ely.by Open in urlscan Pro
195.201.80.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ely.by/
Submission Tags: falconsandbox
Submission: On May 14 via api (May 14th 2023, 8:15:08 pm UTC) from US — Scanned from DE

Summary HTTP 165 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 52 IPs in 7 countries across 37 domains to perform 165 HTTP transactions. The main IP is 195.201.80.5, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is ely.by. The Cisco Umbrella rank of the primary domain is 479343.
TLS certificate: Issued by R3 on April 5th 2023. Valid for: 3 months.

This is the only time ely.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	195.201.80.5 195.201.80.5	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3034::6815:24f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
22	2a05:d014:776... 2a05:d014:776:a63d:6339:2a28:fc90:eea	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e4:... 2606:4700:e4::ac40:a602	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2606:4700:e4:... 2606:4700:e4::ac40:a702	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
2	52.19.220.224 52.19.220.224	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	54.76.92.86 54.76.92.86	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:4200:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	3.125.30.175 3.125.30.175	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.49.63.182 52.49.63.182	16509 (AMAZON-02) (AMAZON-02)
2	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
165	52

12 195.201.80.5 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ely.by

ely.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:24f2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ezojs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a05:d014:776:a63d:6339:2a28:fc90:eea (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e4::ac40:a602 (United States)

ASN13335 (CLOUDFLARENET, US)

g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bshr.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:e4::ac40:a702 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.220.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-220-224.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5b296c8dde544453caa4c6a2633cb25c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.92.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-92-86.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:4200:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

service.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.30.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-30-175.eu-central-1.compute.amazonaws.com

prod-m-node-3113.ssp.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.63.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-63-182.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	ezodn.com g.ezodn.com — Cisco Umbrella Rank: 11454 go.ezodn.com — Cisco Umbrella Rank: 9777 bshr.ezodn.com	266 KB
22	ezoic.net g.ezoic.net — Cisco Umbrella Rank: 22791	14 KB
22	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205	185 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 5b296c8dde544453caa4c6a2633cb25c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143	207 KB
12	ely.by ely.by — Cisco Umbrella Rank: 479343	351 KB
9	google.com adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	google.de adservice.google.de — Cisco Umbrella Rank: 7680	1 KB
6	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 733 gum.criteo.com — Cisco Umbrella Rank: 429 mug.criteo.com — Cisco Umbrella Rank: 2429	8 KB
5	adform.net track.adform.net — Cisco Umbrella Rank: 3820 s1.adform.net — Cisco Umbrella Rank: 9592	35 KB
4	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 444 cdn.id5-sync.com — Cisco Umbrella Rank: 1008	19 KB
3	ad4m.at ad4m.at — Cisco Umbrella Rank: 11978	11 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2527 google-bidout-d.openx.net — Cisco Umbrella Rank: 2780	662 B
3	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2607 tags.crwdcntrl.net — Cisco Umbrella Rank: 1195 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1013	12 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 664	71 KB
3	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1514 service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 1203	3 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3521	315 B
2	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 661	219 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1651	24 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
2	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2980	863 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	53 KB
1	advertising.com prod-m-node-3113.ssp.advertising.com — Cisco Umbrella Rank: 66562	171 B
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 535	32 KB
1	js7k.com cdn.js7k.com — Cisco Umbrella Rank: 1162	17 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2696	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2999	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 3225	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	1 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1065	393 B
1	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 2767	305 B
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 3968	568 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3851	879 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	600 B
1	gstatic.com fonts.gstatic.com	16 KB
1	ezojs.com www.ezojs.com — Cisco Umbrella Rank: 38985	43 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1019	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	1004 B
165	37

	Domain	Requested by
22	g.ezoic.net	www.ezojs.com go.ezodn.com
19	securepubads.g.doubleclick.net	ely.by securepubads.g.doubleclick.net www.googletagservices.com
19	go.ezodn.com	ely.by go.ezodn.com
12	ely.by	ely.by
9	pagead2.googlesyndication.com	ely.by pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
8	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	gum.criteo.com	1 redirects static.criteo.net go.ezodn.com
3	ad4m.at	s1.adform.net ad4m.at
3	track.adform.net	ely.by s1.adform.net
3	id5-sync.com	go.ezodn.com cdn.id5-sync.com
3	static.criteo.net	go.ezodn.com static.criteo.net securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	s1.adform.net	track.adform.net s1.adform.net
2	oajs.openx.net	1 redirects
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	ads.yieldmo.com	go.ezodn.com
2	c2shb.ssp.yahoo.com	go.ezodn.com
2	script.4dex.io	go.ezodn.com script.4dex.io
2	bshr.ezodn.com	go.ezodn.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	ely.by www.google-analytics.com
2	cdn.polyfill.io	ely.by
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	prod-m-node-3113.ssp.advertising.com	ely.by
1	s.yimg.com	ely.by
1	cdn.js7k.com	ely.by
1	service.idsync.analytics.yahoo.com	ely.by
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	lb.eu-1-id5-sync.com	go.ezodn.com
1	id.crwdcntrl.net	go.ezodn.com
1	id.hadron.ad.gt	go.ezodn.com
1	id.a-mx.com	go.ezodn.com
1	mug.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	5b296c8dde544453caa4c6a2633cb25c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	hb-api.omnitagjs.com	go.ezodn.com
1	bidder.criteo.com	go.ezodn.com
1	g.ezodn.com	ely.by
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.ezojs.com	ely.by
1	www.googleoptimize.com	ely.by
1	fonts.googleapis.com	ely.by
165	52

This site contains links to these domains. Also see Links.

