Xd3BbHpacUiwE4_qKi9N6JUQPSG8im99_VDHiRsj4-bG-WDSn4B_xaqFLtrLvoFFWkqivPw6VpXEKGsDIgkNAw_KPvF837gDFycvJFpYT-Qs-McWzhiebcZ-F5AY0MvzP7l_IObc8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhpqes0rsQOvs2bYirDw2k&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 07CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1

43 B
1020 B

54ms
35ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbzaRCc2ugBGO3MqtIBMAE&v=APEucNX3GSB8-Q-uU_-X9OznwDqkhgdYXN4YOpsmrDAyh0Xd3BbHpacUiwE4_qKi9N6JUQPSG8im99_VDHiRsj4-bG-WDSn4B_xaqFLtrLvoFFWkqivPw6VpXEKGsDIgkNAw_KPvF837gDFycvJFpYT-Qs-McWzhiebcZ-F5AY0MvzP7l_IObc8

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
AN-X-Request-Uuid: fcb2c25a-192b-4c98-8cca-c4adb017f743
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEWWZJDFOd0RjHsb1tHqCQU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07CA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D

170 B
188 B

66ms
50ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
AN-X-Request-Uuid: 64a8a206-29cc-422d-bc61-de29e789c080
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 06BE 22 KB
8 KB 65ms
53ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 595626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 07:08:08 GMT
expires: Sat, 07 Oct 2023 07:08:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D484 0
20 B 92ms
81ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BAdovAedIY8asOKCT7_UP2_uUsAcAAAAAOAHgBAI

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 808E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECyC9WBxPQVnB5st4aY_Hl0&google_cver=1&google_push=AZmPxg_qc-xUaM237B8QalT4FOsDzmxHYdSdCRgMh5t9prBadNuRJe9harxVylnuj1qllnReY9Xy75fTh7th90z0...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_qc-xUaM237B8QalT4FOsDzmxHYdSdCRgMh5t9prBadNuRJe9harxVylnuj1qllnReY9Xy75fTh7th90z0tfQNDSOHXJE

170 B
188 B

51ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_qc-xUaM237B8QalT4FOsDzmxHYdSdCRgMh5t9prBadNuRJe9harxVylnuj1qllnReY9Xy75fTh7th90z0tfQNDSOHXJE

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 14 Oct 2022 04:35:14 GMT
Server: MT3 4539 98cc2da master zrh-pixel-x29 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_qc-xUaM237B8QalT4FOsDzmxHYdSdCRgMh5t9prBadNuRJe9harxVylnuj1qllnReY9Xy75fTh7th90z0tfQNDSOHXJE
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 14 Oct 2022 04:35:13 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 808E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJKPr2ntHO3Cb_4oABX0iJU&google_cver=1&google_push=AZmPxg9jU_KXXGzi5Grqkwxm8VZpcJ9DChuP4PTfuZ6UhdThoJqVavqaumWLPi1-BAjuaRcIp4ue817im1q_DkXkCoLSDdM0Vcr3&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJKPr2ntHO3Cb_4oABX0iJU&google_cver=1&google_push=AZmPxg9jU_KXXGzi5Grqkwxm8VZpcJ9DChuP4PTfuZ6UhdThoJqVavqaumWLPi1-BAjuaRcIp4ue817im1q_DkXkCoLSDdM0Vcr...

43 B
422 B

193ms
181ms

Image
image/gif

2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJKPr2ntHO3Cb_4oABX0iJU&google_cver=1&google_push=AZmPxg9jU_KXXGzi5Grqkwxm8VZpcJ9DChuP4PTfuZ6UhdThoJqVavqaumWLPi1-BAjuaRcIp4ue817im1q_DkXkCoLSDdM0Vcr3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9jU_KXXGzi5Grqkwxm8VZpcJ9DChuP4PTfuZ6UhdThoJqVavqaumWLPi1-BAjuaRcIp4ue817im1q_DkXkCoLSDdM0Vcr3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 759d9b70ef3de628-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1666
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJKPr2ntHO3Cb_4oABX0iJU&google_cver=1&google_push=AZmPxg9jU_KXXGzi5Grqkwxm8VZpcJ9DChuP4PTfuZ6UhdThoJqVavqaumWLPi1-BAjuaRcIp4ue817im1q_DkXkCoLSDdM0Vcr3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9jU_KXXGzi5Grqkwxm8VZpcJ9DChuP4PTfuZ6UhdThoJqVavqaumWLPi1-BAjuaRcIp4ue817im1q_DkXkCoLSDdM0Vcr3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 759d9b6f5ea5e628-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 808E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEN_iLm4Ra8GicgnJHyXM1sM&google_cver=1&google_push=AZmPxg_Awt0ItNELZKKMFJfrcW4b6MFXcuiwcXHqDS0Tqb4QixdG9CLGZgZIyUFNr2565gcqUlAwLUff9uZuTzb8...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qTCPJggbQZufKxKmGIZEmg2&google_push=AZmPxg_Awt0ItNELZKKMFJfrcW4b6MFXcuiwcXHqDS0Tqb4QixdG9CLGZgZIyUFNr2565gcqUlAwLUff9uZuTzb8gkm9dEchEvYI

170 B
188 B

54ms
54ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qTCPJggbQZufKxKmGIZEmg2&google_push=AZmPxg_Awt0ItNELZKKMFJfrcW4b6MFXcuiwcXHqDS0Tqb4QixdG9CLGZgZIyUFNr2565gcqUlAwLUff9uZuTzb8gkm9dEchEvYI

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 14 Oct 2022 04:35:14 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qTCPJggbQZufKxKmGIZEmg2&google_push=AZmPxg_Awt0ItNELZKKMFJfrcW4b6MFXcuiwcXHqDS0Tqb4QixdG9CLGZgZIyUFNr2565gcqUlAwLUff9uZuTzb8gkm9dEchEvYI
x-host: tde-deliveryengine-production-9df4ffd5c-qx8t8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 808E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHfEsPwl_BLAZsdLjncncYA&google_cver=1&google_push=AZmPxg_JgVkOh3WH586YfNtTwJChYdGrZ3fkyqjopu1_Czjiy50dqegJlcNMWcxkBI3p3BGamaxRpo-V...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHfEsPwl_BLAZsdLjncncYA&google_cver=1&google_push=AZmPxg_JgVkOh3WH586YfNtTwJChYdGrZ3fkyqjopu1_Czjiy50dqegJlcNMWcxkBI3p3BGamax...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU4NzM2MTQ0MDg4MTU3Mzg4&google_push=AZmPxg_JgVkOh3WH586YfNtTwJChYdGrZ3fkyqjopu1_Czjiy50dqegJlcNMWcxkBI3p3BGamaxRpo-V...

170 B
188 B

57ms
56ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU4NzM2MTQ0MDg4MTU3Mzg4&google_push=AZmPxg_JgVkOh3WH586YfNtTwJChYdGrZ3fkyqjopu1_Czjiy50dqegJlcNMWcxkBI3p3BGamaxRpo-VwlJd5Ld01Cs-A4JziYc

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU4NzM2MTQ0MDg4MTU3Mzg4&google_push=AZmPxg_JgVkOh3WH586YfNtTwJChYdGrZ3fkyqjopu1_Czjiy50dqegJlcNMWcxkBI3p3BGamaxRpo-VwlJd5Ld01Cs-A4JziYc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 808E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPS_EejfnOiuHpf5u8G48eo&google_cver=1&google_push=AZmPxg_iul9MHe6Ds_rq2ScRI7y_Ai1BNtpnZIdwry-f7yNFvcHzReohPWTjCQYWappa3jlEcw-...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3WlhUREwtMjAtS0ZCRw==&google_push=AZmPxg_iul9MHe6Ds_rq2ScRI7y_Ai1BNtpnZIdwry-f7yNFvcHzReohPWTjCQYWappa3jlEcw-pgfgZydbsPGVTpqhLOPv0sEAu

170 B
188 B

54ms
53ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3WlhUREwtMjAtS0ZCRw==&google_push=AZmPxg_iul9MHe6Ds_rq2ScRI7y_Ai1BNtpnZIdwry-f7yNFvcHzReohPWTjCQYWappa3jlEcw-pgfgZydbsPGVTpqhLOPv0sEAu

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3WlhUREwtMjAtS0ZCRw==&google_push=AZmPxg_iul9MHe6Ds_rq2ScRI7y_Ai1BNtpnZIdwry-f7yNFvcHzReohPWTjCQYWappa3jlEcw-pgfgZydbsPGVTpqhLOPv0sEAu
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 808E
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL2V1MxNGDSmYbg0mcCBnVs&google_cver=1&google_push=AZmPxg_qp2U8GeWDbZJ3VeOU17hONxmeSv0-5uJDTvqyKYOVDMML11RyAuaQ4WgkvhWE11FoYZjFBm_sT8RvaQJo...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_qp2U8GeWDbZJ3VeOU17hONxmeSv0-5uJDTvqyKYOVDMML11RyAuaQ4WgkvhWE11FoYZjFBm_sT8RvaQJoR6JeyYzp5SI

170 B
188 B

51ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_qp2U8GeWDbZJ3VeOU17hONxmeSv0-5uJDTvqyKYOVDMML11RyAuaQ4WgkvhWE11FoYZjFBm_sT8RvaQJoR6JeyYzp5SI

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 14 Oct 2022 04:35:14 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_qp2U8GeWDbZJ3VeOU17hONxmeSv0-5uJDTvqyKYOVDMML11RyAuaQ4WgkvhWE11FoYZjFBm_sT8RvaQJoR6JeyYzp5SI
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: rScCYzJ1F2AnMCgOaOo1sk1z6otVZAuceWw7ohu3zthacuTKLgUFng==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 808E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMSxjbMmU6DNou7NrFnCLMM&google_cver=1&google_push=AZmPxg-cb6Pm0BaXK43X-4sIZEZFno3DbEZilDkDUjnbfLR-DQ62g7Z2CflYJPBBLcB8BtcdsZ...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMSxjbMmU6DNou7NrFnCLMM&google_cver=1&google_push=AZmPxg-cb6Pm0BaXK43X-4sIZEZFno3DbEZilDkDUjnbfLR-DQ62g7Z2CflYJPBBLcB8BtcdsZ...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02Z0hZUHFGRTJ1RWpaaVVDZTZGSXRjMExkalRNZWVFSn5B&google_push=AZmPxg-cb6Pm0BaXK43X-4sIZEZFno3DbEZilDkDUjnbfLR-DQ62g7Z2C...

170 B
188 B

52ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02Z0hZUHFGRTJ1RWpaaVVDZTZGSXRjMExkalRNZWVFSn5B&google_push=AZmPxg-cb6Pm0BaXK43X-4sIZEZFno3DbEZilDkDUjnbfLR-DQ62g7Z2CflYJPBBLcB8BtcdsZq5mya6lVVAkLDCIe6mPICDJSOJgA

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02Z0hZUHFGRTJ1RWpaaVVDZTZGSXRjMExkalRNZWVFSn5B&google_push=AZmPxg-cb6Pm0BaXK43X-4sIZEZFno3DbEZilDkDUjnbfLR-DQ62g7Z2CflYJPBBLcB8BtcdsZq5mya6lVVAkLDCIe6mPICDJSOJgA
date: Fri, 14 Oct 2022 04:35:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 808E 0
12 B 82ms
73ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITDGDujxnKKLywonBY8K672P2g4AXh4AjFiKrNtQ8x5p7dsI4hEJI_8WUwWtQ4KM6R2bj6tw

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4257 22 KB
8 KB 62ms
54ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 595626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 07:08:08 GMT
expires: Sat, 07 Oct 2023 07:08:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 41CA 30 KB
11 KB 64ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3-7hV_12Id9i_TxeAx9tG0eiZyky9JKByFCg27tGcb7dHTOvcXrglLuVtlBXU8Cymd9NRHJKb0hMto7J2XznQyWQxCvqT6ecBjjszz7KJfIaMKTYpysGGdXJGablc-_9z-XRoUylqjH44vftA21o9_UvK_HC3av3iERUcbAs7RjM-rpQ&cry=1&dbm_d=AKAmf-DPGmEU8im-Mky8PPG1wCW86dvuod2oualjJomB7S01PGEaxaUrHRGS2bIC_AKzza0411lvIUHpbLI5n58P7AZKsF8AbF7NkAXaHiuzKLdpcz1HLyOekNf36HltnmV5KOvBcrg8rF4TTiFOsC5-ZLuSvO36KpndrYD5Ajw0ZRTi6y4TPycSqgRdoqGeImbJutVyVBRMHGjX2F1VXYUrEvaJfRVX8g2scwkX159UZbCFeJCLQg_wjhpyt5yLaJcGYccbn2woFfpg4Cs7mSGmbsSOYt-2D3hozdh9zch0AKVL7suW6HawK-LQDxgE1Qx3jg_IQr0plmVrIKbm2h-LJzL3xeAjwo-XmOVqkIA5idy70yp3PBF7zqkKffVZ_nGdHemJY94D5geM62vyCUGCsIdg2PObXWO-GBJm1FbEno7enL1wncyp5DgB-9WghgtpnE12p-oLn87YBe7gzQK2FutoopnyCSLAHvUL-o97PLqyqrnng-AAyTmUPDKEl5eM_o14E-XHd2WRsuECV_IYB-SZxLQp03ujrd4wgB8VWbHc4tuImwGpHR_XQ5QmFJxGlFY9omXGr2EExcqTGyoWbwxv7FDk67J4uKW4GnK-NYoooOfMWWOugubUcRY0S9X1S0NaZmX7P3K2a0y_kYgvZbmp_jVQC8TH4TThTayOLMCdLDrFQCteowAPvYOv1tkmuidFm3pW30stZZpVd2sQWYpeVwidljKfcJ_ajdx225VUH-UyBh4O6Uowe2FrVTmBeZsJrpZ0ap0JO1B3HGcQOIk5_4pRfSf73t0FOrHyMrsnKoFUGxDm3aIRHME2pZWUheF3GyEOAT30LvSg0jKsnKJBoahh0cusebcmtx56WikDhFGKvyVkDY1WlYGze-fGieIMmbj-mJaLUw6RoHoDL68FEppO4XoQlJG8CeKP7FRnEbzFrUvs4mAQZMa9s6kSG17dgKe8IJ33DMl9OlfITyygUWYZ9oPBkJzekIFtYe3uLAq0kYo8amEUKuobhLswYQp9QV3g-UtQsqyIToGtes96LdbJ_TQe_Hnkigbzm_CpHQjAwZxWs9VD3x-5smuyPlvostcVcUvzoMN_5FFw9MOMoc9vl7twv2wfagb9tx6t94RDeImSueEYlv3zEFo5hn0ogRd_pexICvpVG_yiOQ7BhtPn-tgj-c2SSfFhxwzS_zxET3Uk0c0qa7ArkTUFKyF7hmtcMGOMbd7RIp1h_gKpsQiEeyoK_lLfzEn30YKvRfEi_i53RrYJw-3XmvDFwKcOuwBFIdbWKUcmJr6ThIxZB3dC6jgH8UZmMHupmPL_O1Xpzh0wNKrgFBtcT5lxq54oU2O4efyb_BHw4tsNK2MyAiM9Oi1NlaExCug9SBUurE8YvqAJSE471yGQsGahSPJoGyqPn3mBZkZWHhXjw2yYfM4hnCKmhg3uB0R0ApPzLVsEGzIXig5CmGc7Qfwy5Um6GXpHn4kI7DWai4ivl2AUrPFH6gHrZoty9fPYWibFnT4MgK1r_kUDUYbLwhI1k-Pk_gRuNUZIBn-epjmFMHZOWIMLvvkID9gj_IT8zrU3xJC0QVJzqs09L1D3X91yWuUjl4M3s9z6svNQ39pvkLd21whpdzSKgfRebgqAIsJavTW1B-EsnU5mc8Pab2dPtE6F0wNZR_KP5GPfOHnTjZm-e4BDyyvsEhu7c56q1V9sskjeKwQb_kT4syAW3N7ntcN6sruBt9TPYW_xpgSqf8sqsgWduku_SwHciBlpH90GcSueoTQteo4DlZOg_vlpyO6qSN7rpXAeRRp6yg6ADHCQjytOWSQ4UMQbZM1tjGNbmf0cXPMkiirjVIhtNextAIUJmBDVN3rUDgs5IV2H9kL2Sd2eMFTtWMLDsUVCMBWCo1jiPD3MoE8NnBZQ2GgP_jPQDv4x3Jm5bzioSpRoJoXOFbW32YOGofmrqoa5lLPO5go_ah0I5gUN1AKPcV-G4hjTDkBVofNMqpP1eZdC2VtkeZbjw2_91XzV1GbIK8CaNl__vrXiemKTTcxosi1dxZlnwXVfTpj90eHwIf863ZcVQOLIdxquT4yR9cFWsT5sCiCEUQYtxJmlUBzkCqfknKG9L_3YZf4w_eclBNLzqnZXVrE1DC5P5aIiFOpZZ_tpMLgTILE8gy6bXbAuV3Z6VuWH-6b9RAtyxnOZajRXYTBVrvV6_9VzjEDue3H3ljP9vueX3865_VVpG4WqYz3DaJ5O6i8AO6_DSL7dHuo3Uo4NDtYi010o3AtbMDOAhG5PL1pnDUe60uuMprVMftBUiqbXtWPwO_2hsXM9oUw-eRYUFpkv1jBxtBs5jHM_UBKhwfQ-LCstOos14D6vwtJH5rATGZIrRjWvabvTJRZ8LHeHf81LU8utwTBe-ADxrfq10q1dG00-CIc1DQB-WASbv3XpKG3-bJlZw_xZGB0Iy6xIdJ6AHBmp6pzjLxz8XFf2MUiAewxS3iQKuRwkgw242anHLd3fQK4JBBQuv7-ESviubVyPDb6F47vcqBdUehuu5QdZb0___dbiZrgJRyB-_1txcjrxTz-AS2DXPnC1ympyK-VUNjJ1mA01DYV7s8OE3Y4xo0RIK87un83sS_gDl5i2DXLgG-T-MqLy54neXL2UMZvcUYwEAMswnfv0OcW-hkF-lt2Z7bioq8FhHOigUUqdzWgTNOZCbZisxYQUv33b1zxIlcUEn8wHFjupsoYxdHWxuPBLj-oKeyTGttC0nPKPyvPkMa65JcsAGdXLHQZ6caq4r8dvRgSMBF1U31A7XpAX9-JRA9twRhBdlBLqwgsYDHeAXXppcI-igvlFIdsU5in5V6vfj2az0eE7jbHcE2EwU8gVs1FDBPXZ5xLay50E96q8BB1nWHbENn0ZUDexUcizH6PBXpKoPqcnAUZ4pSNDCZrSuXGa3GH-1hR2Qdade69ja9L8xfaEVu8p5IXaezMgL-Q1Mtauu2_4L5CDPUpwmXtlUVN5VOx8rTzQZXhoSpACEdp54e2JaFnNWC_G1t3WbMDCCOYzMkJlKSXOeI9oWN1nrrHNaD7RsO2Ex6pYIYZ3lwD_NSOuvJrlS4EC60Lpt6Rt2sqswBLQ4P7itcZtAtzAHI3s-o2yJMNXyQ_I8vw5ygFbmKVo3vu1hTYqiiX7uCKYSkuI2GeufSWyxg3fBqkHkEWPz6a25xYjQD0fT5xEnBSkHlI_8Ex6zo7DM4IRj_tJfIfKa6WVxmkosjmr3KPsXx8ZyXwy7fZ4-kCstaW1plSN1HiTaz5fInisdLTXgUBb6iKNZR9MamdhrmeVz0u4_q4DFXfuzOOR1IQQn3cBad3XRf6qo2oAwLO_zpT10sF-GSh4YUYNFCwJPMxg776LsEtskO2sir2ShxEaE3gsPLwRW3dfP8SPKWEv8Wb0Epjb8WHY9XI-0vQ3bb2OYWpat3NRqluYG2BPCAPaUsbZhFXPMDMJLrmGPF4uOAaLB6rHDNjcGssje2yTBIwqz74R3DIMI_xM9BgE-VzoaMS8y1hC3lLxOa_kdHIJW0pFzNQrdojuPOCMcmPxRXUsdeK0VMm7UuXNezaMWgmPzZrJMGHGJALMeSqWpzBNxaMZAjdRC4l7lfPsNXJQzVa-1pSMcQN-IwcSxlFIEoVa_AWvAgE3PEgxYD6tm_4ZzF4_jK_9kiL7lBuSQWXpHDh3WiqKzRiuVqYA56Op2C-D6yk0CYhnSG8yF6NDnMjTUx0G3VzQl1GLz2zNYUE89gVTvWfMUE4A_OoXGXVSDDx6Ukc7&cid=CAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4&rfl=1%2Chttps%253A%252F%252Ffbu.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11730
x-xss-protection: 0
server: cafe
etag: 9319256901541695429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:52:53 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 41CA 41 KB
15 KB 62ms
55ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 10:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Oct 2023 10:22:29 GMT

GET
H3

200

i.match
s.tribalfusion.com/z/ Frame 3A72
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEL5IWVhP_IlLeUlp-sR29Fc&google_cver=1&google_push=AZmPxg_J7lKa3dqiFbxitY-SVJx2erU2eysaglOgL2VyOojH8zUrqsoFwsXTuaf33A5D694u3Dwv0ASfuStGyv9hgzrBc_F9x1w&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL5IWVhP_IlLeUlp-sR29Fc&google_cver=1&google_push=AZmPxg_J7lKa3dqiFbxitY-SVJx2erU2eysaglOgL2VyOojH8zUrqsoFwsXTuaf33A5D694u3Dwv0ASfuStGyv9hgzrBc_F9x1w...