Domain
www.ezoic.com
docs.ely.by
twitter.com
www.youtube.com
vk.com
github.com

Subject Issuer	Validity	Valid
ely.by R3	`2023-04-05` - `2023-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
ezoic.net R3	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
ezodn.com E1	`2023-05-04` - `2023-08-02`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
a-mx.com E1	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-10` - `2023-08-09`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://ely.by/
Frame ID: 6474532CD5DCE2D9A1A3ADCF73B07574
Requests: 133 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: E2DE2893E37FC56793538DCBBAF30522
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339124979299789&output=html&adk=1812271804&adf=3025194257&lmt=1684095302&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fely.by%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684095302490&bpp=9&bdt=330&idt=267&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4916397998099&frm=20&pv=2&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773809%2C44759876%2C44759927%2C31074511%2C44772268%2C44785293%2C44788442%2C44792088%2C44789818%2C21065724&oid=2&pvsid=2626847617639519&tmod=708033999&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294
Frame ID: 1E83D05A8B76CFB83DBE3C44989D3ADE
Requests: 1 HTTP requests in this frame

Frame: https://5b296c8dde544453caa4c6a2633cb25c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ADB2908C8270237DF32A512232D68D8C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 198AA4C1867B4BCA263B362758968ED0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 93AF773E5C18E7BFD9BFD064A390E42E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ely.by
Frame ID: 2FEC2484353A9F3CE82443232B1DCD48
Requests: 2 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 850737F65834DE132B4839BFBA577CFF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthDNB54QhjhTG2gs6Bq4mE6PqfKY6UO5m0LsNdBymIsUq7zh-LJmkDaLpKV-73fT_iZZ4_WA6t8ycLYLWjQWXcyCo0M9et1Vik7hWhzEBzqcurnSlUEboPLYit3jrsLai6Wud7vGd7QxBqjZoSZhTpMoUZTmDFr1Tf2CO2yc66mxu4E5x4NumsNIFa2kn_Myy0_UxzxOr32tz-bcqlV3odE4vjdh84BYJRYdg_jBnuJnmdUEFjxt6nYBHhRbN3Egjj-bmrLot3lhZmM8bOejJmiNOp6xuH3973eezvwDz8C5Nduxvp1Zo&sai=AMfl-YTcAd3d4s03awOv0ORF8VIAjc5nQ4IPn_pAaCMd-4r7OoZsMTIFNFi0ogJ8FHkZAZVAnOFUG-c1WgAv45I0Vm9q8kUhJwZIJZULZtGMUzM9M6RqYXpd-m2HB98Icw&sig=Cg0ArKJSzL0Er1BmIyEtEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D9C31C48F80A9DE29BA4168D1188AFC3
Requests: 16 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 9FA544C72AECC968DD90682DBBB1AE4C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: AD6D74C5FB998425F73C9B3A21D4675D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Willkommen! - Ely.by Skin-System

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

165
Requests

98 %
HTTPS

63 %
IPv6

37
Domains

52
Subdomains

52
IPs

7
Countries

1457 kB
Transfer

4051 kB
Size

28
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: https://docs.ely.by/ru/skins-system.html
Title: Skin-System

Search URL Search Domain Scan URL

URL: https://docs.ely.by/ru/minecraft-auth.html
Title: Authentifizierung für Minecraft

Search URL Search Domain Scan URL

URL: https://docs.ely.by/en/oauth.html
Title: oAuth für Seiten

Search URL Search Domain Scan URL

URL: https://twitter.com/erickskrauch
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/ElyByOfficial
Title: YouTube

Search URL Search Domain Scan URL

URL: https://vk.com/elyby
Title: VKontakte (Ru)

Search URL Search Domain Scan URL

URL: https://github.com/elyby
Title: GitHub

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://gum.criteo.com/sid/json?origin=publishertag&domain=ely.by&sn=ChromeSyncframe&so=0&topUrl=ely.by&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=tAgNI3xOU3R6THh0akVZMGRlNE1zVVdFMkFFRFg2K0ZvYUdsK0FCcTRpa3FvZDhVYVJXa1hNNDVSMEhNd0tHN3hOZGlXOWlYY1FHakZLWitFVE9CYmJvelZUODRGUlp3RWpjT3o0dFYyci9GQzVaRlVFeUc3MW1vWWFYVFhxZkRVK00xQzFlbUI0ZDJxRFZGV2xNcExxVHRWc1E0MEtGeEZyS2FIb2YzUHA5dHg5SzVLQWZmazRTV2JFSDlUTytpbjR3ZWlueG8rWE1ObkF5cHVyekVPR1RXa1JCelYzV0o1TVlUTWkyZ2l4RzlrT0tzTFVFaFVza21oTEJPODVBbytVYUxockMrakJsS3RxeHhEWWZ1dGJyc0FRdz09fA&cppv=2

Request Chain 130

https://oajs.openx.net/esp?url=https%3A%2F%2Fely.by%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fely.by%2F&rid=esp&cc=1

165 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ely.by/ 22 KB
6 KB 84ms
26ms Document
text/html 195.201.80.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.80.5 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ely.by
Software: nginx /
Resource Hash: dc550e7862e8131ed4d5c55e0712b054a412f20bfcf5ab80be98d4794721c369

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 14 May 2023 20:15:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding Content-Language,User-Agent,Cookie
x-authlib-injector-api-location: https://account.ely.by/api/authlib-injector

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1004 B 56ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed&subset=latin,cyrillic

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

366b852a67aeca6a82b972ff59d842387c2a000f984976700ee15fb1045d19fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 May 2023 19:56:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 May 2023 20:15:02 GMT

GET
H2 200 styles.css
ely.by/css/ 87 KB
18 KB 31ms
27ms Stylesheet
text/css 195.201.80.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ely.by/css/styles.css?v=master-49bf0c17
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.80.5 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ely.by
Software: nginx /
Resource Hash: 5abb1be86107f53cb50c6fd364dd7565728b6bd8fd151f283f1f264010cbecf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
last-modified: Tue, 17 Jan 2023 04:20:13 GMT
server: nginx
etag: W/"63c621fd-15a48"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 116 KB
46 KB 62ms
24ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-K727N8K

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fe6e0a693ffe84d6a5db9459511fc738086c4d9df57a49f2453325c27beab1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46399
x-xss-protection: 0
last-modified: Sun, 14 May 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 May 2023 20:15:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 157ms
115ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67dd5d748b1ec30b5d458551a363cc2728e2459c24a884092a614486cc54fffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47504
x-xss-protection: 0
server: cafe
etag: 9756921044861732015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:15:02 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 100 B
676 B 88ms
21ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.de,IntersectionObserver,requestAnimationFrame

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 May 2023 20:15:02 GMT
age: 716750
detected-user-agent: Chrome/113.0.0
useragent_normaliser: chrome/113.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=7
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/113.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sa.min.js Show response
www.ezojs.com/ezoic/ 125 KB
43 KB 91ms
24ms Script
application/javascript 2606:4700:3034::6815:24f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/ezoic/sa.min.js
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:24f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 359785585ea911cbb5805012d8e7f04478a720ea649e6f1046694d0215e5b3e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 May 2023 03:31:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 60209
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRAh0zG9gdl%2BmGxWpxbrWQPSSZxs5NUtXy0Lj1M%2Bquyu90N6iCwuX%2BS8yt0a7n%2BfGMZdVB9YHTw1RDPSX5%2F%2FK%2BWo9jZLmeavczKOGO4bxGrM4%2FMlhu6LwX2uNDnObT7CxRu4E9XFZh%2BKrHdB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=86400
x-robots-tag: noindex
cf-ray: 7c75cf96f9dd9bb3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vendor.js Show response
ely.by/js/ 385 KB
112 KB 58ms
55ms Script
application/javascript 195.201.80.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ely.by/js/vendor.js?v=master-49bf0c17
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.80.5 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ely.by
Software: nginx /
Resource Hash: 7a6d2692c7cc0f1b2cefc40c87d1e0d21c9205f17d1dd000ef2365355fe9c189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
last-modified: Tue, 17 Jan 2023 04:20:13 GMT
server: nginx
etag: W/"63c621fd-605b9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 de.locale.js Show response
ely.by/js/ 8 KB
3 KB 83ms
80ms Script
application/javascript 195.201.80.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ely.by/js/de.locale.js?v=master-49bf0c17
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.80.5 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ely.by
Software: nginx /
Resource Hash: 464b0f0403da8ab7658132d68d3238f2e96be449c7ede3ac0abb4c6da23d2160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
last-modified: Tue, 17 Jan 2023 04:20:13 GMT
server: nginx
etag: W/"63c621fd-1e82"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.js Show response
ely.by/js/ 93 KB
24 KB 84ms
82ms Script
application/javascript 195.201.80.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ely.by/js/app.js?v=master-49bf0c17
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.80.5 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ely.by
Software: nginx /
Resource Hash: 9681db3e4bdf84e2173f0083c07041004eb7b133dbf503e59e0aec8fcb2d57e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
last-modified: Tue, 17 Jan 2023 04:20:13 GMT
server: nginx
etag: W/"63c621fd-175c6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 May 2023 19:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4202
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sun, 14 May 2023 21:05:00 GMT

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ 100 B
187 B 11ms
11ms Other
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.de,IntersectionObserver,requestAnimationFrame

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 May 2023 20:15:02 GMT
age: 716750
detected-user-agent: Chrome/113.0.0
useragent_normaliser: chrome/113.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/113.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bg.jpg
ely.by/images/ 133 KB
128 KB 33ms
32ms Image
image/jpeg 195.201.80.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ely.by/images/bg.jpg?07167fb9d97f132ffbee8c8f020426b3
Requested by: Host: ely.by
URL: https://ely.by/css/styles.css?v=master-49bf0c17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.80.5 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ely.by
Software: nginx /
Resource Hash: 4ff98885e18fdd775a1ccf39a186462bc06469e54add744bd0186769f91fa569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/css/styles.css?v=master-49bf0c17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
last-modified: Tue, 17 Jan 2023 04:20:13 GMT
server: nginx
etag: W/"63c621fd-21526"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 47ms
12ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ely.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 23:01:51 GMT
x-content-type-options: nosniff
age: 76391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 23:01:51 GMT