43 B
617 B

210ms
176ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL5IWVhP_IlLeUlp-sR29Fc&google_cver=1&google_push=AZmPxg_J7lKa3dqiFbxitY-SVJx2erU2eysaglOgL2VyOojH8zUrqsoFwsXTuaf33A5D694u3Dwv0ASfuStGyv9hgzrBc_F9x1w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_J7lKa3dqiFbxitY-SVJx2erU2eysaglOgL2VyOojH8zUrqsoFwsXTuaf33A5D694u3Dwv0ASfuStGyv9hgzrBc_F9x1w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H3
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:15 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 759d9b72eea2dca7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 13364
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL5IWVhP_IlLeUlp-sR29Fc&google_cver=1&google_push=AZmPxg_J7lKa3dqiFbxitY-SVJx2erU2eysaglOgL2VyOojH8zUrqsoFwsXTuaf33A5D694u3Dwv0ASfuStGyv9hgzrBc_F9x1w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_J7lKa3dqiFbxitY-SVJx2erU2eysaglOgL2VyOojH8zUrqsoFwsXTuaf33A5D694u3Dwv0ASfuStGyv9hgzrBc_F9x1w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 759d9b6f5ea6e628-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3A72 0
166 B 125ms
28ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENIFG9wH6DxHEoL2bZgohg8&google_cver=1&google_push=AZmPxg-ePZB9okW6oJXV-zGyLUGXBH38WXC5fcZKzl0est6i34uWO2gxoZJNodEF5wn0mFkkXGSqYLrpa8WyAcku4d7eCQS35rrp
Requested by: Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 14 Oct 2022 04:35:14 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A72
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF4wZj8RdFDU5DFj6KWYrv8&google_cver=1&google_push=AZmPxg-WEjKd6Tm8Rafam1rlRgkEiFkPhk9EjXILbd2DK8g017XVy4wybFHMD-Yp_vhT4GHBXxVb2PD5RNQV...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-WEjKd6Tm8Rafam1rlRgkEiFkPhk9EjXILbd2DK8g017XVy4wybFHMD-Yp_vhT4GHBXxVb2PD5RNQVezHmNTPw05_LUhd6

170 B
188 B

55ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-WEjKd6Tm8Rafam1rlRgkEiFkPhk9EjXILbd2DK8g017XVy4wybFHMD-Yp_vhT4GHBXxVb2PD5RNQVezHmNTPw05_LUhd6

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-WEjKd6Tm8Rafam1rlRgkEiFkPhk9EjXILbd2DK8g017XVy4wybFHMD-Yp_vhT4GHBXxVb2PD5RNQVezHmNTPw05_LUhd6
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A72
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg8ppY0p2B8cP23j0EtkTneXarg5pbDHdonwtDt8jlGXrRRykYeVOI3-tn35BTl80Fpb9TyM9ORDqAqWMhA1ReZQjgUzp6de&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-377830a7-2d62-4e91-bac6-9ae9ec4cbc06-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg8ppY0p2B8cP23j0EtkT...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8ppY0p2B8cP23j0EtkTneXarg5pbDHdonwtDt8jlGXrRRykYeVOI3-tn35BTl80Fpb9TyM9ORDqAqWMhA1ReZQjgUzp6de&google_hm=Azd4MKctYk6Rusaa6exMvAY

170 B
188 B

52ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8ppY0p2B8cP23j0EtkTneXarg5pbDHdonwtDt8jlGXrRRykYeVOI3-tn35BTl80Fpb9TyM9ORDqAqWMhA1ReZQjgUzp6de&google_hm=Azd4MKctYk6Rusaa6exMvAY

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8ppY0p2B8cP23j0EtkTneXarg5pbDHdonwtDt8jlGXrRRykYeVOI3-tn35BTl80Fpb9TyM9ORDqAqWMhA1ReZQjgUzp6de&google_hm=Azd4MKctYk6Rusaa6exMvAY
date: Fri, 14 Oct 2022 04:35:14 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX377830a72d624e91bac69ae9ec4cbc06003
content-type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame 3A72
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF4wZj8RdFDU5DFj6KWYrv8&google_cver=1&google_push=AZmPxg-AHWFUsKERUJ6jNxKwdh5e2eq_Dm75Z3PXq_twf25PX0UfL4yoDamU0b8DM6sEDwTWpZXVdzTChlC...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-AHWFUsKERUJ6jNxKwdh5e2eq_Dm75Z3PXq_twf25PX0UfL4yoDamU0b8DM6sEDwTWpZXVdzTChlCk8V9Cr3Has1xFP35Lrw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

42ms
41ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 3A72
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECWdhcV5GlKF--9emzfhlXY&google_cver=1&google_p...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AZmPxg9ThOf-Y6Z3FMRHvsZZ99AtRPZaEQNbMbkSe-Ok5anULzebRm8CTyLxQUxftBBgUYv9qObRkjHz7DiyG0WZrORdOlBm_t-nmA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

68ms
67ms

Image
image/gif

2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Fri, 14 Oct 2022 04:35:14 GMT
pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A72
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENOFHuGjDIbgz-F6rmXE8Sw&google_cver=1&google_push=AZmPxg952DyG-TIbS...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D&google_gid=CAESENOFHuGjDIbgz-F6rmXE8Sw&google_cver=1&google_push=AZmPxg952DyG-TIbSQn-wqM_S2cnW7juXf...

170 B
188 B

58ms
54ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D&google_gid=CAESENOFHuGjDIbgz-F6rmXE8Sw&google_cver=1&google_push=AZmPxg952DyG-TIbSQn-wqM_S2cnW7juXfbMmG7arfAXEPtgWDjlBB0J16bs-aAQu3btrLJlmelNNxEyxFhk3ztWUfgGXT-LCL5Z

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:14 GMT
AN-X-Request-Uuid: 36aab740-6f9c-433d-b08b-b7f681683d13
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTM0MjExOTg4NjkxNjI5OTQ4Mw%3D%3D&google_gid=CAESENOFHuGjDIbgz-F6rmXE8Sw&google_cver=1&google_push=AZmPxg952DyG-TIbSQn-wqM_S2cnW7juXfbMmG7arfAXEPtgWDjlBB0J16bs-aAQu3btrLJlmelNNxEyxFhk3ztWUfgGXT-LCL5Z
Connection: keep-alive
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3A72 0
12 B 75ms
72ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LT9AIrp10eDY6kFxPqC50H5zX8Lnkr5A4KrboomiPEiXCeiML3JEAlwSbAgi8DDxVyX8RIARRU

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AFF2 22 KB
8 KB 66ms
66ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 595626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 07:08:08 GMT
expires: Sat, 07 Oct 2023 07:08:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02AE
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDwQKfw2sVVNl58_2baH7yc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDwQKfw2sVVNl58_2baH7yc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M0w3d3ZWOGQxT0pjcEk1&google_gid=CAESEDwQKfw2sVVNl58_2baH7yc&google_cver=1&google_push=AZmPxg9V0SFqE-DaJuiaVB_IGrdx6w6iFFmx1S9i6Xd1xOm...

170 B
188 B

53ms
53ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M0w3d3ZWOGQxT0pjcEk1&google_gid=CAESEDwQKfw2sVVNl58_2baH7yc&google_cver=1&google_push=AZmPxg9V0SFqE-DaJuiaVB_IGrdx6w6iFFmx1S9i6Xd1xOmvIkNXiBB_ex1xFQ_wsKMmEvwUrBuydIYqGzSk31ONZeh3uGPYPHc

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:13 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0a4402c7ccc8b73ba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M0w3d3ZWOGQxT0pjcEk1&google_gid=CAESEDwQKfw2sVVNl58_2baH7yc&google_cver=1&google_push=AZmPxg9V0SFqE-DaJuiaVB_IGrdx6w6iFFmx1S9i6Xd1xOmvIkNXiBB_ex1xFQ_wsKMmEvwUrBuydIYqGzSk31ONZeh3uGPYPHc
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 02AE 70 B
265 B 139ms
39ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOGIbee9xcUoEhQUX1qrCtw&google_cver=1&google_push=AZmPxg9_4I81tNbWDtWHt9WR3saA0NFhKbYMvYt_qwLb-HLyrw-TmuP9yHrHaw6wJrQqM0NwCtcdSaU8F0s1lxUgCEoDGwtvGlF8
Requested by: Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02AE
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIiw5xUhVofgmGzo660SW0s&google_cver=1&google_push=AZmPxg92_aYFCIBKv7I2544MPJRvit8vGNsIm96Kf6W6WuwujLzTQ8Vcf3RaW2imTj1a3ug0GQnCvHuzK0K...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg92_aYFCIBKv7I2544MPJRvit8vGNsIm96Kf6W6WuwujLzTQ8Vcf3RaW2imTj1a3ug0GQnCvHuzK0KITf4tj4YwIl4RJC7R&google_hm=Bc9_aKwjRL6z8IwpYDr4HWc

170 B
188 B

59ms
54ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg92_aYFCIBKv7I2544MPJRvit8vGNsIm96Kf6W6WuwujLzTQ8Vcf3RaW2imTj1a3ug0GQnCvHuzK0KITf4tj4YwIl4RJC7R&google_hm=Bc9_aKwjRL6z8IwpYDr4HWc

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg92_aYFCIBKv7I2544MPJRvit8vGNsIm96Kf6W6WuwujLzTQ8Vcf3RaW2imTj1a3ug0GQnCvHuzK0KITf4tj4YwIl4RJC7R&google_hm=Bc9_aKwjRL6z8IwpYDr4HWc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 02AE 0
173 B 120ms
38ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDHOIGa07eJH_KBff1ffqxE&google_cver=1&google_push=AZmPxg_SRDGcqrL7sBKwLt2U-rTTBG4TF_akJLjb8fM6-RdCrJFKHP32ch5ONZXDNmkc0xJoiQdEt_LXC4EGemN80Y3KOumkhO7l
Requested by: Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02AE
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENt4HMQEo-LH_Qou26y4EJA&google_cver=1&google_push=AZmPxg-09u8nggCaJYiv9pl47SCWWjQex4bDiS86TEPbveXcnKV8X8CmLyjCMEaXKNkDiQNjNImEJdKUQDU-ly-3I...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENt4HMQEo-LH_Qou26y4EJA&google_cver=1&google_push=AZmPxg-09u8nggCaJYiv9pl47SCWWjQex4bDiS86TEPbveXcnKV8X8CmLyjCMEaXKNkDiQNjNImEJdKUQDU-ly-3I...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg-09u8nggCaJYiv9pl47SCWWjQex4bDiS86TEPbveXcnKV8X8CmLyjCMEaXKNkDiQNjNImEJdKUQDU-ly-3IfrV0x1Vq-Nh&google_hm=FekzqGZHHYel3dbdR4WcoaIs

170 B
188 B

55ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg-09u8nggCaJYiv9pl47SCWWjQex4bDiS86TEPbveXcnKV8X8CmLyjCMEaXKNkDiQNjNImEJdKUQDU-ly-3IfrV0x1Vq-Nh&google_hm=FekzqGZHHYel3dbdR4WcoaIs

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 14 Oct 2022 04:35:14 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg-09u8nggCaJYiv9pl47SCWWjQex4bDiS86TEPbveXcnKV8X8CmLyjCMEaXKNkDiQNjNImEJdKUQDU-ly-3IfrV0x1Vq-Nh&google_hm=FekzqGZHHYel3dbdR4WcoaIs
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02AE
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEH7EAgO48Ym6VUBmEWNDmEY&google_cver=1&google_push=AZmPxg_ZRG6lXT8oQnLXttvB5jhuUuAzW8ER_uP7EA8dfK7NRkolCMLdwTZWu6UautC5vso7cfQWT2PxnOVq...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_ZRG6lXT8oQnLXttvB5jhuUuAzW8ER_uP7EA8dfK7NRkolCMLdwTZWu6UautC5vso7cfQWT2PxnOVqaHOZibGpek3n-qif

170 B
188 B

54ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_ZRG6lXT8oQnLXttvB5jhuUuAzW8ER_uP7EA8dfK7NRkolCMLdwTZWu6UautC5vso7cfQWT2PxnOVqaHOZibGpek3n-qif

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_ZRG6lXT8oQnLXttvB5jhuUuAzW8ER_uP7EA8dfK7NRkolCMLdwTZWu6UautC5vso7cfQWT2PxnOVqaHOZibGpek3n-qif
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02AE
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg_QKA-HiAnFBlYy4Ncxe8Jb2P5Kmj8mCuPHxSLvDaRrBkv5Eim46v0N8kFv-TBtwJPUnox5KM5rU5jyGi4oq8VH-S1JwMd9&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-377830a7-2d62-4e91-bac6-9ae9ec4cbc06-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_QKA-HiAnFBlYy4Ncxe...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_QKA-HiAnFBlYy4Ncxe8Jb2P5Kmj8mCuPHxSLvDaRrBkv5Eim46v0N8kFv-TBtwJPUnox5KM5rU5jyGi4oq8VH-S1JwMd9&google_hm=Azd4MKctYk6Rusaa6exMvAY

170 B
188 B

53ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_QKA-HiAnFBlYy4Ncxe8Jb2P5Kmj8mCuPHxSLvDaRrBkv5Eim46v0N8kFv-TBtwJPUnox5KM5rU5jyGi4oq8VH-S1JwMd9&google_hm=Azd4MKctYk6Rusaa6exMvAY

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_QKA-HiAnFBlYy4Ncxe8Jb2P5Kmj8mCuPHxSLvDaRrBkv5Eim46v0N8kFv-TBtwJPUnox5KM5rU5jyGi4oq8VH-S1JwMd9&google_hm=Azd4MKctYk6Rusaa6exMvAY
date: Fri, 14 Oct 2022 04:35:14 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX377830a72d624e91bac69ae9ec4cbc06003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 02AE 0
12 B 62ms
62ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JkpVTDgCc6u1GokfFhVlY-tLgwvRp5kUx9xjZhEoBWJvN4jgOJSinBnfIhdSCuz5nDPLIE