GET
H2 200 Ely-icons-pack.ttf
ely.by/fonts/ 10 KB
7 KB 44ms
44ms Font
application/octet-stream 195.201.80.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ely.by/fonts/Ely-icons-pack.ttf?9bx450
Requested by: Host: ely.by
URL: https://ely.by/css/styles.css?v=master-49bf0c17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.80.5 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ely.by
Software: nginx /
Resource Hash: 9a094c934231cf0677a8d44c2c903146369ea663551712f45c8f932565ddb8a8

Request headers

Referer: https://ely.by/css/styles.css?v=master-49bf0c17
Origin: https://ely.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
last-modified: Tue, 17 Jan 2023 04:11:49 GMT
server: nginx
etag: W/"63c62005-27fc"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 356 KB
120 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3339124979299789&plah=ely.by&bust=31074511

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56f41af6d7fa4b3b979fd1a8e9c00bae3f47df6c8a3cb0b344560792ef1272c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122695
x-xss-protection: 0
server: cafe
etag: 4322111815818610968
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:15:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame E2DE 10 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ely.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 12:30:21 GMT
etag: 15057649708203361565
expires: Sun, 28 May 2023 12:30:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 how-it-work.png
ely.by/images/ 8 KB
8 KB 72ms
70ms Image
image/png 195.201.80.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ely.by/images/how-it-work.png?ddc2037969f07f8fe84b7cff495aa43a
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.80.5 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ely.by
Software: nginx /
Resource Hash: 41516169d31ca1b01fd1760a11be21bed2e7a9398e191415ef12243ac25507b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
last-modified: Tue, 17 Jan 2023 04:20:13 GMT
server: nginx
etag: W/"63c621fd-2085"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cool-versions-support.png
ely.by/images/ 8 KB
7 KB 72ms
71ms Image
image/png 195.201.80.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ely.by/images/cool-versions-support.png?b5a974a5db755cce16ebb492bea49265
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.80.5 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ely.by
Software: nginx /
Resource Hash: 4fa11c8898871b67c8280a7fdc44d42f0108aa1c2a31b50d25d010f61e873b49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
last-modified: Tue, 17 Jan 2023 04:20:13 GMT
server: nginx
etag: W/"63c621fd-1ed7"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 minecraft-skins.png
ely.by/images/ 11 KB
11 KB 73ms
72ms Image
image/png 195.201.80.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ely.by/images/minecraft-skins.png?9fe3f378c6930244d5c35aeba0e049e0
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.80.5 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ely.by
Software: nginx /
Resource Hash: 40e084afde599dba202108218f0be508d789251c9689ec1bbb017112b5972d78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
last-modified: Tue, 17 Jan 2023 04:20:13 GMT
server: nginx
etag: W/"63c621fd-2b94"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 author.svg
ely.by/images/ 818 B
604 B 73ms
72ms Image
image/svg+xml 195.201.80.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ely.by/images/author.svg?d26014947b9151a0728e7dcc6c5cfcfa
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.80.5 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ely.by
Software: nginx /
Resource Hash: fe55ec73b537cc0efcd511d18c7b603f244b04552a67bab0aac30e684e8f11cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
last-modified: Tue, 17 Jan 2023 04:20:13 GMT
server: nginx
etag: W/"63c621fd-332"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 sa.go Show response
g.ezoic.net/ 44 KB
13 KB 129ms
78ms XHR
text/javascript 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/sa.go
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/ezoic/sa.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e4ea92cc06721a4ea12876a68b6d36861955ba64cf8e2a3f86d6f146b902dfc2

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: https://ely.by
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-robots-tag: noindex
access-control-allow-headers: Content-Type
expires: Sat, 13 May 2023 20:15:02 GMT

GET
H2 206 message.mp3
ely.by/audio/ 25 KB
26 KB 31ms
31ms Media
audio/mpeg 195.201.80.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ely.by/audio/message.mp3?2f2cd5e303becb9b674f7a9db81c18d2
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.80.5 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ely.by
Software: nginx /
Resource Hash: 0f55f975a90d3b45589a5cdfbecfddc6a5f5f7513a17ee22d71cb1167cc13d37

Request headers

Referer: https://ely.by/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
last-modified: Tue, 17 Jan 2023 04:20:13 GMT
server: nginx
etag: "63c621fd-653c"
vary: Accept-Encoding
content-type: audio/mpeg
Content-Range: bytes 0-25915/25916
cache-control: max-age=315360000
Content-Length: 25916
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
203 B 16ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1500577756&t=pageview&_s=1&dl=https%3A%2F%2Fely.by%2F&ul=en-us&de=UTF-8&dt=Willkommen!%20-%20Ely.by%20Skin-System&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1474632487&gjid=83208981&cid=802863605.1684095303&tid=UA-45299905-1&_gid=416846924.1684095303&_r=1&_slc=1&z=1596364580

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ely.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
340 B 67ms
21ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-45299905-1&cid=802863605.1684095303&jid=1474632487&gjid=83208981&_gid=416846924.1684095303&_u=IEBAAEAAAAAAACAAI~&z=816423367

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 14 May 2023 20:15:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ely.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
600 B 90ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ely.by&callback=_gfp_s_&client=ca-pub-3339124979299789