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3631544119932340464/970x250/banner/ Frame 5800 4 KB
2 KB 135ms
41ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3631544119932340464/970x250/banner/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099c95d735403477353dc5d5cf18c7c4c39682334da7fef1a76f21ba9a889a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1736
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:03:05 GMT
expires: Sat, 14 Oct 2023 04:03:05 GMT
last-modified: Wed, 22 Dec 2021 14:55:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D484 0
622 B 217ms
89ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmJu8VkwPBCHxXx084yNEVuOo8yGTrO6E1CS3-lhB0P6tVaZu58u4V2mRRWAEdOms0fOEJu_u4nWb1utkswX4gw5iyKDyf0pp5WN0AeOGBTEoKV_ntAXVAfBIOZ_ZrioyeuNzme1rHK27POD2qnZScMKd2n8ATwXpS-MMOx-SpbRQiGFfq1kfFiAqNeCdZpNi-1AdnEmJeDvR_d3rwMQ-91q5yfaWyOphipT4OUsAwFtGncqdaVAG7miOA7RxD86l5zG_uC-Sg-P84dk7O16iOau6vIwfTTq-5zLUM8vTN2h3v4x9tjsZBojF1zXc1Ia0tukZe_Vm0dz5W7whTbsaiquHcjsb8gbgC4H7DEGFohgaxpU-VCByMVQlbzG4Z9yafjlD8Ll5K63e49Az2-L1tejGcJgpL_76YtBclAVHPFUEu-yo_876WeGDxWOzlRkYaEvA_n2NTeIBQZjtX_Z8NVScYr24Xk7v6MHNQN8i8stUutGQQJiJXpIKRD_DFMQqCnu-N3j0W35M6_xKisMwUMnp-W45BdGf91DUpZB6QtxxOctXLI1L3hayMa8TBtDt4BSoa-zrc7SWa7GWp4kufJu3rvLvRT3Ol7wjpi4xGH4ZgAkfYuaTnUqCo8U2Fzt4YMnfFf3GBBgsArz-6BAfSG833uTiiDVsU3o7k2OXCo6R88aAkbPFGM-lyq06kHO68oJb535uZ3wqLreoahgfXeGG9nACMkMgXwR9vE0LNUTYkbY8BeIL6mKRmI9e4mUUQt1K6QKIlS6Z1tuKLC01HHfIf8-MZmFaLkdBdUD2Ewd3OxZlLH8l94pfsdXt3zey7OYGyB6r3bUk6Co4voUYOflCSAbS4UyLwBBCe9x7AaPEbOShOmra-9OSRFwgcVgfWmV57AO5oFPeukO27_avDkncBydkLRaWmkvqdypnkyBSUXkaET5sFj81GR-Ss1dH2SMzhNvhUGnNOI1pOgxy8pH1W1563SfvTw0TkLzv3kwl8UHICn01F4n4KOqoGTlFVX8AA54YLmDV5faksF2gVXI0fxsU8uUCHTP5RS95SvM5PFVhn3QY9A8oqvqEyhHmH0Q6ntjGeQc4FKudGZzAAVJIawy7L5PaNPJIbAI3mMiJeNCKUr1erX6t38Jj4qMem5_Aec7JkCv_HALv5SzFNEyw&sai=AMfl-YSP3R0GUZHcU9PMogzGbJVjfTvTSaNRWcvmFyJAlcEITSsSJle0lBvkFC4KUjPVLnkXKyDw1TqFfPMDYqQOtvHso-WSJX--VDzmGLSqwdRL1BZNdwS29R4k-Rzk8yXETy04QJq8lBhsQ_XKo386C7F07ecMIpykdBuZx8SxPl0YqoUT6VPlBNwMVl6ZJK4zejQA3TA9RnbfXCqxqzrMhemI8ct7htkyMHVivaH9R-6HmWQGzISu2rGAPHx9GSOPQF20_BlB8EtxgQ&sig=Cg0ArKJSzP-BXm1u5tNDEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=343&cbvp=1&cstd=340&cisv=r20221012.14894&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Oct 2022 04:35:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=27014458;s.a=3213511;p.a=324627451;a.a=516707361;cache=2600291599;
ad.atdmt.com/i/ Frame D484 0
0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6487489697849585523/970x250/ Frame BFB9 4 KB
2 KB 122ms
42ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6487489697849585523/970x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cda1716ad9a396253b684a99a58dfad07c5006bcf05702dd27aa9fcc8ddd31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1720
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 02:55:57 GMT
expires: Sat, 14 Oct 2023 02:55:57 GMT
last-modified: Wed, 09 Mar 2022 15:25:18 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DDA4 0
64 B 194ms
90ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1dZHZwl66LWDcqXe4qOdaZS0T58krPS1J0sD13NHO7xYw7lwZAJ5SFsR9-OSrmYwrmBJYNs7A9ACzaFCD_SqtyKsK89j0UfLwV88pL6Mjcc18i1PBHcAoEKgoJ_DJb14tEg13QpdeJCCse0CsthO-u9FsfDKaNel4R3NG6gwmENhzATyZ4fLoLQOalZ50H8W2X4_sFf34RAezKzBYKsBXGLK13VGs9w1nbVZZLawJYDpjCMFNMyvETfLl6ApUSg4gXoPl-g20RLNIwgdJN6_Qyf43XVEJ4wnwfixrkHd4ofITvy5Z0IvuD2OL5cp4cyUPUHu-qMau8FmMPwu-WAnhKNYyJn0GwizhSxQfE9UXMbJsV6yQTLx5D7Oux211VR4W1tm3RbPdFki1h7mYu33201HoV8gwuzvDFRRx1ayIDWlXAOqOJ3SDOlYu2cJeZupraWXHPcJG04joOU3B-2kMfWcV1plK2rwSLjntFt4y8SvQStz3LNSY3HKUPq8QdLJgd2JcvpOZwvJMANhzmISi4iJ2NtlzuPOnkWmqubnpNrT-n3wKSrxjE3shcRCgrZ9vOCxsWU6yywIB2Y_bICE5y1nPauxYytPy3Xs8S-xGUDMHofzlifmphSe48pELU5yNRyoDc3iPvaHiBWfFeYxO4KLIbRaajjpQhNGz_HTPcRswDqAzHXYOanbbmJJZlaY3GF8TQR5KbTC1SQRjgEIr55tbIpLQANNODoKzZhzCAgOZOC9E9coKp1st-ETvkn35euVP5zLLIe9jNxURdXrHnk-hvs6BwlYyLyRNyp0NhQg9zZnGIj-FZ54urzguD-heCFCDOTeSbFWfBS6IZp9JT-Viuw75gmE_bn6F4yo64ZjL_clwAJNw9cqWv0M9YWf5h3py__oPFFF6nm59U5SnYuTyK1POGc0QOTDZ6vtJKjejDd2Pw7OkyZ3w9yo0cbSkq5ZutBDq9X9_-wMGtH75xdP4prl4U68V8uy3N1jLvteFaO0VaZXfcsQyA5RrLQnN9OceD6aqNfuxzQDIcTpTo5Suewbgzat1z9n9fabHfgJ0ZHtM-zvsOeeRlICk1EWLY4g0oa-sIpDPiJushk5X1gBpDS3sGsuDPNnJblTpelUj0mMbul5Wy1TE35uDXnojmwwIQ2WK5b2-UsczZFpVfElFQeOPYgEXIQ&sai=AMfl-YSdAs7Rqvx2VyqQ8y_qmKAVHZfX1wc8e0OuQ0cY-xbx4vpGFKbT3sPjaCJ1JAZod6ym7CKDP408F9eTjYLC0Y0-yz40Qd1QRmAMuaVm4RVnfYmONsLNNaXgcP_Tu2JFfpQPcNQ86Cs7bCNMkRWVFjIyso5ABn-TbHoAmA36a7Fi-FjCdebqmkWt1cEYk3jkPkC6f7wygueThbzhZImIySOfcPXqcj_X14Y6lw7qtQLf7lRViIaeAFrFx0nT4cnUnjIIKX_t8sMpiA&sig=Cg0ArKJSzOk-VBB0bJ-aEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=335&cbvp=1&cstd=329&cisv=r20221012.31284&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Oct 2022 04:35:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=27389584;s.a=3213511;p.a=330816879;a.a=522993409;cache=3911944780;
ad.atdmt.com/i/ Frame DDA4 0
0

GET
H3 200 970x250.html Show response
s0.2mdn.net/sadbundle/4739297498604741592/ Frame D97D 6 KB
2 KB 102ms
43ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4739297498604741592/970x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6278dd32eb9e6a520d6d20b4fee5446609e3ffbf5488ac61e9c618821bce6761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 467623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2398
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Oct 2022 18:41:31 GMT
expires: Sun, 08 Oct 2023 18:41:31 GMT
last-modified: Tue, 09 Aug 2022 11:44:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BAF0 0
0 194ms
86ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUOipU3-Ka3te6EShWz08TGLk3Sy_9Sqw1-AyFu3afKd2zyV8FQQwlGlOpqflzhS0r1LcXoHhXd_CdWVA6frUkAQNg49Yoxciu2YBQVnlVa4rcealEdk0NlNrqEl7FnnNbTMo8JbiARGixUGc4WZ9m31rnV1K-NXu2pMAHBISol88pTDphNPDemK--F3yhouuU6jS37V-J_O_PHlHGoz_e3MwqnTmV7h8dA53I1XgphJx1P3AaeSKL7F8kcAshxR9GfSNaRYHjt97IFXBnka5UB7Ttgj4lodkLRvaKFgzOJVjl4iOxOhLP3dFeSVnIvo4L6faj7jCHjRHHLNje1bfECr5eRibRxd08EalMrUhh6Vtt30Ul91Ysdocsk8eO5MRjj00rey8mK7Jl1CTh6-d4ytQ--jDQke43lQNuq5ascSfFs3vDZT1dBqQ0ljZOzDux8UHDPc7PHC6h8_5pS7fvcjYY0s052obdjurqnGGwm-jVaMERijN4li52EiAoIrdghQ4To8qBXurM6w8APePno54eD_Y8CIvV2ddcOCwXs6oT8WzdMc1StldMzJLM2ms9X0ig9M_PWKlQExs00hYuyIksHKDtPrYpEda2PBl4esQWCWV9X3D8LarCSHfCQOQe-G413POIGWcNDXOPo9OdN4uKP6H8_qA3DaZyHAF5sDLmPwDgIN9xTW4TwNpXo5MgErFEe7R4z9qx2zfYhSw5lKD8E27hpMLhI968rNx0ZTgVbFJiIiR2rZNd5kTuNJdByBQVUQ2V86XQOn1f15Dtm2oChWYLR_AcDHtc9ZYwOVsBjirXFNCLbR-U1VPVk-9YxwxLxEJr4wNrp5n6j3cPjCYIWoyV3LhoOAe7c7e0BWpcQtDKUdMj4KiwWUst0_W-jTgKHH19EXk7a7Vf-rd-fok5oz3KJmyeoijZZe2ejJqbsW5w_rGLLhe2nWxa1DPd2exZrPqsqPZcCIUnuqW_RatDgK9sg8mSiKEYSGawheTxTuBGwdx6JMNP7mh9G_ylIOFETQACiA2rddq4qm-KKTQKEm0GCOzvr4wJ0V_-OATbJvs-BQIcCKMDOJPomcGC7xRkfglU86guPhrq7ZP_xJqxgm_iPoAMUyRCRz3ryAUjRJuUiPvIxMXFKABgUeaQYWkLB_xhmFDYhz2Te3mfcXyC&sai=AMfl-YQl3dGN3RdlWt7DpFY0dB6vK5F1hwKut52wc2_ydNeRynwNFDD7C7KfzJWlRIbPBHXizz_AfxtmYGkppI8a6Fk54jlQpx_qmvGBBWI8_o2CVmXszt9K2lUROxclI-fx6EIZxGdRSwpK4xZ3q3W8MfNhLUHN4oCvE2_z5_4BF_ld0HQD2rKts_lHiPGZhQZiR7Mrp4hzv9XGGDMgAKbDC3OZmRI_jWFInfq-CySH1gJEn6iUZmAppkfbS9Xp-epaOaabTYw5FxmNRg&sig=Cg0ArKJSzJ5IVBgPbzqlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=341&cbvp=1&cstd=334&cisv=r20221012.52932&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&ftch=1&adurl=

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Oct 2022 04:35:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Oct 2022 04:35:14 GMT

GET img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28349522;s.a=3213511;p.a=343169633;a.a=534915425;cache=2934214215;
ad.atdmt.com/i/ Frame BAF0 0
0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 081A 22 KB
8 KB 48ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 595626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 07:08:08 GMT
expires: Sat, 07 Oct 2023 07:08:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A5DF 1 KB
643 B 46ms
42ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 40204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 17:25:10 GMT
etag: 48472445140208031
expires: Fri, 14 Oct 2022 17:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 41CA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f4f0853b38ef97c503a257a27a7102867a0d20dbf76d58f04941b1f093e29f6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame 06BE 36 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 18:41:10 GMT

GET
H2 200 index.html Show response
adno.cdnwebcloud.com/store/creatives/1687/ Frame 1313 73 KB
19 KB 51ms
50ms Document
text/html 65.9.66.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adno.cdnwebcloud.com/store/creatives/1687/index.html?tc_alt=84886&n_o_ct=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0e9IAedIY-KxIqS5x_AP2cGmuA2dsIvMa6Hd9NLDEMeNmbGFMRABIOPgvCNgu4aAgNAKoAGTjM_uAsgBCakCjC0yCFRjsD6oAwGqBOQBT9Ccrp-ngohSmkPHOS4JE7BOGX2dzHNM-wRG-TVk0z9-kElbl9g9dmmVcjuLH7exxlcYmv2RrG4zWRxt8UOhFw8M8aX7Kgqim4cbV77Zen5ZzjoXvezrl8VORgrImwCMpbRFfRZmYo8W_77H9nIpYTkTDTYzrZFQqcVdTj_tgbJC51e1LZ2bc5OhQnoh_8UnLO14lu1UsLtTg5n87UsEbin9BtY5NVz_kvzEbd8_aR2I_C4zL0MI_cOehRrwmk6ao-Ub-UV68gQnM8wN-2PQO9eSS16wyzAZeItlkL3Ct_dx1L0kwAT7xJXvgwTgBAOQBgGgBk2AB9XzsJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPG378Q0BMA2BMNiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4%26sig%3DAOD64_3gq3Ss0JkzwPt03n6IUWE1UZs4Kg%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-BLxU8iqnm_a751PciGlVWslOenceRjtikqVl4lO19jh-GZvn9QPnU1oI_0mTd1k9SmJh8T2naEyDPHrBGZuaK1mkavQZM4JDAKi5FmgGyC3VRCdoUdpgjnddn_PlSibH22uGLNySNU-jx6JuhH9M25tsYTn9mul45Fkn_LJ-sWVe_naw4%26cry%3D1%26dbm_d%3DAKAmf-B5Wa9agM3kZwt9jnjSVz-kbXpeEMskEZovoEO0BDxxBfkFxQypapIzZHMPmO5oJ_er_5ozFwfTPhGLMzZnGOUYfXjPNjcYySVjDNqy21KNJA0XtL13tUvKv6kMPpq8zTDix_frP8FZlQn5ejk0kZ4aBKSca0GOhtQ7zdnjFAMQgxemvDwCH1j7P8APFuvK5g1GUHPUkUV85_UOuZIvZtGYaeMZfrjLn32zRRwguWsthlgrhISee60L5H06TUPff8y1QafdJjjeAxqSVeQhIQqx3f96BXOzvIDlVab3DHy8kRyFmkhxs83TZR5eOSaCD8FaX8QiFNox8_sRmsydXVOxZ9E73RCQNIjPi-7xUwCjas9DwVFUo5-YjVllDytWimgReOvCa7cayEucUJJ-4FE6dQeDL7a-p7zUU0gK_1PDySPy33eo8cUOB-zbIQwZ8PULWr1J0GKNV_nuZrY7YTC7Ge19rVpUZwyNptBi9-nGkm9z1y1a2-k1DpADrHA7VpSEqX-4DmNxKY3G9zhnOpMGZPLkEg%26adurl%3D&n_o_crd=https%3A%2F%2Fneural33.cdnwebcloud.com%2Fatc%3Ftc%3D84886%26n_o_ord%3D%5BCACHEBUSTER%5D%26url_n_o%3D&n_o_cu=https%3A%2F%2Fhotelfarolopesancollection.com%2Fen%2F%3Futm_source%3D22Grados%26utm_medium%3DBannerV2%26utm_campaign%3DMediosCollection%26utm_term%3D300x250
Requested by: Host: adno.cdnwebcloud.com
URL: https://adno.cdnwebcloud.com/scripts/creatives/1687/22grados-prospecting-farocollection-22-uk-300x250-v2-en-22grados-prospecting-collection-uk-22grados.js?n_o_ord=1665722113563426&n_o_ct=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C0e9IAedIY-KxIqS5x_AP2cGmuA2dsIvMa6Hd9NLDEMeNmbGFMRABIOPgvCNgu4aAgNAKoAGTjM_uAsgBCakCjC0yCFRjsD6oAwGqBOQBT9Ccrp-ngohSmkPHOS4JE7BOGX2dzHNM-wRG-TVk0z9-kElbl9g9dmmVcjuLH7exxlcYmv2RrG4zWRxt8UOhFw8M8aX7Kgqim4cbV77Zen5ZzjoXvezrl8VORgrImwCMpbRFfRZmYo8W_77H9nIpYTkTDTYzrZFQqcVdTj_tgbJC51e1LZ2bc5OhQnoh_8UnLO14lu1UsLtTg5n87UsEbin9BtY5NVz_kvzEbd8_aR2I_C4zL0MI_cOehRrwmk6ao-Ub-UV68gQnM8wN-2PQO9eSS16wyzAZeItlkL3Ct_dx1L0kwAT7xJXvgwTgBAOQBgGgBk2AB9XzsJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPG378Q0BMA2BMNiBQB2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4&sig=AOD64_3gq3Ss0JkzwPt03n6IUWE1UZs4Kg&client=ca-pub-3379969116950199&dbm_c=AKAmf-BLxU8iqnm_a751PciGlVWslOenceRjtikqVl4lO19jh-GZvn9QPnU1oI_0mTd1k9SmJh8T2naEyDPHrBGZuaK1mkavQZM4JDAKi5FmgGyC3VRCdoUdpgjnddn_PlSibH22uGLNySNU-jx6JuhH9M25tsYTn9mul45Fkn_LJ-sWVe_naw4&cry=1&dbm_d=AKAmf-B5Wa9agM3kZwt9jnjSVz-kbXpeEMskEZovoEO0BDxxBfkFxQypapIzZHMPmO5oJ_er_5ozFwfTPhGLMzZnGOUYfXjPNjcYySVjDNqy21KNJA0XtL13tUvKv6kMPpq8zTDix_frP8FZlQn5ejk0kZ4aBKSca0GOhtQ7zdnjFAMQgxemvDwCH1j7P8APFuvK5g1GUHPUkUV85_UOuZIvZtGYaeMZfrjLn32zRRwguWsthlgrhISee60L5H06TUPff8y1QafdJjjeAxqSVeQhIQqx3f96BXOzvIDlVab3DHy8kRyFmkhxs83TZR5eOSaCD8FaX8QiFNox8_sRmsydXVOxZ9E73RCQNIjPi-7xUwCjas9DwVFUo5-YjVllDytWimgReOvCa7cayEucUJJ-4FE6dQeDL7a-p7zUU0gK_1PDySPy33eo8cUOB-zbIQwZ8PULWr1J0GKNV_nuZrY7YTC7Ge19rVpUZwyNptBi9-nGkm9z1y1a2-k1DpADrHA7VpSEqX-4DmNxKY3G9zhnOpMGZPLkEg&adurl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7014d8ab16bbffbce437fbbe8f1669c80348d97d3a3fe9f204e34a3b9c673a6c

Request headers

Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 22731
content-disposition: inline; filename="manipulated20220830-18942-lp6lag.html"
content-encoding: gzip
content-type: text/html
date: Thu, 13 Oct 2022 22:16:33 GMT
etag: W/"4792168173aa47119f63c11df006d259"
last-modified: Tue, 30 Aug 2022 12:17:41 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-id: YlVqeFYTc6VQgmbxAHWUf4q5lIPqLeFuqj9tDe4IJJ87RzaP8NbRwA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4257 36 KB
16 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 18:41:10 GMT

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame AFF2 36 KB
16 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 18:41:10 GMT

GET
H3 200 lottie_light.min.js Show response
s0.2mdn.net/sadbundle/3631544119932340464/970x250/banner/ Frame 5800 140 KB
39 KB 41ms
41ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3631544119932340464/970x250/banner/lottie_light.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3631544119932340464/970x250/banner/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

975493b36ff51cc1a52bb40cb7249b2b742b04be006435d698c2651562f1e513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3631544119932340464/970x250/banner/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 11:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40229
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:55:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Oct 2023 11:28:39 GMT

GET
H3 200 lottie_light.min.js Show response
s0.2mdn.net/sadbundle/6487489697849585523/970x250/ Frame BFB9 147 KB
41 KB 62ms
61ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6487489697849585523/970x250/lottie_light.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6487489697849585523/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b989ef6e53e278a56abb90201c504c90c1b447f7e71eb35557e0e66b8de0a431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6487489697849585523/970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596403
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41971
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 15:25:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 06:55:11 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D97D 186 KB
48 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4739297498604741592/970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4739297498604741592/970x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Oct 2022 04:35:14 GMT

GET
H3 200 970x250.js Show response
s0.2mdn.net/sadbundle/4739297498604741592/ Frame D97D 202 KB
57 KB 71ms
71ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4739297498604741592/970x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4739297498604741592/970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a08c0b8495e7e504c36fb4b8ee6d35807b66e70c1f6e0a16a7aa8543fc1182dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4739297498604741592/970x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 12:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58207
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 11:44:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Oct 2023 12:44:36 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A5DF
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAJ1PBfMYm-Yb5BbeciJn4Q&google_cver=1&google_push=AZmPxg_2w9FNu09nGWr3ba_Xj8cUIUXG0xs1EpcGbZuMtvXutkUhwpFnK8gUip51Zbx_Ahh4Aq_Ae6y6AqqmcKysCMfA2tYKDQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg5MjQwNjE3MjMyMjE4OTI1NA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAJ1PBfMYm-Yb5BbeciJn4Q&google_cver=1

43 B
398 B

85ms
41ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAJ1PBfMYm-Yb5BbeciJn4Q&google_cver=1
Requested by: Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAJ1PBfMYm-Yb5BbeciJn4Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame A5DF 0
104 B 175ms
65ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENK40VbWEQrBayFoKRRnNog&google_cver=1&google_push=AZmPxg-Gn2jje63Z4zXhrio-I61fac_Afpy-B3-TCooHVXX6qaePZzogYGZbX_zVpWfjPGLsFV44a3VUTvEhrKXItIqCi7MF8aE
Requested by: Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A5DF
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECcqpBo4ESC31CZUQgv9oVY&google_cver=1&google_push=AZmPxg9e5-zgGCD6RlI7oHWRwlP3tZumz0PuFK1kJEvpuAZjWqwBqsGK9ZXl2z5abjGcMSWKFuCXVInFd6wNpb...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9e5-zgGCD6RlI7oHWRwlP3tZumz0PuFK1kJEvpuAZjWqwBqsGK9ZXl2z5abjGcMSWKFuCXVInFd6wNpbeXdBf1GlwK8mA&google_hm=hmNI5wKJUv0gmlgMeQ...

170 B
188 B

55ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9e5-zgGCD6RlI7oHWRwlP3tZumz0PuFK1kJEvpuAZjWqwBqsGK9ZXl2z5abjGcMSWKFuCXVInFd6wNpbeXdBf1GlwK8mA&google_hm=hmNI5wKJUv0gmlgMeQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6348E7028952FD209A580C79BLIS

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9e5-zgGCD6RlI7oHWRwlP3tZumz0PuFK1kJEvpuAZjWqwBqsGK9ZXl2z5abjGcMSWKFuCXVInFd6wNpbeXdBf1GlwK8mA&google_hm=hmNI5wKJUv0gmlgMeQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6348E7028952FD209A580C79BLIS
date: Fri, 14 Oct 2022 04:35:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A5DF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK-p9HrjIdjG5fNTWfcGqWI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-p9HrjIdjG5fNTWfcGqWI&google_hm=Y0jnAvdWOvvt-cfqy_a4ywAADLwAAAIB&google_nid=index&google_push=AZmPxg9-2rC2mGQVaqpj0-wv3ePDYo99ZwLoB...

170 B
188 B

52ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-p9HrjIdjG5fNTWfcGqWI&google_hm=Y0jnAvdWOvvt-cfqy_a4ywAADLwAAAIB&google_nid=index&google_push=AZmPxg9-2rC2mGQVaqpj0-wv3ePDYo99ZwLoBzRZmBjpB7pZpL-cU4CJlUfUliqYO2yKthXT_ku7aipoMJgG8ed0LnxsjIsCtXo

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xSns8VgoqtbBsHgjwDJ5MiH0NKPIYW4DET5bsk3c%2F%2BXGrUaM8AkxryeB3JTQNEaaXfReoOkwe4%2FBNR0q12%2B4copJLFE396lv%2Fqmv61%2Fw1CmJRadelVh4sn69gA6PM%2FodH5Sds5Nj3sz%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-p9HrjIdjG5fNTWfcGqWI&google_hm=Y0jnAvdWOvvt-cfqy_a4ywAADLwAAAIB&google_nid=index&google_push=AZmPxg9-2rC2mGQVaqpj0-wv3ePDYo99ZwLoBzRZmBjpB7pZpL-cU4CJlUfUliqYO2yKthXT_ku7aipoMJgG8ed0LnxsjIsCtXo
cache-control: no-cache
cf-ray: 759d9b70cc0a7797-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A5DF
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKJx8I0ChzA6dYZeCs3s2lM&google_cver=1&google_push=AZmPxg-Azk4OTJgYhOaKcUiC68DaYUh9N2nxNGU7mPPtTmebeaFpg3v7-ErNICrpr2lY9ZfSYEYlTHAgMsq9...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-Azk4OTJgYhOaKcUiC68DaYUh9N2nxNGU7mPPtTmebeaFpg3v7-ErNICrpr2lY9ZfSYEYlTHAgMsq9SWAiGwoNN-zEUAU

170 B
188 B

53ms
53ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-Azk4OTJgYhOaKcUiC68DaYUh9N2nxNGU7mPPtTmebeaFpg3v7-ErNICrpr2lY9ZfSYEYlTHAgMsq9SWAiGwoNN-zEUAU

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-Azk4OTJgYhOaKcUiC68DaYUh9N2nxNGU7mPPtTmebeaFpg3v7-ErNICrpr2lY9ZfSYEYlTHAgMsq9SWAiGwoNN-zEUAU
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A5DF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGT8fZ4TOHprK7cnl38APNY&google_cver=1&google_push=AZmPxg_cd9qotWfIWrzUHQ9hT-3NeZF7-kXpNt3_j73CokhayQGUO_ZmSVWyvY7LMXU1-WapFx...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02Z0hZUHFGRTJ1RWpaaVVDZTZGSXRjMExkalRNZWVFSn5B&google_push=AZmPxg_cd9qotWfIWrzUHQ9hT-3NeZF7-kXpNt3_j73CokhayQGUO_ZmS...

170 B
188 B

56ms
55ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02Z0hZUHFGRTJ1RWpaaVVDZTZGSXRjMExkalRNZWVFSn5B&google_push=AZmPxg_cd9qotWfIWrzUHQ9hT-3NeZF7-kXpNt3_j73CokhayQGUO_ZmSVWyvY7LMXU1-WapFxhMSM4eTOAGPoyw3L9nakV-p0ZK

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02Z0hZUHFGRTJ1RWpaaVVDZTZGSXRjMExkalRNZWVFSn5B&google_push=AZmPxg_cd9qotWfIWrzUHQ9hT-3NeZF7-kXpNt3_j73CokhayQGUO_ZmSVWyvY7LMXU1-WapFxhMSM4eTOAGPoyw3L9nakV-p0ZK
date: Fri, 14 Oct 2022 04:35:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame A5DF
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKJx8I0ChzA6dYZeCs3s2lM&google_cver=1&google_push=AZmPxg-419xLcbRClQEG0FEy-Miqsdfn1yAldGp8t-8S6UknYMaP-l7pvKsb6nrmokGyij0GdeFfi2ECkbp...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-419xLcbRClQEG0FEy-Miqsdfn1yAldGp8t-8S6UknYMaP-l7pvKsb6nrmokGyij0GdeFfi2ECkbpOEOHIiGSawdYWhB1P
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

41ms
41ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A5DF 0
12 B 53ms
48ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2y-n6qAsh9RaStRndb4k75tbrTI4RRDckbY6f6Xpc9abX2OpNvDH4X3vXTgNY7p5ZYzSNfB0

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame 081A 36 KB
16 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 18:41:10 GMT

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 1313 136 KB
46 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: adno.cdnwebcloud.com
URL: https://adno.cdnwebcloud.com/store/creatives/1687/index.html?tc_alt=84886&n_o_ct=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0e9IAedIY-KxIqS5x_AP2cGmuA2dsIvMa6Hd9NLDEMeNmbGFMRABIOPgvCNgu4aAgNAKoAGTjM_uAsgBCakCjC0yCFRjsD6oAwGqBOQBT9Ccrp-ngohSmkPHOS4JE7BOGX2dzHNM-wRG-TVk0z9-kElbl9g9dmmVcjuLH7exxlcYmv2RrG4zWRxt8UOhFw8M8aX7Kgqim4cbV77Zen5ZzjoXvezrl8VORgrImwCMpbRFfRZmYo8W_77H9nIpYTkTDTYzrZFQqcVdTj_tgbJC51e1LZ2bc5OhQnoh_8UnLO14lu1UsLtTg5n87UsEbin9BtY5NVz_kvzEbd8_aR2I_C4zL0MI_cOehRrwmk6ao-Ub-UV68gQnM8wN-2PQO9eSS16wyzAZeItlkL3Ct_dx1L0kwAT7xJXvgwTgBAOQBgGgBk2AB9XzsJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPG378Q0BMA2BMNiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4%26sig%3DAOD64_3gq3Ss0JkzwPt03n6IUWE1UZs4Kg%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-BLxU8iqnm_a751PciGlVWslOenceRjtikqVl4lO19jh-GZvn9QPnU1oI_0mTd1k9SmJh8T2naEyDPHrBGZuaK1mkavQZM4JDAKi5FmgGyC3VRCdoUdpgjnddn_PlSibH22uGLNySNU-jx6JuhH9M25tsYTn9mul45Fkn_LJ-sWVe_naw4%26cry%3D1%26dbm_d%3DAKAmf-B5Wa9agM3kZwt9jnjSVz-kbXpeEMskEZovoEO0BDxxBfkFxQypapIzZHMPmO5oJ_er_5ozFwfTPhGLMzZnGOUYfXjPNjcYySVjDNqy21KNJA0XtL13tUvKv6kMPpq8zTDix_frP8FZlQn5ejk0kZ4aBKSca0GOhtQ7zdnjFAMQgxemvDwCH1j7P8APFuvK5g1GUHPUkUV85_UOuZIvZtGYaeMZfrjLn32zRRwguWsthlgrhISee60L5H06TUPff8y1QafdJjjeAxqSVeQhIQqx3f96BXOzvIDlVab3DHy8kRyFmkhxs83TZR5eOSaCD8FaX8QiFNox8_sRmsydXVOxZ9E73RCQNIjPi-7xUwCjas9DwVFUo5-YjVllDytWimgReOvCa7cayEucUJJ-4FE6dQeDL7a-p7zUU0gK_1PDySPy33eo8cUOB-zbIQwZ8PULWr1J0GKNV_nuZrY7YTC7Ge19rVpUZwyNptBi9-nGkm9z1y1a2-k1DpADrHA7VpSEqX-4DmNxKY3G9zhnOpMGZPLkEg%26adurl%3D&n_o_crd=https%3A%2F%2Fneural33.cdnwebcloud.com%2Fatc%3Ftc%3D84886%26n_o_ord%3D%5BCACHEBUSTER%5D%26url_n_o%3D&n_o_cu=https%3A%2F%2Fhotelfarolopesancollection.com%2Fen%2F%3Futm_source%3D22Grados%26utm_medium%3DBannerV2%26utm_campaign%3DMediosCollection%26utm_term%3D300x250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://adno.cdnwebcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46978
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 19:45:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Oct 2022 04:38:28 GMT

GET
H2 403 22grados-marca-lopesan-v1-300x250-en-22grados-prospecting-lopesan-es-22grados.js
adno.cdnwebcloud.com/scripts/creatives/613/ Frame 1313 0
0 152ms
150ms Script
application/xml 65.9.66.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adno.cdnwebcloud.com/scripts/creatives/613/22grados-marca-lopesan-v1-300x250-en-22grados-prospecting-lopesan-es-22grados.js?ord=%5BCACHEBUSTER%5D&n_o_ct=CLICK_TAG_GOES_HERE
Requested by: Host: adno.cdnwebcloud.com
URL: https://adno.cdnwebcloud.com/store/creatives/1687/index.html?tc_alt=84886&n_o_ct=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0e9IAedIY-KxIqS5x_AP2cGmuA2dsIvMa6Hd9NLDEMeNmbGFMRABIOPgvCNgu4aAgNAKoAGTjM_uAsgBCakCjC0yCFRjsD6oAwGqBOQBT9Ccrp-ngohSmkPHOS4JE7BOGX2dzHNM-wRG-TVk0z9-kElbl9g9dmmVcjuLH7exxlcYmv2RrG4zWRxt8UOhFw8M8aX7Kgqim4cbV77Zen5ZzjoXvezrl8VORgrImwCMpbRFfRZmYo8W_77H9nIpYTkTDTYzrZFQqcVdTj_tgbJC51e1LZ2bc5OhQnoh_8UnLO14lu1UsLtTg5n87UsEbin9BtY5NVz_kvzEbd8_aR2I_C4zL0MI_cOehRrwmk6ao-Ub-UV68gQnM8wN-2PQO9eSS16wyzAZeItlkL3Ct_dx1L0kwAT7xJXvgwTgBAOQBgGgBk2AB9XzsJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPG378Q0BMA2BMNiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4%26sig%3DAOD64_3gq3Ss0JkzwPt03n6IUWE1UZs4Kg%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-BLxU8iqnm_a751PciGlVWslOenceRjtikqVl4lO19jh-GZvn9QPnU1oI_0mTd1k9SmJh8T2naEyDPHrBGZuaK1mkavQZM4JDAKi5FmgGyC3VRCdoUdpgjnddn_PlSibH22uGLNySNU-jx6JuhH9M25tsYTn9mul45Fkn_LJ-sWVe_naw4%26cry%3D1%26dbm_d%3DAKAmf-B5Wa9agM3kZwt9jnjSVz-kbXpeEMskEZovoEO0BDxxBfkFxQypapIzZHMPmO5oJ_er_5ozFwfTPhGLMzZnGOUYfXjPNjcYySVjDNqy21KNJA0XtL13tUvKv6kMPpq8zTDix_frP8FZlQn5ejk0kZ4aBKSca0GOhtQ7zdnjFAMQgxemvDwCH1j7P8APFuvK5g1GUHPUkUV85_UOuZIvZtGYaeMZfrjLn32zRRwguWsthlgrhISee60L5H06TUPff8y1QafdJjjeAxqSVeQhIQqx3f96BXOzvIDlVab3DHy8kRyFmkhxs83TZR5eOSaCD8FaX8QiFNox8_sRmsydXVOxZ9E73RCQNIjPi-7xUwCjas9DwVFUo5-YjVllDytWimgReOvCa7cayEucUJJ-4FE6dQeDL7a-p7zUU0gK_1PDySPy33eo8cUOB-zbIQwZ8PULWr1J0GKNV_nuZrY7YTC7Ge19rVpUZwyNptBi9-nGkm9z1y1a2-k1DpADrHA7VpSEqX-4DmNxKY3G9zhnOpMGZPLkEg%26adurl%3D&n_o_crd=https%3A%2F%2Fneural33.cdnwebcloud.com%2Fatc%3Ftc%3D84886%26n_o_ord%3D%5BCACHEBUSTER%5D%26url_n_o%3D&n_o_cu=https%3A%2F%2Fhotelfarolopesancollection.com%2Fen%2F%3Futm_source%3D22Grados%26utm_medium%3DBannerV2%26utm_campaign%3DMediosCollection%26utm_term%3D300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://adno.cdnwebcloud.com/store/creatives/1687/index.html?tc_alt=84886&n_o_ct=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0e9IAedIY-KxIqS5x_AP2cGmuA2dsIvMa6Hd9NLDEMeNmbGFMRABIOPgvCNgu4aAgNAKoAGTjM_uAsgBCakCjC0yCFRjsD6oAwGqBOQBT9Ccrp-ngohSmkPHOS4JE7BOGX2dzHNM-wRG-TVk0z9-kElbl9g9dmmVcjuLH7exxlcYmv2RrG4zWRxt8UOhFw8M8aX7Kgqim4cbV77Zen5ZzjoXvezrl8VORgrImwCMpbRFfRZmYo8W_77H9nIpYTkTDTYzrZFQqcVdTj_tgbJC51e1LZ2bc5OhQnoh_8UnLO14lu1UsLtTg5n87UsEbin9BtY5NVz_kvzEbd8_aR2I_C4zL0MI_cOehRrwmk6ao-Ub-UV68gQnM8wN-2PQO9eSS16wyzAZeItlkL3Ct_dx1L0kwAT7xJXvgwTgBAOQBgGgBk2AB9XzsJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPG378Q0BMA2BMNiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4%26sig%3DAOD64_3gq3Ss0JkzwPt03n6IUWE1UZs4Kg%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-BLxU8iqnm_a751PciGlVWslOenceRjtikqVl4lO19jh-GZvn9QPnU1oI_0mTd1k9SmJh8T2naEyDPHrBGZuaK1mkavQZM4JDAKi5FmgGyC3VRCdoUdpgjnddn_PlSibH22uGLNySNU-jx6JuhH9M25tsYTn9mul45Fkn_LJ-sWVe_naw4%26cry%3D1%26dbm_d%3DAKAmf-B5Wa9agM3kZwt9jnjSVz-kbXpeEMskEZovoEO0BDxxBfkFxQypapIzZHMPmO5oJ_er_5ozFwfTPhGLMzZnGOUYfXjPNjcYySVjDNqy21KNJA0XtL13tUvKv6kMPpq8zTDix_frP8FZlQn5ejk0kZ4aBKSca0GOhtQ7zdnjFAMQgxemvDwCH1j7P8APFuvK5g1GUHPUkUV85_UOuZIvZtGYaeMZfrjLn32zRRwguWsthlgrhISee60L5H06TUPff8y1QafdJjjeAxqSVeQhIQqx3f96BXOzvIDlVab3DHy8kRyFmkhxs83TZR5eOSaCD8FaX8QiFNox8_sRmsydXVOxZ9E73RCQNIjPi-7xUwCjas9DwVFUo5-YjVllDytWimgReOvCa7cayEucUJJ-4FE6dQeDL7a-p7zUU0gK_1PDySPy33eo8cUOB-zbIQwZ8PULWr1J0GKNV_nuZrY7YTC7Ge19rVpUZwyNptBi9-nGkm9z1y1a2-k1DpADrHA7VpSEqX-4DmNxKY3G9zhnOpMGZPLkEg%26adurl%3D&n_o_crd=https%3A%2F%2Fneural33.cdnwebcloud.com%2Fatc%3Ftc%3D84886%26n_o_ord%3D%5BCACHEBUSTER%5D%26url_n_o%3D&n_o_cu=https%3A%2F%2Fhotelfarolopesancollection.com%2Fen%2F%3Futm_source%3D22Grados%26utm_medium%3DBannerV2%26utm_campaign%3DMediosCollection%26utm_term%3D300x250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:14 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: YvqTw6j4_BRfaWkBA1ud7tAk0RwCez-mgApm6uxbAoAMQl3yJ-WFYQ==
x-cache: Error from cloudfront
content-type: application/xml

GET
H3 200 data.json Show response
s0.2mdn.net/sadbundle/3631544119932340464/970x250/banner/ Frame 5800 233 KB
22 KB 42ms
42ms XHR
application/json 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3631544119932340464/970x250/banner/data.json

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3631544119932340464/970x250/banner/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad6e1359f8a2671fc0c7a9d829c37e06d4f441cabb945ecbd5f21bc7b68b7675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3631544119932340464/970x250/banner/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 570894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22871
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 14:55:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 14:00:20 GMT

GET
H3 200 data.json Show response
s0.2mdn.net/sadbundle/6487489697849585523/970x250/ Frame BFB9 103 KB
21 KB 42ms
42ms XHR
application/json 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6487489697849585523/970x250/data.json