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3339124979299789&plah=ely.by&bust=31074511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5cd816bfc6268f39fd6b7dfb1b0bb86397a9b498e52c1b9fe2c2f48b536cb7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 93ms
23ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ely.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 45ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ely.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 106ms
106ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=page-loader&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 108ms
108ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=page-loader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1E83 603 B
245 B 185ms
184ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3339124979299789&output=html&adk=1812271804&adf=3025194257&lmt=1684095302&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fely.by%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684095302490&bpp=9&bdt=330&idt=267&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4916397998099&frm=20&pv=2&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773809%2C44759876%2C44759927%2C31074511%2C44772268%2C44785293%2C44788442%2C44792088%2C44789818%2C21065724&oid=2&pvsid=2626847617639519&tmod=708033999&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ely.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 20:15:02 GMT
expires: Sun, 14 May 2023 20:15:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 v.js Show response
g.ezodn.com/cmp/v2/ 5 KB
2 KB 50ms
16ms Script
text/javascript 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 19:45:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6997961
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1e%2FcLph%2FubGqXmm%2F1Qg494%2BmfN0bcblgIU%2BrI%2FHsBuZtQjCGE5j5KFAG%2B1oDyhnDAdJuOdxHJjDsbhZKGHLZuRJdQ1bQr1YMZDYnV14NWguJ4Uq3rYKY23ZtaB3axk49rGbNYCeAX1qxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=15780000
cf-ray: 7c75cf9aaaaa9be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 boise.js Show response
go.ezodn.com/detroitchicago/ 673 B
652 B 71ms
23ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/boise.js?gcb=195-2&cb=2
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa04d8b4b07ebd5ebb250e33b532615e80dd02d46afb5cc0654c3c128b1c427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 02:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11297432
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWbKyRY1y3he2aQnDSOKj1%2FTmzstWZNhP33GFFnn%2FaD1E730kh5Wfr0kqY3MvyKpqr9I1CLkEWH7OX7MHZMcrWBjG8X5Q67ho1R46lonUHbmcy%2FqAiIMdpno7SA28YeQS9cLVEIbnhgxK%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9acd8b2c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 memphis.js Show response
go.ezodn.com/detroitchicago/ 5 KB
3 KB 67ms
20ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b800c61df4249f8d2b8a595c138e7488b04a0db65a4022da9660afef96d286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 20:42:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10539133
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ad2oUYI0oNuyXiySkImZgRRrZtnDCbnkU14ifTSrwwb4uk%2FM%2FbKpjX5LWfSjLX9ZjOhtbCuQB%2Flj1tz89vcMEPfNPmpB9Oirax4VC4l6PZvMtLx%2BC47fYTaIPpyrJRQFaVEgEA8qmBEl%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9acd8f2c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 minneapolis.js Show response
go.ezodn.com/detroitchicago/ 749 B
727 B 72ms
25ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/minneapolis.js?gcb=195-2&cb=4
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 753fa7b04751066160f1f5b44c4d518e839277591836a51da5d0fd614e63c863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 02:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11297432
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxNTRRyyLpE%2FFJf6z%2F%2FrM5gLtp%2BgXzLbN62bPsGoMW6l1Xz0K6hfvm63HhGULJf8%2BMQ6FEhivOIbKPCvbatC73QI328YT9u9XP96VUbXniuelGNwh6d5z1ANv5IHHmjN3IMvHti0f6dzb1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9acd922c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 raleigh.js Show response
go.ezodn.com/detroitchicago/ 1 KB
987 B 69ms
22ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/raleigh.js?gcb=195-2&cb=6
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30887d75ca7268ceabc93067bca019f8ffe07189630a759407b236736e1f15af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 May 2023 22:10:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 250504
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhjxylIBVeAZBymAug3VnMJUTQ57otJffpdjOiXYdWD48CCKsGYmt4Eke3BOVAAj4uILTLF0AByS1xcJO3seQxHdv%2B3obaOzkHRMr5Hj5kzO9mVqbdR0RyHveA3FQx8mPC6AbWATCF1dfIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9acd942c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tampa.js Show response
go.ezodn.com/detroitchicago/ 723 B
719 B 68ms
21ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/tampa.js?gcb=195-2&cb=5
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e611f58b19c2ff6aba81588e7b0a148e523d8acbadc40092f8de5f50dca2f93c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 02:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11297432
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3Pl7rWjkGxhl%2BsHEWtOcZ56NZ6EZr0SNHvf21owIQcHNuOCVaVKx69hC1jBeQdX4StzMyJP4kFE76yAKTlgF6QVwlRSqWcNMwBCJPk%2BUQYWCE0N%2FCoBJtxgypj88ANhuxko60aGKK14HHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9acd982c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jellyfish.webp Show response
go.ezodn.com/porpoiseant/ 42 KB
11 KB 69ms
22ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/porpoiseant/jellyfish.webp?a=a&cb=195-2&shcb=34
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa7bdac43a2bedabe35a56d982b3ce99cdfc5cb359d6eef5feb14d472b6c98b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 02:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11297432
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nm0CgkE%2BiWYZgi%2FZQZ7DyEp3rM7ji8rWJUgpL2KTlz89C9Xz6BduFVhYKXPeP3I2CHuxo7lqU%2BjP%2B7Yp0CY3rOJk3NWYmiHp4Duz457Qk6n1q3TGLsfyPtmpwz3dFKs7CuondN2NVknhcj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9acd992c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sidebarwall.js Show response
go.ezodn.com/detroitchicago/ 9 KB
3 KB 26ms
25ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/sidebarwall.js?gcb=2&cb=19
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Apr 2023 00:35:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3525774
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtEe5MtMSuXZu17aDKM6KaQr96xTMewHImO0fGT41iMcvhJKOtmFwedZPOjM8iwE6DPmxSK8fBU1cEUd%2BGYVv5rBUotoY7nEaLec4NXDB98xJak%2FywW0b3U%2FNS8OO7LiGDMEYhBbWEJQGDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9acd9a2c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tuscon.js Show response
go.ezodn.com/detroitchicago/ 8 KB
2 KB 26ms
24ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/tuscon.js?gcb=2&cb=12
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a3d4af6fa0c4aa12f576c5934099ddbaf4ea4223c315e15578fe4cec8e671d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 19:37:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4495034
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWDd0jV8NxfPlMHkYSTwZkP%2FnoWh3GbEK4qbUf28fVC%2F5ka9Q7jsHftDqGa%2FQMu4ppe1%2FgmbEvsYp3gHSWMJKRzi7qZrTQUtUIO6bZvzUWltV1tRL6BB4rjGMDAQlGcxeXJkfD%2Fc01bvJzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9acd9f2c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 kenai.js Show response
go.ezodn.com/detroitchicago/ 3 KB
1 KB 24ms
23ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/kenai.js?gcb=2&cb=6
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2023 23:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1112336
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1wqT%2BVImM7ZKbceRf1HR2KQG7Yf2N0UXSLb86iNuJVjzXJKA7V2eNQc9fwWkIkk%2FIgT%2FMcKI3fritNF7o7wWOgVwD3blHcNmjnTvKfyuhKL6xCQIkjeKBHrxKtBjfFCX7Qq%2FeTSMbUssvw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9acda02c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 portland.js Show response
go.ezodn.com/detroitchicago/ 29 KB
10 KB 32ms
31ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/portland.js?gcb=2&cb=3
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93df6b932f78a94beb1a9aaf63e733e4969724b68bae11e4b60d8cb8ce4ff3ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 19:53:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1556365
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XjvDLSjoeKuRpksRNR05iJGui60p%2F5oSSrKhldru%2FgED1%2B6%2BFHP4sQ4n349EeVZec0qVYqgE6aCzXElOiKCVYj4R70hzHSsmn%2B%2FEbrn2whUMbVmaNbHySopTzVoEB0EzUYFk4tWVrnf3k0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9acda22c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fads.js Show response
go.ezodn.com/porpoiseant/ 9 KB
3 KB 33ms
32ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/porpoiseant/fads.js?gcb=195-2&cb=11
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3d127b2a33edc1fb2dfc224e31fca161d01c0a51622e6a7164ea67ccf6ff94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2023 06:23:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1172735
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYiDtVDOjHG0QxF8YGdI9SILuPpof7tZl78LmMZ%2FL66HJR9Cqjcnu5orb%2F%2BU1b2NhwUcNUNcpKr17euXrsbHReEx4vVX8ZitEhUO3D46vQkzYmG4rkaUUq3aRLELhWSY9vVEIjVVJeyFcU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9acda32c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 633 KB
190 KB 38ms
36ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0730ea662702384bb01abf66275bab7f70f4b8edad0eee15c9a8948a5d5f5cdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 May 2023 18:53:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 263913
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0Zw7KPA%2FpuxBZ7BBnJppHYSDIqJ%2FtKzUmVpaA8hUVoDtWjM5Dj%2FzLJ4TxUm8szew5KJ%2FHs2eqc%2FNOTxdKURnFrE%2Bbf083fMk6O0XFaVkHvVysu57hTJfNmPKkSwCj0%2ByC6DBl%2Ba1GwaDgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7c75cf9acda52c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 244ms
188ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5be514070723ffc618fc80be80a7b8c6940f3b36a92390f4cbebd79351576587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25236
x-xss-protection: 0
server: cafe
etag: 960 / 19491 / m202305090101 / config-hash: 12209807291441061903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:15:03 GMT