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6487489697849585523/970x250/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4907f68e689798f98fe4c931dedb2979c12e922ab5783757a2c6c153ad8acd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6487489697849585523/970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95058
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21960
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 15:25:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Oct 2023 02:10:56 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D484 0
26 B 163ms
78ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmJu8VkwPBCHxXx084yNEVuOo8yGTrO6E1CS3-lhB0P6tVaZu58u4V2mRRWAEdOms0fOEJu_u4nWb1utkswX4gw5iyKDyf0pp5WN0AeOGBTEoKV_ntAXVAfBIOZ_ZrioyeuNzme1rHK27POD2qnZScMKd2n8ATwXpS-MMOx-SpbRQiGFfq1kfFiAqNeCdZpNi-1AdnEmJeDvR_d3rwMQ-91q5yfaWyOphipT4OUsAwFtGncqdaVAG7miOA7RxD86l5zG_uC-Sg-P84dk7O16iOau6vIwfTTq-5zLUM8vTN2h3v4x9tjsZBojF1zXc1Ia0tukZe_Vm0dz5W7whTbsaiquHcjsb8gbgC4H7DEGFohgaxpU-VCByMVQlbzG4Z9yafjlD8Ll5K63e49Az2-L1tejGcJgpL_76YtBclAVHPFUEu-yo_876WeGDxWOzlRkYaEvA_n2NTeIBQZjtX_Z8NVScYr24Xk7v6MHNQN8i8stUutGQQJiJXpIKRD_DFMQqCnu-N3j0W35M6_xKisMwUMnp-W45BdGf91DUpZB6QtxxOctXLI1L3hayMa8TBtDt4BSoa-zrc7SWa7GWp4kufJu3rvLvRT3Ol7wjpi4xGH4ZgAkfYuaTnUqCo8U2Fzt4YMnfFf3GBBgsArz-6BAfSG833uTiiDVsU3o7k2OXCo6R88aAkbPFGM-lyq06kHO68oJb535uZ3wqLreoahgfXeGG9nACMkMgXwR9vE0LNUTYkbY8BeIL6mKRmI9e4mUUQt1K6QKIlS6Z1tuKLC01HHfIf8-MZmFaLkdBdUD2Ewd3OxZlLH8l94pfsdXt3zey7OYGyB6r3bUk6Co4voUYOflCSAbS4UyLwBBCe9x7AaPEbOShOmra-9OSRFwgcVgfWmV57AO5oFPeukO27_avDkncBydkLRaWmkvqdypnkyBSUXkaET5sFj81GR-Ss1dH2SMzhNvhUGnNOI1pOgxy8pH1W1563SfvTw0TkLzv3kwl8UHICn01F4n4KOqoGTlFVX8AA54YLmDV5faksF2gVXI0fxsU8uUCHTP5RS95SvM5PFVhn3QY9A8oqvqEyhHmH0Q6ntjGeQc4FKudGZzAAVJIawy7L5PaNPJIbAI3mMiJeNCKUr1erX6t38Jj4qMem5_Aec7JkCv_HALv5SzFNEyw&sai=AMfl-YSP3R0GUZHcU9PMogzGbJVjfTvTSaNRWcvmFyJAlcEITSsSJle0lBvkFC4KUjPVLnkXKyDw1TqFfPMDYqQOtvHso-WSJX--VDzmGLSqwdRL1BZNdwS29R4k-Rzk8yXETy04QJq8lBhsQ_XKo386C7F07ecMIpykdBuZx8SxPl0YqoUT6VPlBNwMVl6ZJK4zejQA3TA9RnbfXCqxqzrMhemI8ct7htkyMHVivaH9R-6HmWQGzISu2rGAPHx9GSOPQF20_BlB8EtxgQ&sig=Cg0ArKJSzP-BXm1u5tNDEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=735&vt=11&dtpt=392&dett=3&cstd=340&cisv=r20221012.14894&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DDA4 0
26 B 134ms
81ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1dZHZwl66LWDcqXe4qOdaZS0T58krPS1J0sD13NHO7xYw7lwZAJ5SFsR9-OSrmYwrmBJYNs7A9ACzaFCD_SqtyKsK89j0UfLwV88pL6Mjcc18i1PBHcAoEKgoJ_DJb14tEg13QpdeJCCse0CsthO-u9FsfDKaNel4R3NG6gwmENhzATyZ4fLoLQOalZ50H8W2X4_sFf34RAezKzBYKsBXGLK13VGs9w1nbVZZLawJYDpjCMFNMyvETfLl6ApUSg4gXoPl-g20RLNIwgdJN6_Qyf43XVEJ4wnwfixrkHd4ofITvy5Z0IvuD2OL5cp4cyUPUHu-qMau8FmMPwu-WAnhKNYyJn0GwizhSxQfE9UXMbJsV6yQTLx5D7Oux211VR4W1tm3RbPdFki1h7mYu33201HoV8gwuzvDFRRx1ayIDWlXAOqOJ3SDOlYu2cJeZupraWXHPcJG04joOU3B-2kMfWcV1plK2rwSLjntFt4y8SvQStz3LNSY3HKUPq8QdLJgd2JcvpOZwvJMANhzmISi4iJ2NtlzuPOnkWmqubnpNrT-n3wKSrxjE3shcRCgrZ9vOCxsWU6yywIB2Y_bICE5y1nPauxYytPy3Xs8S-xGUDMHofzlifmphSe48pELU5yNRyoDc3iPvaHiBWfFeYxO4KLIbRaajjpQhNGz_HTPcRswDqAzHXYOanbbmJJZlaY3GF8TQR5KbTC1SQRjgEIr55tbIpLQANNODoKzZhzCAgOZOC9E9coKp1st-ETvkn35euVP5zLLIe9jNxURdXrHnk-hvs6BwlYyLyRNyp0NhQg9zZnGIj-FZ54urzguD-heCFCDOTeSbFWfBS6IZp9JT-Viuw75gmE_bn6F4yo64ZjL_clwAJNw9cqWv0M9YWf5h3py__oPFFF6nm59U5SnYuTyK1POGc0QOTDZ6vtJKjejDd2Pw7OkyZ3w9yo0cbSkq5ZutBDq9X9_-wMGtH75xdP4prl4U68V8uy3N1jLvteFaO0VaZXfcsQyA5RrLQnN9OceD6aqNfuxzQDIcTpTo5Suewbgzat1z9n9fabHfgJ0ZHtM-zvsOeeRlICk1EWLY4g0oa-sIpDPiJushk5X1gBpDS3sGsuDPNnJblTpelUj0mMbul5Wy1TE35uDXnojmwwIQ2WK5b2-UsczZFpVfElFQeOPYgEXIQ&sai=AMfl-YSdAs7Rqvx2VyqQ8y_qmKAVHZfX1wc8e0OuQ0cY-xbx4vpGFKbT3sPjaCJ1JAZod6ym7CKDP408F9eTjYLC0Y0-yz40Qd1QRmAMuaVm4RVnfYmONsLNNaXgcP_Tu2JFfpQPcNQ86Cs7bCNMkRWVFjIyso5ABn-TbHoAmA36a7Fi-FjCdebqmkWt1cEYk3jkPkC6f7wygueThbzhZImIySOfcPXqcj_X14Y6lw7qtQLf7lRViIaeAFrFx0nT4cnUnjIIKX_t8sMpiA&sig=Cg0ArKJSzOk-VBB0bJ-aEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=748&vt=11&dtpt=413&dett=3&cstd=329&cisv=r20221012.31284&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame 41CA 19 KB
7 KB 132ms
40ms Script
application/javascript 65.9.66.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1665722114886
Requested by: Host: adno.cdnwebcloud.com
URL: https://adno.cdnwebcloud.com/scripts/creatives/1687/22grados-prospecting-farocollection-22-uk-300x250-v2-en-22grados-prospecting-collection-uk-22grados.js?n_o_ord=1665722113563426&n_o_ct=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C0e9IAedIY-KxIqS5x_AP2cGmuA2dsIvMa6Hd9NLDEMeNmbGFMRABIOPgvCNgu4aAgNAKoAGTjM_uAsgBCakCjC0yCFRjsD6oAwGqBOQBT9Ccrp-ngohSmkPHOS4JE7BOGX2dzHNM-wRG-TVk0z9-kElbl9g9dmmVcjuLH7exxlcYmv2RrG4zWRxt8UOhFw8M8aX7Kgqim4cbV77Zen5ZzjoXvezrl8VORgrImwCMpbRFfRZmYo8W_77H9nIpYTkTDTYzrZFQqcVdTj_tgbJC51e1LZ2bc5OhQnoh_8UnLO14lu1UsLtTg5n87UsEbin9BtY5NVz_kvzEbd8_aR2I_C4zL0MI_cOehRrwmk6ao-Ub-UV68gQnM8wN-2PQO9eSS16wyzAZeItlkL3Ct_dx1L0kwAT7xJXvgwTgBAOQBgGgBk2AB9XzsJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPG378Q0BMA2BMNiBQB2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4&sig=AOD64_3gq3Ss0JkzwPt03n6IUWE1UZs4Kg&client=ca-pub-3379969116950199&dbm_c=AKAmf-BLxU8iqnm_a751PciGlVWslOenceRjtikqVl4lO19jh-GZvn9QPnU1oI_0mTd1k9SmJh8T2naEyDPHrBGZuaK1mkavQZM4JDAKi5FmgGyC3VRCdoUdpgjnddn_PlSibH22uGLNySNU-jx6JuhH9M25tsYTn9mul45Fkn_LJ-sWVe_naw4&cry=1&dbm_d=AKAmf-B5Wa9agM3kZwt9jnjSVz-kbXpeEMskEZovoEO0BDxxBfkFxQypapIzZHMPmO5oJ_er_5ozFwfTPhGLMzZnGOUYfXjPNjcYySVjDNqy21KNJA0XtL13tUvKv6kMPpq8zTDix_frP8FZlQn5ejk0kZ4aBKSca0GOhtQ7zdnjFAMQgxemvDwCH1j7P8APFuvK5g1GUHPUkUV85_UOuZIvZtGYaeMZfrjLn32zRRwguWsthlgrhISee60L5H06TUPff8y1QafdJjjeAxqSVeQhIQqx3f96BXOzvIDlVab3DHy8kRyFmkhxs83TZR5eOSaCD8FaX8QiFNox8_sRmsydXVOxZ9E73RCQNIjPi-7xUwCjas9DwVFUo5-YjVllDytWimgReOvCa7cayEucUJJ-4FE6dQeDL7a-p7zUU0gK_1PDySPy33eo8cUOB-zbIQwZ8PULWr1J0GKNV_nuZrY7YTC7Ge19rVpUZwyNptBi9-nGkm9z1y1a2-k1DpADrHA7VpSEqX-4DmNxKY3G9zhnOpMGZPLkEg&adurl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10e4ebacf9fdc329d721a17f2a0d42fc77def0cf25766d0450bdff232a27d97e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 20:55:50 GMT
content-encoding: gzip
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified: Mon, 08 Feb 2021 12:39:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 27565
etag: W/"79bdbba51b195bc000950e9ac2e73e9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Cm1S2fcXVhQWkLOxA36tRoKhFD_kbrf6H7enkg7pt3ClMi1aWB2U9A==

GET
H3 200 dowell_comressed.png
s0.2mdn.net/sadbundle/4739297498604741592/ Frame D97D 172 KB
172 KB 42ms
41ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4739297498604741592/dowell_comressed.png

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b205f1e77bbef30c347d8c623bd704cca3fda634cc8fff698822079af7bb9ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4739297498604741592/970x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 12:44:36 GMT
x-content-type-options: nosniff
age: 229838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 175617
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 11:44:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Oct 2023 12:44:36 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BAF0 0
0 162ms
78ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUOipU3-Ka3te6EShWz08TGLk3Sy_9Sqw1-AyFu3afKd2zyV8FQQwlGlOpqflzhS0r1LcXoHhXd_CdWVA6frUkAQNg49Yoxciu2YBQVnlVa4rcealEdk0NlNrqEl7FnnNbTMo8JbiARGixUGc4WZ9m31rnV1K-NXu2pMAHBISol88pTDphNPDemK--F3yhouuU6jS37V-J_O_PHlHGoz_e3MwqnTmV7h8dA53I1XgphJx1P3AaeSKL7F8kcAshxR9GfSNaRYHjt97IFXBnka5UB7Ttgj4lodkLRvaKFgzOJVjl4iOxOhLP3dFeSVnIvo4L6faj7jCHjRHHLNje1bfECr5eRibRxd08EalMrUhh6Vtt30Ul91Ysdocsk8eO5MRjj00rey8mK7Jl1CTh6-d4ytQ--jDQke43lQNuq5ascSfFs3vDZT1dBqQ0ljZOzDux8UHDPc7PHC6h8_5pS7fvcjYY0s052obdjurqnGGwm-jVaMERijN4li52EiAoIrdghQ4To8qBXurM6w8APePno54eD_Y8CIvV2ddcOCwXs6oT8WzdMc1StldMzJLM2ms9X0ig9M_PWKlQExs00hYuyIksHKDtPrYpEda2PBl4esQWCWV9X3D8LarCSHfCQOQe-G413POIGWcNDXOPo9OdN4uKP6H8_qA3DaZyHAF5sDLmPwDgIN9xTW4TwNpXo5MgErFEe7R4z9qx2zfYhSw5lKD8E27hpMLhI968rNx0ZTgVbFJiIiR2rZNd5kTuNJdByBQVUQ2V86XQOn1f15Dtm2oChWYLR_AcDHtc9ZYwOVsBjirXFNCLbR-U1VPVk-9YxwxLxEJr4wNrp5n6j3cPjCYIWoyV3LhoOAe7c7e0BWpcQtDKUdMj4KiwWUst0_W-jTgKHH19EXk7a7Vf-rd-fok5oz3KJmyeoijZZe2ejJqbsW5w_rGLLhe2nWxa1DPd2exZrPqsqPZcCIUnuqW_RatDgK9sg8mSiKEYSGawheTxTuBGwdx6JMNP7mh9G_ylIOFETQACiA2rddq4qm-KKTQKEm0GCOzvr4wJ0V_-OATbJvs-BQIcCKMDOJPomcGC7xRkfglU86guPhrq7ZP_xJqxgm_iPoAMUyRCRz3ryAUjRJuUiPvIxMXFKABgUeaQYWkLB_xhmFDYhz2Te3mfcXyC&sai=AMfl-YQl3dGN3RdlWt7DpFY0dB6vK5F1hwKut52wc2_ydNeRynwNFDD7C7KfzJWlRIbPBHXizz_AfxtmYGkppI8a6Fk54jlQpx_qmvGBBWI8_o2CVmXszt9K2lUROxclI-fx6EIZxGdRSwpK4xZ3q3W8MfNhLUHN4oCvE2_z5_4BF_ld0HQD2rKts_lHiPGZhQZiR7Mrp4hzv9XGGDMgAKbDC3OZmRI_jWFInfq-CySH1gJEn6iUZmAppkfbS9Xp-epaOaabTYw5FxmNRg&sig=Cg0ArKJSzJ5IVBgPbzqlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=828&vt=11&dtpt=487&dett=3&cstd=334&cisv=r20221012.52932&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&ftch=1&adurl=

Requested by

Host: fbu.ua
URL: https://fbu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Oct 2022 04:35:15 GMT

GET
DATA 200
OK truncated
/ Frame BFB9 16 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6eb68a84d74a46c8f0f3a4449b2b0449c6080a2dd8723c04be1bd41300f495f9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101101&jk=1483455357927315&bg=!9Pel97PNAAYeOJy_Pjg7ACkAdvg8Wh-i4OEGpiAyfT7zveWmF61b8VjSS0GvrE5C_UcGdslDaeUN5wIAAAF0UgAAAAJoAQeZApavoYoF6SDLl286NTDwe4y0z5AZkdqmUgtTRthwhIdezwZvcJUz8UJi7NW1-uW2IlnqwZ8Z6HS2alVFfMe-ryMTzZBlmkCzsr1snMJeNsq_GqGQN33hC2daZRcWrgngR-YFAxFWGS3NRFVKr6W89RloR0W5LN1r1bw0R52FTljlqRxyK_DmM_ruLM088pMrnGLdRxfSvcmON7fEZGjNdvX2BcICeCc5OEZ0n7JXQCxGjj3fch7Ew7lsVATH0oZ_TVihYY-NrEc5pMMFMw_2fEJF9jCFbBC6lyhWMuD_WBV02q1jTTDkGayLbdLL0R7eQbs2fXe1-vMGuSRvvNa7U3t2QASr6npWJEnwp1i9aaepobULQ43N208K-JdfzRqZ0l2f7TMDrqwBFgeMoxYfSCKvI8eEFY5lkTfSQ_P6s43vDMYw_8PZ89uIZnR9qV4NifHmPrJnU_OzYM3mTX-7A_qXmMEW9Al5ezodsrsHYsA5NKX6gYJ5TAkaGY0PVQy1PP5rTCgeIRyf1wgZoRasq_BbwqRY0rOMdVTQqcoXVkIxbAUvRmJZbnRjLLvvNyUZpZntWa2vjdnUdodvJ7fvb4M20dEoLsQgXm1Uhi3Xe8Kh7yorxagalBCwBYUXXDBLQj3hzi_vW3kTgQG-MJKau5KlM-BtpNvFbnRv4jQN01heDDbHfDgv-3_-UncOdc_Csa63j4BdXwV0mMsx-I0jFmHNd58kzGNTh4Cpd3l9dti4Wy9G_HP582jMfsscMtIEbr9MlATL2yYpqm9RmbQDkHVcpaCsheXz2wnfQ7RFRsfRjzoxiCHqEqn_WxItxU6ut95dJQgBWPl3E5d5CFxTvwLGEAh36xS5aTYR3QJP4utPAmhZiEP7-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 atp
neural33.cdnwebcloud.com/ Frame 41CA 74 B
323 B 130ms
41ms Image
image/png 54.154.96.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural33.cdnwebcloud.com/atp?601533845043=&tc=84886&n_o_oas=1&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.96.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-96-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 14 Oct 2022 04:35:15 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 06BE 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAdovAedIY8asOKCT7_UP2_uUsAcAAAAAOAHgBAI&bg=!X1ylXBjNAAYeOJy_Pjg7ACkAdvg8WtXeX485iNe6L6ZTZlW5mz_CFnvOnaT_MbkezmQSzHy96wsOCwIAAAIXUgAAAAJoAQcKAJlPDo93Yxicxgb3X0DQyxG41R1UQaGBiXjnzV5dIm37nJm4an60AvGrRja5AAEqzH2lTGgt-x2aFNh33zhXT_ulkFIgCMeNpebOKBssfJ-4cZmPdDGQi11nA9AuZbp7BQ0XTLC97jHM7wTj1BSWHMxVCiXDzmz3XatX5qhBnbrlHkW8gtNgCfhqbA3c0wlbwVqcPHrne_X6oMqZAt5JUgbqBK50tE0hJ-iGW7R7VsBOYmUUYQLWT4JhCv97sCyvk2zXvfAwh4J4NDhXwnX1ybzKY4KoWZljCvCqLLpiJ2aU4abkt7hyPHMfJ2Up82PixnjgWq9IR8FtER_BNiokesMALt_UwjfQtybZoCLliTgsirr1_n9VSPvHBVpyY6IS4PnxEK2yiRIFpMHhvfZA1t7aQutRLN8nOSB6dv9RvFoToEIuT36C7nzXgVonagiLjWw0iyLRkB1h_yDzuQB3sU_FCLQTMCNGAX7n4Vv7NXpSs8wnWbcmdPjEnDGJdVPvtJZtO3NQ6y0C5_XCW-BqJE4StqBWuJxypCIU6PxFjD6T89rZZ-23ynmf-8GGvI-kd0mqSyFa9uyZGTghS7TZAM7JZ4EBK58ZOgWyvpO2oRyejW6ceE84Ab7vIXYaC8_ULWfIu9ZHxdpVjlh4czd0sjYT2rxZCa1Tjq8vq05jnaEcjUJjG-58PCfhomVyAt3oP-uPVqBehbB_8cPD8Rsurq4-TpJZiFNNm-h2LaELkAHg54rZN63j7kij5iOlx0gEIZM0dw7wELjizCuYglMpmfp7uyM5UmvsnHaXZZnHVzWQTrE_Ng6WoYSN67W_s9BqZt9U5SGUvwOf4-7-q-TCmcmZRaDY1LcL3TavcXS0KY56M35c_cD8OJGlo2sSFH2kLwoufYDimal9SkgILDqMzMBYjsYUEBh1BE7zYiZ8QEXwFbnwggHliiyKelnWv_ZIUJHUbkajzsAV2ZgNgi2XMEPc8EK0sPJbJ5kCQ3dVqnkpQk7-R1qTdJjoZVUlAfB7r-ZIoF2BFrxdoOzk7iR0OnG7Ld6RsSs2SXi-D1_tHyTFLVgohzCII2rGX5cpsLPCReYaH0wB00-RTzZ8EraD_4EQYDAiHcusYTVDCRKqtxW_qBMhT1puia4VNv3JW69bzhZGYgzslo9WwdySIBp3CIhJyQJQFfUZ8H_60Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFF2 0
20 B 94ms
94ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQ-xfAedIY7PeOtTl7_UPutWDmAUAAAAAOAHgBAI&bg=!DQ6lDkrNAAYeOJy_Pjg7ACkAdvg8WhUqhk2qhMVzZOO6E-sajul3XdAhuWZ99q6HUqfksNx6c7Kj7AIAAAHaUgAAAAJoAQcKADwJqa6_-7Fx-pTm2NO2wpELD79bP4qTZHN1c1WfP2mhuhCii3JrfhNgUvYxyLDeDCCF_QKzPHalK0C4yNyZAuFeu63Vai9HMoHb5hlY_fuYoWJ9ayIdHm3mmQEYAy66A-r3Ky28l7Mh2ut607Oodx03sfg89ZJ03bzAndFgM_vTLpeOJIh2V5GXel_jylnM4NM8YoeajDRckEGNHfD0WVS67irQumQHUjeKkmlqywMZSQESoJjtNFM7xNIg0ZRndk9-6vOVFc4ti2CE3Y0o07fjnudfhgzNeFKdfpJcrgtefvB4WayDCOYcVaLFv5_1BMqRrw25yMDQ1RPPr-Pt_bftjgYgj1GZS4tSpqfFiZBs1Tk9hlO7Qfm7Ql2fK8IFQ_cDBzmP9FX1EEN0FNsByMCL00nQeSTQpeeTQlbjOGunvnbsts7q6_6clHt_rDVXBOWObQmVuBZLXW7lw7vCScMAT0Uq6n5VqQg1T-ZBl3XXnQsrxeER_nEaxQo450tC78XlQuDSpdR_pnx4h7w9ubD-pXmCAWHi94db46p9SWbDP32Ppbd5ZKjTLnEKfmJdG6rdSzq0bIKcAr7BOhc3Q6ACsKLXQfUO19tEHrHs7kbqtLRm0wZYvjU0k8UUFSA_vXUrR7bBVtXq7SkKkyq8hsldJv7DgyTyIzT8sVmuweVlngUUEEQFvZWaA_MNnDudB12XmqX952DoZm7k3xL55XOwsO9ow1qiwYGIR4KTw-J4oWB9xh7CwcNMebfO9H9qVuQN_NVyNRLkrKBFhFJWXuxpO6wY2VjluInxyomY5ytK0tNzQRs83HtL3GMXOBLRGP7-2pKFjR3bJ0UCtrbWL-kll_ZfhUZnbk89Rl6ShYupQtbpshMyKdVTxhT_8Xe0zqJLn9AODOOVLsoAUEZbE1fcbSLmLLNxLO53MWN2ZbSnzRC5_8bSQJY8632uZjo9fZRxwrcl3PEZE1rwKrwAgYHT3KvvaH7orgYs1_Q1ceuoobhCclP1QCchDV4s6SJxv5U0rxV33Z9f1seFisnbwlH-ttOOE0TvMb0THddRP_OOSw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4257 0
20 B 92ms
91ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOPVnAedIY72OOaDA9u8PyZSRsAUAAAAAOAHgBAI&bg=!YmGlYSXNAAYeOJy_Pjg7ACkAdvg8Wr8D-9298KMAMSe2NK7W3C2wRxpOu7K1dFWjaut0EzJHlDWTfgIAAAIdUgAAAANoAQcKADkCy58TeDMfHwyq5ttq7ujf7460Nhoo8c6ihAA97pi1mfBGdRYYwR-cJC_GsOEDHgIjSafp4enmMrSZAtKnbBfpViXJo3B0re3ilAvI1t3i4WuKXXkDja_VLfCjy_f6g11Y5mvo2EfuyI3y7QqedvAeVC0cRXR1jbb_zniveBJWAHPDj1VAtmwI5pRIKXRjjKuI7C08i6Ujhm8GyKi8VhIAxkwMR4PbUIz_EE07qFKi1jdG6BBG5zrUmP9myeiuLrRocYpB6mBA9na0ScM4P204Qfqwq8xZZLXGjwPZCEP_v35P7p24_J6Mk9OPPc2QqYTjVrHgIlXiGlMdEScPSLGt7U0GYV_1Yf7GftTRzcys1mg6WLyzdW7tO9i1WqBhc7hX7_x3vHYNB7P_eC_QIyMjfM46FZly4repcEN7j_F6CK6TxxPm_BRT131Chq0U-UMgYC87j3R7m2IdDx8Q-YHGEIcSYCX2wUoLCMR7WLRYhOW8Mw89PR8wx8wYtAbYV1kXfCKCosM6ZP8vFlRLd25G_LQE4O6NWhVVXr7ED_1b9FXFcO7A1liq3jE5ZhgNsp-rGAJvB0zeZRI5OVQFaB-MBKzKL45VJu2kyN_Sef83pmUEkeslkQteJpBPu-dYYrD10YXwAGZxM9hEDgFn9n6a8AdU1lcGKXyh7DHImCVmy44dzJPA4UcIzL7qCBpVOlU64XZsJvksBlHrvgfenj3nOmELN1-d1oWJfhgZNE8FLRLLr8LX_4kWSZ1hnmtO2GPYfV8fbg-g64x-ir9vKyaFrEJ4pu5GfgSkwrAt9u7wkJ1tKBGcCSF4jAIesYKqh4MD-gg7qwB3v7K2bqNpgz2n85-QC0kSDkylJ60MKkl4TChOXtTtycQwHf2WO_FWo_nJttnlImwLS84vzm89YNPpccHy_rcNAvcjDwFNDUw3RNQDErQ4KuTL6ZArufrHnuhwWAAxiiClS_kiZQ3awVuyFoleSgWmBHUrBabUa2n4qbZM3W5cObhY7_7gN1PDjpSLJkklGbb6CrZXDbpE2g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 081A 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BK8IVAudIY_PdCcnOgAeGrKuADQAAAAA4AeAEAg&bg=!NjWlNXHNAAYeOJy_Pjg7ACkAdvg8Wgxc8UGdylHyjIK87w5v9SWuhD2mhMdYMW3LLAVQ5E6xPu35YQIAAAHHUgAAAANoAQeZAvcHgHpj6OhydHov7SMCPrhM2-bf665HRDCtkSbQZ6lgy6qY8dSyM5pwyQiln3APEoFX65I8QAlY0QPi3twE67irJEhO5EhP9ueufbSiNRQbNdKQoL71D4kKV6aCd0DoizgUQ9FnViRdIUuq6DIKdXMk9mGuUXrQulmzh3kV4oAMm9auMTN4gngE6SlYQp2bkH7HYGSJQsyfcunyZLou9x0_PT6fZMxMev9faeo2DW2X0w0zX21mRAq0Eitic6lKn5_PlJE67h89pOARmLdOJJ01_S8rTkp-pXXTfmHCo9uhshh2nrHuOpLOoRRdcxb__kw7Imv9vkU7ZhZQKwtU01WLhFO9vsvbuiIywMBlhBtIq_W7dIF_kcxUzAYuAfQlk13NcK8WfaArO8IwhYNW4G46P4vfcCzAZUVrpPBN-cp1tvXyymJ187A-q5fQxPLYxVo5oqE87ne__UUeFpp2q31DLbl5uoQLvlLmYbSl-SEfwcuXJa_rbnFMfTMeS2IKVqIAPrMN7uOLLU31dfR_39rCMFB8BVuT5BIAqOhEIMrcTlpUA3eBcQIsvliEAu7GGCBmrYIKOCrwu2BW6OmLCsQ9KZpuItZtj8zEftP4yCHhXmrBuUfMAXxxAXVYmDuS9sAuyPOiuz9vC1LAPU0yIkSG7BuwnlgLVyq_vS9B3ZKFc8dXuFQASGkS1h1iGzGfdmgvUXtqs-HUaT_K18CGDCUC8ELiHh5wzZ022Jnnci9I0FiYiKwt218qvM0rd0--cDzIHcg8OtaCI_dm-XAbOPq8a4aJ4QSOc9YusDD9v_fEejRgRZtYGrNOT_koBeCZHcE2YY6H7vnQ5GaHcYs6DwaQbhTGPgxJcw8NVY5-pXjeJuuSOsPJqpWNyKSdacvpeopeZe023AZrJWgMGNVSGNeqJP1uk0J3xgn5OW6RxbgdW4YL-6gLuKpkDZhFxNwJC3PCXML8CY-EjXUofxh1FQ_HVcDOolQU1pzfs5ATUa5veltzQO5kOW0

Requested by

Host: fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
URL: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 avw
neural33.cdnwebcloud.com/ Frame 41CA 0
105 B 40ms
39ms Image
text/plain 54.154.96.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural33.cdnwebcloud.com/avw?553889352542&tc=84886&n_o_oas=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.96.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-96-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 14 Oct 2022 04:35:15 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 41CA 42 B
64 B 174ms
91ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVe9W7Eqo2nAr5dJamMXUP6LtXB4iKPJq2_xywZUUuCoZohXYErF-xjZgFZrnCfZnFH_LQz13Ki-4MXlxTb9Xn47wi3c7p0fx5-vw8l-kSLnAwGjvDN5B3zrhO22rg6se1RImSQw&sai=AMfl-YRiX_EefKA_NJ0WiFE3BQteeHw5mHK53EwfyYv-yCSQlPuqf77cl0TrKctRQ0k906wHUpyAs8oGL9X0awBOzmrlhsZKDK8V6b2aYiqcMKGGRwD9Mf0Il9DYt_marW0&sig=Cg0ArKJSzC3lWxwsvlFWEAE&cid=CAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4&id=lidar2&mcvt=1002&p=498,1055,748,1355&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2774183634&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665722113907&rpt=576&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 124ms
38ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Oct 2022 04:35:16 GMT

GET
H/1.1 200
OK cntcm.aspx Show response
inv-nets.admixer.net/ 61 B
524 B 41ms
41ms XHR
application/json 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/cntcm.aspx?ssp=9b31984a-ba46-4a8e-8f95-c4f057ed616c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c065f73e8c1c2916cf1f7d04d27ce6743fe567a024a2cf0e0fd2599ceff19835

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fbu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 14 Oct 2022 04:35:16 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://fbu.ua
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
X-XSS-Protection: 0

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 48ms
47ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=44409016d2bf44208075ffa918bd053f
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,mc_hook,pubmaticBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=1259082910
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 14 Oct 2022 04:35:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1 200
OK setuid
ib.adnxs.com/ 43 B
776 B 36ms
35ms Image
image/gif 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=533&code=44409016d2bf44208075ffa918bd053f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 04:35:16 GMT
AN-X-Request-Uuid: 88a29ccd-85ce-44cd-90c8-eecc05db2e3e
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content sfaf25.gif
us.ck-ie.com/ 0
129 B 105ms
104ms Image
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.ck-ie.com/sfaf25.gif?puid=44409016d2bf44208075ffa918bd053f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 04:35:16 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NDQ0MDkwMTZkMmJmNDQyMDgwNzVmZmE5MThiZDA1M2Y=&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEG2o36E8GZVYUmrtJpnDqs0&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=44409016d2bf44208075ffa918bd053f

35 B
351 B

44ms
43ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=44409016d2bf44208075ffa918bd053f
Protocol: HTTP/1.1
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 14 Oct 2022 04:35:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Fri, 14 Oct 2022 04:35:16 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=44409016d2bf44208075ffa918bd053f
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/gadx/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=NDQ0MDkwMTZkMmJmNDQyMDgwNzVmZmE5MThiZDA1M2Y=&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESECOWnkGxc5GoEeOLpD1Niyk&google_cver=1

43 B
463 B

41ms
40ms

Image
image/gif

146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESECOWnkGxc5GoEeOLpD1Niyk&google_cver=1

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 14 Oct 2022 04:35:16 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESECOWnkGxc5GoEeOLpD1Niyk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 323
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0A53 15 KB
6 KB 116ms
39ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=fbu.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fbu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:35:15 GMT
server: Kestrel
server-processing-duration-in-ticks: 772385
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 162ms
55ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fbu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:35:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-161a8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Oct 2022 04:35:16 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0A53
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=fbu.ua&sn=ChromeSyncframe&so=0&topUrl=fbu.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=gEGPnHxFZjlQMkpFTzJrVjliU0VLbDFwaEtKMHl5M1k0ekJCNWo3YmVBWFdYMmNadUo3N29aVnlEZ29VbHpzL3d3YW1rOFJVTHhVVHRzcFFaajR5cFFKTTE2SGZtdEZ3NEhzaldZb3lOcmdKSENEMklkcG1qdjhqTHBVMi...

428 B
655 B

180ms
36ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gEGPnHxFZjlQMkpFTzJrVjliU0VLbDFwaEtKMHl5M1k0ekJCNWo3YmVBWFdYMmNadUo3N29aVnlEZ29VbHpzL3d3YW1rOFJVTHhVVHRzcFFaajR5cFFKTTE2SGZtdEZ3NEhzaldZb3lOcmdKSENEMklkcG1qdjhqTHBVMi9RZktCNlRueGlVakt5MERrMjZWWEw2aitleXN0cHhXYzYrVURhbkFRd3BWdzVHbGFkdllDd25GV1pTVTN3Um9wVm1pMXBrZVBneU5vOTFkTUNaYVZ6QksxaWJpWjhUL2g4NFZEVUtOM1hCZ0c0aUUvcWxFTys3aU0rTjFVUzE2UldiNGI5YTZjTWh2djFpSnZ1MHFSRzJySHFCd1o2dz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b6314cb2150b9da862a0b2161a0569597f23ffa5e46a1b28833092a0a0d50a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:16 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1795764
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:35:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=gEGPnHxFZjlQMkpFTzJrVjliU0VLbDFwaEtKMHl5M1k0ekJCNWo3YmVBWFdYMmNadUo3N29aVnlEZ29VbHpzL3d3YW1rOFJVTHhVVHRzcFFaajR5cFFKTTE2SGZtdEZ3NEhzaldZb3lOcmdKSENEMklkcG1qdjhqTHBVMi9RZktCNlRueGlVakt5MERrMjZWWEw2aitleXN0cHhXYzYrVURhbkFRd3BWdzVHbGFkdllDd25GV1pTVTN3Um9wVm1pMXBrZVBneU5vOTFkTUNaYVZ6QksxaWJpWjhUL2g4NFZEVUtOM1hCZ0c0aUUvcWxFTys3aU0rTjFVUzE2UldiNGI5YTZjTWh2djFpSnZ1MHFSRzJySHFCd1o2dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 687202
content-length: 0
expires: 0

GET
H2 200 logo_sup_entero.svg
adno.cdnwebcloud.com/store/creatives/1687/ Frame 1313 15 KB
4 KB 89ms
87ms Image
image/svg+xml 65.9.66.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adno.cdnwebcloud.com/store/creatives/1687/logo_sup_entero.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23ef5d26402672a39b114878db03786941e00066024e8eb0a463c620085e776e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://adno.cdnwebcloud.com/store/creatives/1687/index.html?tc_alt=84886&n_o_ct=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0e9IAedIY-KxIqS5x_AP2cGmuA2dsIvMa6Hd9NLDEMeNmbGFMRABIOPgvCNgu4aAgNAKoAGTjM_uAsgBCakCjC0yCFRjsD6oAwGqBOQBT9Ccrp-ngohSmkPHOS4JE7BOGX2dzHNM-wRG-TVk0z9-kElbl9g9dmmVcjuLH7exxlcYmv2RrG4zWRxt8UOhFw8M8aX7Kgqim4cbV77Zen5ZzjoXvezrl8VORgrImwCMpbRFfRZmYo8W_77H9nIpYTkTDTYzrZFQqcVdTj_tgbJC51e1LZ2bc5OhQnoh_8UnLO14lu1UsLtTg5n87UsEbin9BtY5NVz_kvzEbd8_aR2I_C4zL0MI_cOehRrwmk6ao-Ub-UV68gQnM8wN-2PQO9eSS16wyzAZeItlkL3Ct_dx1L0kwAT7xJXvgwTgBAOQBgGgBk2AB9XzsJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPG378Q0BMA2BMNiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4%26sig%3DAOD64_3gq3Ss0JkzwPt03n6IUWE1UZs4Kg%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-BLxU8iqnm_a751PciGlVWslOenceRjtikqVl4lO19jh-GZvn9QPnU1oI_0mTd1k9SmJh8T2naEyDPHrBGZuaK1mkavQZM4JDAKi5FmgGyC3VRCdoUdpgjnddn_PlSibH22uGLNySNU-jx6JuhH9M25tsYTn9mul45Fkn_LJ-sWVe_naw4%26cry%3D1%26dbm_d%3DAKAmf-B5Wa9agM3kZwt9jnjSVz-kbXpeEMskEZovoEO0BDxxBfkFxQypapIzZHMPmO5oJ_er_5ozFwfTPhGLMzZnGOUYfXjPNjcYySVjDNqy21KNJA0XtL13tUvKv6kMPpq8zTDix_frP8FZlQn5ejk0kZ4aBKSca0GOhtQ7zdnjFAMQgxemvDwCH1j7P8APFuvK5g1GUHPUkUV85_UOuZIvZtGYaeMZfrjLn32zRRwguWsthlgrhISee60L5H06TUPff8y1QafdJjjeAxqSVeQhIQqx3f96BXOzvIDlVab3DHy8kRyFmkhxs83TZR5eOSaCD8FaX8QiFNox8_sRmsydXVOxZ9E73RCQNIjPi-7xUwCjas9DwVFUo5-YjVllDytWimgReOvCa7cayEucUJJ-4FE6dQeDL7a-p7zUU0gK_1PDySPy33eo8cUOB-zbIQwZ8PULWr1J0GKNV_nuZrY7YTC7Ge19rVpUZwyNptBi9-nGkm9z1y1a2-k1DpADrHA7VpSEqX-4DmNxKY3G9zhnOpMGZPLkEg%26adurl%3D&n_o_crd=https%3A%2F%2Fneural33.cdnwebcloud.com%2Fatc%3Ftc%3D84886%26n_o_ord%3D%5BCACHEBUSTER%5D%26url_n_o%3D&n_o_cu=https%3A%2F%2Fhotelfarolopesancollection.com%2Fen%2F%3Futm_source%3D22Grados%26utm_medium%3DBannerV2%26utm_campaign%3DMediosCollection%26utm_term%3D300x250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:13:21 GMT
content-encoding: gzip
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified: Tue, 30 Aug 2022 12:17:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4917
etag: W/"da08fd0375a6f0937b1c75f2e27867f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
content-disposition: inline; filename="logo_sup_entero.svg"
x-amz-cf-id: PSA39AE4MtkBIIEJfO6Tvh4unhitRAcEcMiF6CJ8C7CMTjofszaxOw==