GET
H2 200 banger.js Show response
go.ezodn.com/porpoiseant/ 56 KB
15 KB 27ms
26ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-2&bv=226&v=74&PageSpeed=off
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1ee62c10a7e29437e8f151ad0b21938005895cd05cf0574453559ec618d2385

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 13 May 2023 01:05:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 154588
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKHdQHfntwGpaCB25qERHJWjkoTwEcHESe3xg%2Bg5iVucUp1tZc%2F0OeTmU24wI3ztT%2BCRGUQONMJCbl37%2F8uRlwIokguy7HbwEEhf6Zh%2BedzQPRvp2K7zn1kZnl4ZdBHgc3AGeprSjEDAKdE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9acda92c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ezoic.png
go.ezodn.com/utilcave_com/img/ 1 KB
2 KB 83ms
58ms Image
image/png 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezodn.com/utilcave_com/img/ezoic.png
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
cf-cache-status: BYPASS
x-sol: middleton
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1181
last-modified: Wed, 03 May 2023 17:04:23 GMT
server: cloudflare
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCY1j06UUqgP6B1UfDPJDgdMRzMcnOJgKfdpO38VsoElIGqb7IRuDIKCj9cqMFMwc4yteM6r06%2BW4ao8bVmKAxsTb1LEeZS20DMhsYP09Tn%2BjuDFb%2BePgu10Nt2WYgLmLkyZJAyiE1YIBu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7c75cf9acd892c35-FRA
expires: Sun, 21 May 2023 20:15:02 GMT

GET
H2 200 rochester.js Show response
go.ezodn.com/detroitchicago/ 2 KB
1 KB 17ms
16ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/rochester.js?gcb=195-2&cb=13
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dd34f8f80307acd6f3dafe0ba702397f2daa480a0311b07b707dd1365ef6d31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 02:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11297432
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2pwPURHyKbF1W29JQfFH9YhkBPQ3RkoxuexszTrCd84Qbc6olmLe1AMqxgYyQsPzkAg3E%2BQuL8%2BzLDCTV63Fe1kXiBIP%2Fu218vBWT6UEX6EB4YPiBRnIynOfz7d70MrFMvG5Gg%2FMCRlMtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9afde32c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 edmonton.webp Show response
go.ezodn.com/detroitchicago/ 21 KB
6 KB 27ms
26ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/edmonton.webp?a=a&cb=195-2&shcb=34
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d9c9f6bbfd42b7c3c63a20fb54ba49978b53f6b981fbabe4d56dd90b2b44ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 02:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11297432
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTjjKWMFn3pXdYZ8BP7NLLw8J9oLhVui9oXHdKkUHnGhLXHbd72%2B5sY0%2FNEYwg%2BV%2BeZJ8TzCLHQKArmGKZc4Iss2EoBAOQQ8ZmaW0ZEju6LTyzh6UeSEZzUgDTT6KfaTKtAPIzkVzdA2S9I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9afde42c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vitals.js Show response
go.ezodn.com/tardisrocinante/ 5 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/tardisrocinante/vitals.js?gcb=195-2&cb=3
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d839b193eba1dd4578cc90dfe2fe6edea552e807f65af9e79780a58d0ad9b1bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 02:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11297432
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ufXn%2BVYvtuQUNPMZlno%2BlUUTzfB745AD%2BmgLqBn3m6qVW03nabNCbpoMMtCbR35PBU%2Fro7bTEbKVnwrO%2B5uv8SwEPEzBmebucmEo%2BbFdKowlymW6A4kn7z1zdKS2YQFU5IVuIQVPgeT2wU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7c75cf9afde62c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 nmash.js Show response
go.ezodn.com/porpoiseant/ 22 KB
7 KB 44ms
41ms Script
application/javascript 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/porpoiseant/nmash.js?v=226
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-2&bv=226&v=74&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d568fa6632c283fd4b37482c66ba2d6c82fcf01d39d4a9acd7ac3e9c432f982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 14 May 2023 20:15:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FotpcyqiKNZOWwsllyQ%2FaIYHPWF9TxphduK21VEdH3cK2Ny39HM5fx%2B4UbchSPHrxLLYoxmDwmZgUPpvSmS8%2BuCAqNawkoFoVyNqCiqwEsscNR%2BdkpVMMU9EgVUuNdT6ozqum65411z9dE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=14400
x-robots-tag: noindex
cf-ray: 7c75cf9b0dea2c35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
bshr.ezodn.com/ 5 KB
3 KB 17ms
16ms XHR
application/json 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bshr.ezodn.com/?did=80361&bf=30000&dc=1254144
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-2&bv=226&v=74&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3811b7185ca22af2963009683d13627aa2165581f64ee28ced6e4793ab4e1f64

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342814
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 May 2023 20:56:39 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json; charset=utf8
access-control-allow-origin: https://ely.by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xanorwqFsMlgkpdHZ1G221823FuPZStY%2BV84sN%2F4nsQtDpv9xc4K9SGtrzgpkRCUetYeBJMA1ljz%2Bfis%2Bx%2FB4naJirs%2FFhyNcezYlxDQ9RNA0%2FpmtmL7KfkMsJXQH6obleAJ%2BhUmQS2eqmhDrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=1209600
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray: 7c75cf9b6b9d9076-FRA
access-control-allow-headers: Content-Type

OPTIONS
H2 200 /
bshr.ezodn.com/ Frame 0
0 63ms
19ms Preflight
text/plain 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bshr.ezodn.com/?did=80361&bf=30000&dc=1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://ely.by
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://ely.by
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c75cf9b4b799076-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Sun, 14 May 2023 20:15:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8UJj%2F8s6drJ1qmzOiynMEVHUG5z1anAPJ3Th1oGYzK5FBaxnD3PHSamIv8ThkbnUMNSUCDjIKx9bK6DRd2GHLG153Gys5nD%2BPNL8DbafyKsq504OtH9cjUqeS2xQGac%2B3lBg7ETRYW2d46HqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H2 200 imp.gif
g.ezoic.net/detroitchicago/ 43 B
150 B 14ms
13ms Ping
image/gif 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod1%22%2C%22ad_cache_level%22%3A0%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A3%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C39%2C38%2C0%22%2C%22adx_ad_count%22%3A3%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A80361%2C%22domain_test_group%22%3A20230810%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A11%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A4%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1118%2C1975%2C1976%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22c1d2c7e4-85d5-4b8a-7b09-fa518cea93d1%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%2260326%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A0%2C%22response_time_orig%22%3A0%2C%22serverid%22%3A%22i-054ec339130f7dff8%22%2C%22state%22%3A%22HE%22%2C%22sub_page_ad_positions%22%3A%221006%2C1118%2C1975%2C1976%22%2C%22t_epoch%22%3A1684095302%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fely.by%2F%22%2C%22user_id%22%3A0%2C%22visit_uuid%22%3A%224d210869-93e1-41f8-45f7-7b04e6e4c548%22%2C%22word_count%22%3A725%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:02 GMT
content-encoding: br
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ely.by
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type
content-length: 47
expires: Sat, 13 May 2023 20:15:02 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1019 B 48ms
14ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 20:15:03 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2081078
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ee1AJFYCyI4rjjiiklyLO54jO4WxP5yc27w2zChNlC7vaPON9fWDIMtIftuKM%2BhGtaC6rdRkBIgCNgkWhMkMmUE6oM0w%2Fqlrs5dPgkd9Qp4v6dCEwAsl%2FLxgXq2Yc0JvTmzObg1Z1rW5331O"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7c75cf9bdc7e1cb7-FRA