GET
H2 200 all_inc_hol.svg
adno.cdnwebcloud.com/store/creatives/1687/ Frame 1313 8 KB
3 KB 42ms
41ms Image
image/svg+xml 65.9.66.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adno.cdnwebcloud.com/store/creatives/1687/all_inc_hol.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9e13348f91f647b1d27a57e83ea73e2ebcb3abebb4a4ac1ebe01fff72547dd5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://adno.cdnwebcloud.com/store/creatives/1687/index.html?tc_alt=84886&n_o_ct=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0e9IAedIY-KxIqS5x_AP2cGmuA2dsIvMa6Hd9NLDEMeNmbGFMRABIOPgvCNgu4aAgNAKoAGTjM_uAsgBCakCjC0yCFRjsD6oAwGqBOQBT9Ccrp-ngohSmkPHOS4JE7BOGX2dzHNM-wRG-TVk0z9-kElbl9g9dmmVcjuLH7exxlcYmv2RrG4zWRxt8UOhFw8M8aX7Kgqim4cbV77Zen5ZzjoXvezrl8VORgrImwCMpbRFfRZmYo8W_77H9nIpYTkTDTYzrZFQqcVdTj_tgbJC51e1LZ2bc5OhQnoh_8UnLO14lu1UsLtTg5n87UsEbin9BtY5NVz_kvzEbd8_aR2I_C4zL0MI_cOehRrwmk6ao-Ub-UV68gQnM8wN-2PQO9eSS16wyzAZeItlkL3Ct_dx1L0kwAT7xJXvgwTgBAOQBgGgBk2AB9XzsJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPG378Q0BMA2BMNiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4%26sig%3DAOD64_3gq3Ss0JkzwPt03n6IUWE1UZs4Kg%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-BLxU8iqnm_a751PciGlVWslOenceRjtikqVl4lO19jh-GZvn9QPnU1oI_0mTd1k9SmJh8T2naEyDPHrBGZuaK1mkavQZM4JDAKi5FmgGyC3VRCdoUdpgjnddn_PlSibH22uGLNySNU-jx6JuhH9M25tsYTn9mul45Fkn_LJ-sWVe_naw4%26cry%3D1%26dbm_d%3DAKAmf-B5Wa9agM3kZwt9jnjSVz-kbXpeEMskEZovoEO0BDxxBfkFxQypapIzZHMPmO5oJ_er_5ozFwfTPhGLMzZnGOUYfXjPNjcYySVjDNqy21KNJA0XtL13tUvKv6kMPpq8zTDix_frP8FZlQn5ejk0kZ4aBKSca0GOhtQ7zdnjFAMQgxemvDwCH1j7P8APFuvK5g1GUHPUkUV85_UOuZIvZtGYaeMZfrjLn32zRRwguWsthlgrhISee60L5H06TUPff8y1QafdJjjeAxqSVeQhIQqx3f96BXOzvIDlVab3DHy8kRyFmkhxs83TZR5eOSaCD8FaX8QiFNox8_sRmsydXVOxZ9E73RCQNIjPi-7xUwCjas9DwVFUo5-YjVllDytWimgReOvCa7cayEucUJJ-4FE6dQeDL7a-p7zUU0gK_1PDySPy33eo8cUOB-zbIQwZ8PULWr1J0GKNV_nuZrY7YTC7Ge19rVpUZwyNptBi9-nGkm9z1y1a2-k1DpADrHA7VpSEqX-4DmNxKY3G9zhnOpMGZPLkEg%26adurl%3D&n_o_crd=https%3A%2F%2Fneural33.cdnwebcloud.com%2Fatc%3Ftc%3D84886%26n_o_ord%3D%5BCACHEBUSTER%5D%26url_n_o%3D&n_o_cu=https%3A%2F%2Fhotelfarolopesancollection.com%2Fen%2F%3Futm_source%3D22Grados%26utm_medium%3DBannerV2%26utm_campaign%3DMediosCollection%26utm_term%3D300x250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 06:05:08 GMT
content-encoding: gzip
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified: Tue, 30 Aug 2022 12:17:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 81107
etag: W/"a954861a5ae163c2aac879e920ac4538"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
content-disposition: inline; filename="all_inc_hol.svg"
x-amz-cf-id: 9-QNray47qDVEs2Tyd4yFOZo-ohrlKo6qbZ5VEgs1weNVcHYTxeEXg==

GET
H2 200 CTA_EN.svg
adno.cdnwebcloud.com/store/creatives/1687/ Frame 1313 4 KB
2 KB 42ms
41ms Image
image/svg+xml 65.9.66.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adno.cdnwebcloud.com/store/creatives/1687/CTA_EN.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ffbe1eb922ba41596aa016b210486e542f2eaaf6bb59f70abd0c7384c5708eb9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://adno.cdnwebcloud.com/store/creatives/1687/index.html?tc_alt=84886&n_o_ct=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0e9IAedIY-KxIqS5x_AP2cGmuA2dsIvMa6Hd9NLDEMeNmbGFMRABIOPgvCNgu4aAgNAKoAGTjM_uAsgBCakCjC0yCFRjsD6oAwGqBOQBT9Ccrp-ngohSmkPHOS4JE7BOGX2dzHNM-wRG-TVk0z9-kElbl9g9dmmVcjuLH7exxlcYmv2RrG4zWRxt8UOhFw8M8aX7Kgqim4cbV77Zen5ZzjoXvezrl8VORgrImwCMpbRFfRZmYo8W_77H9nIpYTkTDTYzrZFQqcVdTj_tgbJC51e1LZ2bc5OhQnoh_8UnLO14lu1UsLtTg5n87UsEbin9BtY5NVz_kvzEbd8_aR2I_C4zL0MI_cOehRrwmk6ao-Ub-UV68gQnM8wN-2PQO9eSS16wyzAZeItlkL3Ct_dx1L0kwAT7xJXvgwTgBAOQBgGgBk2AB9XzsJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPG378Q0BMA2BMNiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4%26sig%3DAOD64_3gq3Ss0JkzwPt03n6IUWE1UZs4Kg%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-BLxU8iqnm_a751PciGlVWslOenceRjtikqVl4lO19jh-GZvn9QPnU1oI_0mTd1k9SmJh8T2naEyDPHrBGZuaK1mkavQZM4JDAKi5FmgGyC3VRCdoUdpgjnddn_PlSibH22uGLNySNU-jx6JuhH9M25tsYTn9mul45Fkn_LJ-sWVe_naw4%26cry%3D1%26dbm_d%3DAKAmf-B5Wa9agM3kZwt9jnjSVz-kbXpeEMskEZovoEO0BDxxBfkFxQypapIzZHMPmO5oJ_er_5ozFwfTPhGLMzZnGOUYfXjPNjcYySVjDNqy21KNJA0XtL13tUvKv6kMPpq8zTDix_frP8FZlQn5ejk0kZ4aBKSca0GOhtQ7zdnjFAMQgxemvDwCH1j7P8APFuvK5g1GUHPUkUV85_UOuZIvZtGYaeMZfrjLn32zRRwguWsthlgrhISee60L5H06TUPff8y1QafdJjjeAxqSVeQhIQqx3f96BXOzvIDlVab3DHy8kRyFmkhxs83TZR5eOSaCD8FaX8QiFNox8_sRmsydXVOxZ9E73RCQNIjPi-7xUwCjas9DwVFUo5-YjVllDytWimgReOvCa7cayEucUJJ-4FE6dQeDL7a-p7zUU0gK_1PDySPy33eo8cUOB-zbIQwZ8PULWr1J0GKNV_nuZrY7YTC7Ge19rVpUZwyNptBi9-nGkm9z1y1a2-k1DpADrHA7VpSEqX-4DmNxKY3G9zhnOpMGZPLkEg%26adurl%3D&n_o_crd=https%3A%2F%2Fneural33.cdnwebcloud.com%2Fatc%3Ftc%3D84886%26n_o_ord%3D%5BCACHEBUSTER%5D%26url_n_o%3D&n_o_cu=https%3A%2F%2Fhotelfarolopesancollection.com%2Fen%2F%3Futm_source%3D22Grados%26utm_medium%3DBannerV2%26utm_campaign%3DMediosCollection%26utm_term%3D300x250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 08:20:21 GMT
content-encoding: br
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified: Tue, 30 Aug 2022 12:17:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 72897
etag: W/"12ea44e86d7c2418a2608e145f8197c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
content-disposition: inline; filename="CTA_EN.svg"
x-amz-cf-id: 4w4oYipNS8boOnZindX613mkN4lAYDuq-_BzPc2MkxNxHLMVXwKwNA==

GET
H2 200 BG_ABORA_ESP_RETARGET_300X250_1.jpg
adno.cdnwebcloud.com/store/creatives/1687/ Frame 1313 57 KB
58 KB 52ms
52ms Image
image/jpeg 65.9.66.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adno.cdnwebcloud.com/store/creatives/1687/BG_ABORA_ESP_RETARGET_300X250_1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: deee87a1690df80942f5e88a14be4e5287aa0301ada205e2ab23abca94991bfa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://adno.cdnwebcloud.com/store/creatives/1687/index.html?tc_alt=84886&n_o_ct=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0e9IAedIY-KxIqS5x_AP2cGmuA2dsIvMa6Hd9NLDEMeNmbGFMRABIOPgvCNgu4aAgNAKoAGTjM_uAsgBCakCjC0yCFRjsD6oAwGqBOQBT9Ccrp-ngohSmkPHOS4JE7BOGX2dzHNM-wRG-TVk0z9-kElbl9g9dmmVcjuLH7exxlcYmv2RrG4zWRxt8UOhFw8M8aX7Kgqim4cbV77Zen5ZzjoXvezrl8VORgrImwCMpbRFfRZmYo8W_77H9nIpYTkTDTYzrZFQqcVdTj_tgbJC51e1LZ2bc5OhQnoh_8UnLO14lu1UsLtTg5n87UsEbin9BtY5NVz_kvzEbd8_aR2I_C4zL0MI_cOehRrwmk6ao-Ub-UV68gQnM8wN-2PQO9eSS16wyzAZeItlkL3Ct_dx1L0kwAT7xJXvgwTgBAOQBgGgBk2AB9XzsJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBPG378Q0BMA2BMNiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPACsnQUxw5sfGhusWMXrU1zoS5dEt4WydEmCsTpV1ML_yDmXdsxnLZxU7sX2i_VcS_md3fRQBZ6vQrMqwhgBIA4%26sig%3DAOD64_3gq3Ss0JkzwPt03n6IUWE1UZs4Kg%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-BLxU8iqnm_a751PciGlVWslOenceRjtikqVl4lO19jh-GZvn9QPnU1oI_0mTd1k9SmJh8T2naEyDPHrBGZuaK1mkavQZM4JDAKi5FmgGyC3VRCdoUdpgjnddn_PlSibH22uGLNySNU-jx6JuhH9M25tsYTn9mul45Fkn_LJ-sWVe_naw4%26cry%3D1%26dbm_d%3DAKAmf-B5Wa9agM3kZwt9jnjSVz-kbXpeEMskEZovoEO0BDxxBfkFxQypapIzZHMPmO5oJ_er_5ozFwfTPhGLMzZnGOUYfXjPNjcYySVjDNqy21KNJA0XtL13tUvKv6kMPpq8zTDix_frP8FZlQn5ejk0kZ4aBKSca0GOhtQ7zdnjFAMQgxemvDwCH1j7P8APFuvK5g1GUHPUkUV85_UOuZIvZtGYaeMZfrjLn32zRRwguWsthlgrhISee60L5H06TUPff8y1QafdJjjeAxqSVeQhIQqx3f96BXOzvIDlVab3DHy8kRyFmkhxs83TZR5eOSaCD8FaX8QiFNox8_sRmsydXVOxZ9E73RCQNIjPi-7xUwCjas9DwVFUo5-YjVllDytWimgReOvCa7cayEucUJJ-4FE6dQeDL7a-p7zUU0gK_1PDySPy33eo8cUOB-zbIQwZ8PULWr1J0GKNV_nuZrY7YTC7Ge19rVpUZwyNptBi9-nGkm9z1y1a2-k1DpADrHA7VpSEqX-4DmNxKY3G9zhnOpMGZPLkEg%26adurl%3D&n_o_crd=https%3A%2F%2Fneural33.cdnwebcloud.com%2Fatc%3Ftc%3D84886%26n_o_ord%3D%5BCACHEBUSTER%5D%26url_n_o%3D&n_o_cu=https%3A%2F%2Fhotelfarolopesancollection.com%2Fen%2F%3Futm_source%3D22Grados%26utm_medium%3DBannerV2%26utm_campaign%3DMediosCollection%26utm_term%3D300x250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 05:46:53 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified: Tue, 30 Aug 2022 12:17:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 83963
etag: "c399b43c6b8b9b68245840b2f3426803"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
content-disposition: inline; filename="BG_ABORA_ESP_RETARGET_300X250_1.jpg"
accept-ranges: bytes
content-length: 58759
x-amz-cf-id: pC6SS1QUsOUoknvFFrDcM3FSr1RwOB9l9eHuHNmunYluX4r63gQ4Fw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=27014458;s.a=3213511;p.a=324627451;a.a=516707361;cache=2600291599;

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=27389584;s.a=3213511;p.a=330816879;a.a=522993409;cache=3911944780;

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28349522;s.a=3213511;p.a=343169633;a.a=534915425;cache=2934214215;

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/gadx	1970-01-20 08:51:38	Name: am-uid Value: 44409016d2bf44208075ffa918bd053f
.admixer.net/bs	1970-01-20 08:51:38	Name: am-uid Value: 44409016d2bf44208075ffa918bd053f
fbu.ua/	1969-12-31 23:59:59	Name: _csrf Value: e96730238a0223dbc7a5ee3d36bc82dcde80ffe9fa465de442f89922866ebc56a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22JOToyv5xAIozVJNKTr2i5ZIygPlX7vSd%22%3B%7D
.fbu.ua/	1970-01-20 16:18:02	Name: _ga Value: GA1.2.632958336.1665722112
.fbu.ua/	1970-01-20 06:43:28	Name: _gid Value: GA1.2.1686987436.1665722112
.fbu.ua/	1970-01-20 06:42:02	Name: _gat Value: 1
.yadro.ru/	1970-01-20 15:27:10	Name: FTID Value: 1ZIES00NZdeQ1ZIES000118e
.yadro.ru/	1970-01-20 15:27:10	Name: VID Value: 2WSxIn1nmTuQ1ZIES000119Y
.fbu.ua/	1970-01-20 08:51:38	Name: _fbp Value: fb.1.1665722112348.536524842
fbu.ua/	1969-12-31 23:59:59	Name: Value: store.test
.fbu.ua/	1970-01-20 16:03:38	Name: __gpi Value: UID=00000b7287436422:T=1665722112:RT=1665722112:S=ALNI_MZPjtE3TnFpGGBKxbxMVR4oczCKCA
.admixer.net/	1970-01-20 08:51:38	Name: am-uid Value: 44409016d2bf44208075ffa918bd053f
fbu.ua/	1970-01-20 06:52:06	Name: am-uid Value: 44409016d2bf44208075ffa918bd053f
.adnxs.com/	1970-01-20 08:51:38	Name: uuid2 Value: 1342119886916299483
.creativecdn.com/	1970-01-20 15:27:38	Name: u Value: hfO2D7us803YMmkHZJlS
.creativecdn.com/	1970-01-20 15:27:38	Name: ts Value: 1665722112
.bidswitch.net/	1970-01-20 15:27:38	Name: tuuid Value: 542adbed-71fe-417a-a7e4-c90dc0f23673
.bidswitch.net/	1970-01-20 15:27:38	Name: c Value: 1665722112
fbu.ua/	1970-01-20 07:25:14	Name: _pbjs_userid_consent_data Value: 3524755945110770
.bidswitch.net/	1970-01-20 15:27:38	Name: tuuid_lu Value: 1665722113
.betweendigital.com/	1970-01-20 15:27:38	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 15:27:38	Name: tuuid Value: 52b6bac7-cdb0-521f-a8d9-9f64cb917865
.betweendigital.com/	1970-01-20 15:27:38	Name: ss Value: 1
.betweendigital.com/	1970-01-20 15:27:38	Name: ut Value: Y0jnAQAEIpi1l_xlNMtksobrXC1djSnyCyTbEQ==
.fbu.ua/	1970-01-20 16:03:38	Name: __gads Value: ID=da7a77a6ada7c385:T=1665722112:S=ALNI_MZoR0yCuKFLm-nRKtAC7pJipN1nyw
.doubleclick.net/	1970-01-20 16:03:38	Name: IDE Value: AHWqTUk0Dt2JgQLJkJ42jB7E6HcASPCXROdNAVOdF-G6oSDzEKTikmNIFJ5HUDUBKOs
.casalemedia.com/	1970-01-20 15:27:38	Name: CMID Value: Y0jnAvdWOvvt.cfqy-a4ywAA
.casalemedia.com/	1970-01-20 08:51:38	Name: CMPS Value: 3260
.casalemedia.com/	1970-01-20 08:51:38	Name: CMPRO Value: 3260
.adnxs.com/	1970-01-20 08:51:38	Name: anj Value: dTM7k!M41.D>6NRF']wIg2H`dpT/k9!@wnfH8K6pQK`!5=E<L5?%K>7CYi3eUc[i.ATJ169EHGY]5#X@4wP5neY4%nugO%v4VB%nl[9)f7V?
.travelaudience.com/	1970-01-20 16:12:16	Name: _tracker Value: %7B%22UUID%22%3A%22A9308F26-081B-419B-9F2B-12A61886449A%22%7D
.ctnsnet.com/	1970-01-20 15:27:38	Name: cid_05cf7f68ac2344beb3f08c29603af81d Value: 1
.ctnsnet.com/	1970-01-20 15:27:38	Name: gid_CAESEIiw5xUhVofgmGzo660SW0s Value: 1
.blismedia.com/	1970-01-20 15:27:42	Name: b Value: 6348E7028952FD209A580C79BLIS
.mathtag.com/	1970-01-20 16:07:57	Name: uuid Value: 5f386348-e702-4b00-a2f6-699e23b99eda
.mathtag.com/	1970-01-20 07:25:14	Name: mt_mop Value: 4:1665722114
.lijit.com/	1970-01-20 15:27:38	Name: ljt_reader Value: FekzqGZHHYel3dbdR4WcoaIs
.yahoo.com/	1970-01-20 15:27:59	Name: A3 Value: d=AQABBALnSGMCEGYjGLjAnrno8shtQhpseAMFEgEBAQE4SmNSYwAAAAAA_eMAAA&S=AQAAAnJUEGed80zhuGnctRQtBGI
.adform.net/	1970-01-20 07:26:40	Name: C Value: 1
.1rx.io/	1970-01-20 15:27:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-377830a7-2d62-4e91-bac6-9ae9ec4cbc06-003%22%7D
.w55c.net/	1970-01-20 16:12:16	Name: wfivefivec Value: 3L7wvV8d1OJcpI5
.analytics.yahoo.com/	1970-01-20 15:27:38	Name: IDSYNC Value: 18yx~27pg
.adform.net/	1970-01-20 08:07:58	Name: uid Value: 458736144088157388
.w55c.net/	1970-01-20 07:25:14	Name: matchgoogle Value: 5
.targeting.unrulymedia.com/	1970-01-20 15:27:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-377830a7-2d62-4e91-bac6-9ae9ec4cbc06-003%22%7D
.casalemedia.com/	1970-01-20 08:51:38	Name: CMTS Value: 1217
.turn.com/	1970-01-20 11:01:14	Name: uid Value: 2892406172322189254
.tribalfusion.com/	1970-01-20 08:51:38	Name: ANON_ID Value: amnsAGy4ZawEBA9MAJP70ZbZbZcSEoUymFExyuP980SIZbwkonYxZay9Pr9pMcbno9l7ZdcHZaAZavf1slkp9lNlD9gAZb
.neural33.cdnwebcloud.com/	1970-01-20 15:27:38	Name: n_one Value: 98ea2621-4b79-11ed-9022-0242ac110002
fbu.ua/	1970-01-20 07:25:14	Name: admixerId Value: 44409016d2bf44208075ffa918bd053f
.criteo.com/	1970-01-20 16:03:38	Name: uid Value: 31c35452-5d46-4816-8b91-dc863b55b87f
.fbu.ua/	1970-01-20 16:03:38	Name: cto_bundle Value: mO6cx18wQVB2SzVOV1VHcFAxd1ZVS2lGekNqNXZDMmpHM0U4bVJUdkNqRElpUTR1SUs4Nk93elV1aElvJTJGTzNYeHZ1eW5PYzNlRFVEUmQlMkJuRDNNNUlNUndXZkJrbFNocWlpd1lDSiUyRjNwWktNREpESUlGdHVtdkRSZlNzRGRITCUyQlFWTkxPS2FtOUg3R2FFWk5heE90dUZUdUxjZyUzRCUzRA
fbu.ua/	1970-01-20 06:52:06	Name: test4 Value: ssss

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=27014458;s.a=3213511;p.a=324627451;a.a=516707361;cache=2600291599; Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=27389584;s.a=3213511;p.a=330816879;a.a=522993409;cache=3911944780; Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28349522;s.a=3213511;p.a=343169633;a.a=534915425;cache=2934214215; Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://adno.cdnwebcloud.com/scripts/creatives/613/22grados-marca-lopesan-v1-300x250-en-22grados-prospecting-lopesan-es-22grados.js?ord=%5BCACHEBUSTER%5D&n_o_ct=CLICK_TAG_GOES_HERE Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.atdmt.com
ad.turn.com
adno.cdnwebcloud.com
ads.betweendigital.com
ads.travelaudience.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
ap.lijit.com
bidder.criteo.com
bucket.cdnwebcloud.com
c1.adform.net
cdn.admixer.net
cm.g.doubleclick.net
connect.facebook.net
counter.yadro.ru
creativecdn.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fbu.ua
fe32632680e8db39a3600f07222bb78b.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
m.trafmag.com
match.adsrvr.org
mug.criteo.com
neural33.cdnwebcloud.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
prebid-eu.creativecdn.com
prebid-inv-eu.admixer.net
r.turn.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
sinoptik.ua
sinst.fwdcdn.com
ssum-sec.casalemedia.com
static.criteo.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
us.ck-ie.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad.atdmt.com
prebid-inv-eu.admixer.net
104.18.19.126
142.250.181.226
142.250.184.194
142.250.74.194
146.0.227.109
178.250.2.131
178.250.2.146
18.156.0.31
18.157.92.103
185.184.8.90
185.29.132.241
185.64.189.112
185.64.190.78
185.64.190.79
185.80.39.216
185.83.142.19
185.89.210.82
188.42.191.196
193.200.65.6
2.18.232.7
2001:678:cb4:bbbb::11
212.42.76.150
213.19.147.45
2600:9000:2057:c000:1b:5138:8a40:93a1
2606:4700:4400::6812:230b
2606:4700:4400::ac40:98f5
2606:4700:e2::ac40:850f
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:16::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
3.126.140.73
3.33.220.150
34.96.105.8
35.186.193.173
35.190.0.66
37.157.6.241
37.157.6.248
51.89.9.254
54.154.96.207
65.9.66.45
65.9.66.67
69.173.144.138
72.251.249.13
8.2.110.114
88.212.201.198
91.218.214.18
0139874a4b1999b28cc3821d6b70cf77dcb51e4a0c197a5aecff141a3ede1f81
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
043920c8260014c96ca227f7857b2d1011de812662a72c914e78774f912cf987
0455e8cb4379a4ce87b4602eb0edb999338809d299c412e5047868cbda6d4f44
0464bacc1a56eb5a6c41e6f723ff9d10f05fc3bc0d7e195fc36f79de836ad6b6
05d8d7446846c643ec93f739c9b57f749a914fd9e0e2a89c6e8ebfdf78778642
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8
0adb253f1936a498f71414d7807eb2feb8fc7269a8eda6146ef73627aa0ea898
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba2a61b0da48f358260adaac2c03bffb0e0bded9c4feda7c3bd005a5073b552
0fd02348665a1977a1200b885f9a99d952b64523259924cebe10bf3372a95826
104a099fd12f846c24c7375b82d1d13137bef45b2724ffbc9d8e9de93ad3eada
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1084e647373106ea035e98b202bd81437858e81f10caa18163173ef462a58eb5
10a9a6de10070e1496b24cb94d6df38b21ca113e249a6c41d13326eea7386da7
10e4ebacf9fdc329d721a17f2a0d42fc77def0cf25766d0450bdff232a27d97e
110ca78a6fa25805c2b3ea404d16acc17582a783a76daf1992c5d043058a0100
1175b8dc9cf5f18c2d8842db0e2af0d65dac4ff66b230c16965f10e4ad7efb3b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1460adaed8878b17e05ad122c84c181b9f475a925bd08f1c561a196f459d7b81
14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3
1666c73b0b582cab62cebc5cd1df47647f1a3b53714eea4999de9211d3c8e811
17bab718670e2e3bab91f191c47218db2c368659c89a8c4b30569785b0494a49
18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af
1886411e5b9625d7100d3123e759ef12e8833401b69a57553684ab77d4393dbf
18fc9e6e33922ff6c851213c5cc537537893a1203a999b1bf488f54b8114f9be
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
19d119447df71ea31ced3776d9357a0fd20bb41f49d91269ac4195f6fac12724
1ce9ac0c8dfdc87a757563dc664a31c5b1b40258f2959566097d7556b1068f78
1d286aac33ff5c45ddbefb5aaf97e960c3f6705482d95bc79d5899041adcb5c1
1f0683bab944dcdf2f515d0c0239652f37ab8f308a48ace4046443a1d1977cf6
1f195dd81114e17430de9ead33a5d1a05f37623b2c5d622317e5a3e7afd64c4a
211e76cc19b1ef64fcb783b88e71e7180ba0c81fbe6eed6d0b8135c280635cfa
2124c802121c8ee57dfc4089d22bcfac2bc46f55c575ca55e367490e54b13061
2335849d005412b688f069c4b22ca3ae4769aa9e8fcf955300337ab6c864d71a
2395814a5ba2979f0332ceb8dfb03c278289a2d54a862d6b3d033834e2e26388
23ef5d26402672a39b114878db03786941e00066024e8eb0a463c620085e776e
24cdb0dd17de61a592f8a8a3418590a32e05b7b2d6fe65d2a40cc1eefc1cd449
278ce823f1e395ae1ca9e2edf897e52daa3ea90ee2e7a5b78a7999e45619e043
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c96e2ea6f1713dc941a7ca26bc3ae1d163c8c1830c3015da40f8f7fa3ef97f8
2d2c633510fab074bcb369197749bbdf51605de89d9ccaac52803f94ab0ce632
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2ebc5dfa842742dce4db4da7771e98da6e925dfd88ad6b005bf3f9658cd5464d
2f25b6c3caa4710be57c217781d9c9b9c862982c78773487f2a4fb8c22f9635b
30176507c26a6cd85f2b10339acb0edd3ebbc343f125757ed20724178705ba7d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33a760affd2746dd6537ba5b400f0374bc9ec4493f2cb38798994d0fbc7c0a77
347bb5263c4ecdd7ebeaf380cda54c1289d6ac6061cda1dc1ae8a6acec97291b
363ede10c6ee5e0531301152d3a54bfc2db8efff53419a031e686ff399ba59dd
37891cdd39c0477728c977368ea63c3b93a78a7c2ef743ab5a3f8887cfef006e
3a404fbaae5a7c923d84b91bfa720d4f823cc0cae68c7c5f48a4d4d9b351ca31
3a92718af21251034cb45090b0a8bfc6d4fece89fd2cf7a69f12cdfcc830e19d
4280b85060284a2d4bc4a7c3c24eea145dfabc876dc0056057c3fe94f1e24ae9
4436c1658be46276577ad84141f0ae8007f84d69e396b4c3f731329a9e547afd
45abfe92617efc248736f0958fbb2677c76968366185994a5352b98210bf60e1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498dfaf68aabc43125a258dd9f4b0fab4c7f7b2b1d93521743d20047cf378711
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e2af3b901e91efff5ed19dead110fc98d0b5e04617bac299deba66486891f7e
4ede94b9c80451a79c3f5150497d8263bd24ef024f42c672571f744e002e7d4c
4f497c99423d3ef06f347c5c2adfb8fb9fe6724c89a4792e3f170d6d22fbcf2d
4fd92c5018479ddd28e9a3032ab6416c35efe75a65441b06e3cbd56ca19ea95a
5015e53b1ed71961ba1c96e253724e8d67f2ba0091d23a732f96a85f8780b4f0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52b217d997fdb001d98bce72bd236ce1330b42f07d3b21a27ef0785ad354e5ab
52e0986305d8d469da060f63d936026847872cbc7788c6fc6dbd4ed79f048708
5533f7b486c954dfc9d2d381c0f6840ce5049686a7281ab9faf8ec005ecdd841
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ae8084a1f412356c3e67087d606170c4518a5dc24c871fc925459686c5b6cc
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c94f1f248a67a5a8fe23dc02ebc2108cae1b26f7b33ca88dc97fa5eafe705cd
5d64e4814ec56daa81772d46f48c38a097fd15dfe8b5a5f0abf690218655c3a2
5e61a6ffef714ee0a0c1afde01be15088eecab94ec95f09c1493313596020cc1
5f1efb9d3d383608023bec8b3da35223890186043af8762c9934f5120b298549
60dc9e41e67f63eda2f73723a26335632993eccb8633c480e5878183fa9dcea0
60e7ef274d0263042af1eccd0a2f25ae706c91f36931f134017b71f3fb8a17ff
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6276169ad9b8423750bdbbf268a643fc7311efbc382f27f57da8cd7dc94b4bdf
6278dd32eb9e6a520d6d20b4fee5446609e3ffbf5488ac61e9c618821bce6761
647e878e0a88405df5f8fa5f6f8a4c015b9e6933004e622f37f6251312bd9cff
66269bc7bbb62f55ea8b5926fdc3054a3aaf4f5ddc0c49551de562a9c6bd5785
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6c886518dd2d1f700b72d1339199c5ab235e348f81e6e95c870d2f34cea4271e
6e8a24115031c0da0e68a9449911c0a43967125946f17f2b39d210899d907510
6eb68a84d74a46c8f0f3a4449b2b0449c6080a2dd8723c04be1bd41300f495f9
6f2d6cf2fc500483c9c05a19048536845ac7412b0cd4f608794dc5ab6d9a784a
7014d8ab16bbffbce437fbbe8f1669c80348d97d3a3fe9f204e34a3b9c673a6c
72a3b19f170904ac99b4c0ee169de752125b8e0d67f068113a2e0249548082b0
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
76b0aae7cf04fec9cc3c2c53b557013549718cd85060a430fc2d0d615582f314
7b6434a08fdf10503dd752aa7efc5f986be3346a9774a23b09ea398054cf0c83
7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe
7d13be1ca3632c021174055e5e8d9e55319cb161ac05529d90809438762d78f4
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
8617160a84979ff8500516d5109baccfc11c45d4d09996c18858f1a10eb55d00
8619a2504ed7df000233a73fcc41c48ba5b6924308a3b35d895608e2285c4974
86a29ab2fc6f1c05534c8366fa0a7a923c7918cbd2deb2ec076fa8bc38753b51
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
899b91f8f52a3fdf6b74081eb01cb351a846bd83b0c5374b8654da2d03ee1721
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8acf1ffbbcc142b283291ffd54ba66f96791d17aa281a99e523b187abbd73c32
8bae876f80797d89e79d93e25e3fce2f541a71f51eb16ce259125d63b38630ce
8bf6481fd9ca6cf5ea01c350f2e9a71321c5e4b99a116418ab2c9f0c4c01af81
8cc2be55cfd2ab58f2fd9ed10416075823a3cd116c2da787a728c52e44abb5eb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d80da72270fb97258b383b081bae3df4763b39595887a6e76d9c202bf77f8bc
8f193c05de4888a76fcd47916ef139f9e71d5390ef24df61f80903150b484ca1
8fba032834bbadc3af987c4d26890f525ec64e489def709569d1ae051b087568
91ab4ac84347894024c91b9ab5d5fceaf56e4adc600643a2ef825caec237d9dd
942df76bea333855cf98cfeb83bcc04f08b9da9cb80aac42ed04f83d41c0fe94
970d4acabcfc91a11bf6b9155f028b1ac976064d6836b12b44c9f6d5e036f233
975493b36ff51cc1a52bb40cb7249b2b742b04be006435d698c2651562f1e513
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
97f2aae05698136e460333f1919da58d0a92df73d9cdc5dc40041b5bfef5acb6
998691c2c0c408e5cbf98147176c36679708ce66b26b77f3fc30b83fa5bab311
9a168032f1cb579a64ab42557cea8d9d71abc3ccd003bb50997f19a41f1a5fab
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad11ce9333e919251d51f4962f8cc3552e1b5428b0fc417a38b01b7cda959bb
9aef6a7623dcf0740fc1366aa3847a8df6f635ce75786e2be5692e27fe2b3148
9c6a1bb124f8a979484206eab0919bf0e79f0131650af91ed237ee8cfdd5f572
9f4f0853b38ef97c503a257a27a7102867a0d20dbf76d58f04941b1f093e29f6
9fde02f8e5287b6defe4344a582605f60634f7a78f964fa9e9b6f4ca7118daef
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a08c0b8495e7e504c36fb4b8ee6d35807b66e70c1f6e0a16a7aa8543fc1182dd
a2fe9eb2f02139db03b9740aeb8ed6f9fbc61ff8ecc611bf49ccc765b420fbe7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b919975a7ee94c3cc068c4e6c31079ea4502e6cd7e4f4f8faa12203364f8d4
a6b1160a34be60c2a428801d99fcb88d1988a341e4ac6eaf4b1a065473d74d8e
a6d93c16c8f8e06a2bd880c8f1f016c6dc61042c5f0ae2d4e38a61e3c3b22a41
a70c6959e692fdb1888a40e93e2f094e4f35d56b6b4a4e6e27c6638928aabd6a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9055d7e2ed2e71bcf2a490ff7d02a02b69070c518b80992796daf325c086512
a9ad4b3592680204fcf1bb8f3c6edeaef240c2af2522709d89696010e667db67
ad6e1359f8a2671fc0c7a9d829c37e06d4f441cabb945ecbd5f21bc7b68b7675
ae3d7a560e6a30e58c1c624ef9e2801800a0538e6ba21ab83ed63d39f53e7f8e
afbbfed5db2b92dd2a45601409629664ef8dbcd18874c30d8949ad05cf9b25c9
b099c95d735403477353dc5d5cf18c7c4c39682334da7fef1a76f21ba9a889a5
b0c61f4d39e7cda429be0271c1c87cd36a00bdd51226f0e87ee31ede992e5f4d
b121d0e4fa0de912f8e242feb8c0c61ece7adcf92dff4c15016e58eac7118887
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1793edea2c5e9f935b11981c437c4a9ac736fd9d71e9d7fa3ca8e49080581ad
b205f1e77bbef30c347d8c623bd704cca3fda634cc8fff698822079af7bb9ad8
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5471b0f645385693d7dc5ed3257fbfaf7fa3800ed64b39ba708cdf7e538b873
b6314cb2150b9da862a0b2161a0569597f23ffa5e46a1b28833092a0a0d50a3f
b631e4bc8257e64751d6d15e2e03e8aa7b82c5f4f49751d02c28c3bdc8bada8a
b6a85bb819e1878a27d5d79ee0607c095bf7328a699c0c75d192b430258564f0
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
b989ef6e53e278a56abb90201c504c90c1b447f7e71eb35557e0e66b8de0a431
bdfe1b9bed7fd0fe71122ff6ed06c74184342c50ce96e494bf3403ee609ab486
becab6e0d88b68a60155edb6d76839a628dd973cd9f11c6f3ccc04417144eb6d
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
bfd14cb735645e59a8c60956edbe30ed4c12577354e8958d38b587fcf2458080
c065f73e8c1c2916cf1f7d04d27ce6743fe567a024a2cf0e0fd2599ceff19835
c0a20f4a5456fa75f0598268fa93bada6e516e32d46f3899dc3a51388deaa1b9
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c33a2ad0fef0daa2f345c26c177d7dcba1bd3a2964de7539099f2d9d8f538c52
c46970fadf0dab3c674862fedbd556f9e7d9649f40cead9a2caf512634351c24
c7096647244a1c6d7899bfb9b8383a61b85db33885477de89e54f37623971902
c7ac8b848ded88911520da797729df494d1e4a10ceafd54db5e02a3f6cdd6545
c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a
cd166c20cfb08626181fce3c15008e50a6aaf40e8dbb26ac5eb4884e1840d78f
cd591d32dd791d9dfdfc0f2d6297121acd305fef369bbdd09b799b8b2fe7ffd8
cda1716ad9a396253b684a99a58dfad07c5006bcf05702dd27aa9fcc8ddd31e3
ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1
cea94077d05c920d5400cd3002e161ad08a78c2af7c43bdaab1de024a45870eb
d36ebb6587354430123e1e1053538afe9eeb29901bcb91e324645c0392e21daa
d41cc46ce01114bebb7d19dc4a19cbe33946614b143bd0a82fe74eddf8a6a32a
d4907f68e689798f98fe4c931dedb2979c12e922ab5783757a2c6c153ad8acd4
d9e13348f91f647b1d27a57e83ea73e2ebcb3abebb4a4ac1ebe01fff72547dd5
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
deee87a1690df80942f5e88a14be4e5287aa0301ada205e2ab23abca94991bfa
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e0359b3d025d57be58d8fb035682085f4183f766ac8d2420a8f8fe02ef8768ed
e18c95508a00c5ae9ccc7f7ce92e65fb807b0859c5cc174cfdb430d980581218
e207b5abcbae45c224ebfca08a452b8ac970af880247b8576d05c933dfeb15ab
e3210ea88b74c6e0a52464a2e226dfbe30d0871a79f12a23ffde342b5dd34ddc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b708360607c356fd25c6cc00fd98ea78107bb13ab74fcfeafd623158fa69b5
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e60b1a3f87aac1baaa8777e1cfbd2ac5b423811d882bba3d278b0200d414f09d
e7fa895719671f50136115e5a8ac3773e46a820cebce1876a5dcb1fa2f095fe8
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed25c4a25b63c73316fdb49ef8f61865adb723672d7ff461f36d8cb013dc2651
ed3c979ebd98534e34cdf48ffab11ccf6f60816e23e7afee8d33f08cccf2a856
ee7ea49b657ab7fbec96a31b893c97bc0400c66fe9cafe3c5cf60acefee278d3
eeb150794bb77f9480827f8a11d4b8cfda8425ea8a05b48526c518304136a8c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efba27ef554afd94cde4db179aeb6e585c26bf1d4aa3e0b319f82f9f1c4048c1
efba4dc39d340c8bb235863f252dd44612d67050977b693881e1aa15ab5fffd3
efcbbe5b532585fbbd7f6b2858412e6221ac6157283c347a81c64f84bd488c2d
f38b1a2f2b442b24a328d065b18c2cc095273d5b37fc661451a8d2502f6666e4
f4ebbbe9e2cb7f812044295bf4773dbd8e6170652eb80e91cba87643fe176ddb
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
fdecfa6f25642edbbde35ac710bb5d11a39bc73b19d936ed94b3b585dff368f9
fe0b255c1648167303f127e54b803eea2949271c02bcbbd53b72a0ce1c67ab97
ff18e6bf184bd659c14d230a8551bba2902c2b548050d9f3c746c78122e4228c
ffbb4e58c4f6f0cca2eec969bb855c87586b4314ccb198885efee4130ec2f2db
ffbe1eb922ba41596aa016b210486e542f2eaaf6bb59f70abd0c7384c5708eb9

fbu.ua Open in urlscan Pro 91.218.214.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

365 Requests

86 %HTTPS

39 %IPv6

47 Domains

68 Subdomains

49 IPs

14 Countries

5931 kBTransfer

11015 kBSize

53 Cookies

45 Outgoing links

Page URL History

Redirected requests

365 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fbu.ua Open in urlscan Pro
91.218.214.18 Public Scan

Screenshot
Live screenshot

Full Image

365
Requests

86 %
HTTPS

39 %
IPv6

47
Domains

68
Subdomains

49
IPs

14
Countries

5931 kB
Transfer

11015 kB
Size

53
Cookies

365 HTTP transactions
5 data transactions