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
304 B 115ms
57ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.46.0&cb=46671157038&lsavail=1

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ely.by
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
282 B 152ms
106ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e221125d9d01b3&cmd=bid&eidpubcid.org=fa6950e8-2a26-4e41-b581-228ca71eee82&secure=1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: f43b21e95e2b10a9837ce1c8310077d63276467f9a8fde652a5f3fe4093bcd2b

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ely.by
access-control-allow-credentials: true
content-length: 78

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
2 KB 146ms
100ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e221125d9d01b3&cmd=bid&eidpubcid.org=fa6950e8-2a26-4e41-b581-228ca71eee82&secure=1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 95cc1db41b0f1e0273b5930444e898391fe23e924c819eba716f1fc914a00acb

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ely.by
access-control-allow-credentials: true
content-length: 1979

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 535 B
879 B 96ms
44ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fely.by%2F&PageUrl=https%3A%2F%2Fely.by%2F&PageReferrer=https%3A%2F%2Fely.by%2F

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

e0292a2d00d173884932f80d1283cca764b9a4da198e1ee1a46f78f0090a69fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:02 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 535
expires: 0

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
219 B 129ms
34ms XHR
text/plain 52.19.220.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=7.46.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-ely_by-edge-2-0%22%2C%22callback_id%22%3A%2213eaa88fae04204%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%2202fb68b0-33db-497b-bcae-f608077c73e4%22%2C%22auctionId%22%3A%224052c11c-58a7-455e-94db-c25dbcaabb3d%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-ely_by-edge-1-0%22%2C%22callback_id%22%3A%2214a37e2bd7f8a52%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%2273dae5d3-1cb6-4a0b-94b8-3c191faf5d8a%22%2C%22auctionId%22%3A%224052c11c-58a7-455e-94db-c25dbcaabb3d%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-ely_by-box-1-0%22%2C%22callback_id%22%3A%2215bdc469e825d2a%22%2C%22sizes%22%3A%5B%5B125%2C125%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%22718560a7-32bf-41d8-8767-87a8340d9d2a%22%2C%22auctionId%22%3A%224052c11c-58a7-455e-94db-c25dbcaabb3d%22%7D%5D&page_url=https%3A%2F%2Fely.by%2F&bust=1684095302986&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Willkommen!%20-%20Ely.by%20Skin-System&w=1600&h=1200&pubcid=fa6950e8-2a26-4e41-b581-228ca71eee82&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%224c070c11039a122ffbaf2aad3426cf5c%22%2C%22domain%22%3A%22ely.by%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22fa6950e8-2a26-4e41-b581-228ca71eee82%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.220.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-220-224.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ely.by
pragma: no-cache
date: Sun, 14 May 2023 20:15:03 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 55ms
27ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 20:15:03 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2374189
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OW3QE9NOdRi2ezzCyfdpolAI1dRJtoRZq%2FkhYkRhjSiCINLTv9DkYKtjjzAnR9ojGq7nI%2FsSr8idmVpS%2FOyaHU%2BNvviV%2FWL194xpk%2Fvw93HpJZDWCS%2B2J5nz96oPNR%2FmDTwKpaCt3j9rMQ6k"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7c75cf9c1963bb55-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ 402 KB
124 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 16:37:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13081
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127184
x-xss-protection: 0
server: cafe
etag: 3263738860219486170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 13 May 2024 16:37:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 785 B
392 B 59ms
42ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3500d427ade53ae5f73baa981d2d4859d49699f7ab556674956b58e0d6c6a629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 367
x-xss-protection: 0
expires: Sun, 14 May 2023 20:15:03 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 74ms
58ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c92a126a502538ee13dc14c9f4d36bf3a3d98ac9adbd0d0646096e87538a7223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11131
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

POST
H2 200 bluemonkey.gif Show response
g.ezoic.net/detroitchicago/ 43 B
421 B 27ms
9ms XHR
image/gif 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/bluemonkey.gif?e=eyJhZHZlcnRpc2VyX2RvbWFpbnMiOiJjb25nc3Rhci5kZSIsImZyb21fY2FjaGUiOjAsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiYXVjdGlvbl9pZCI6IjQwNTJjMTFjLTU4YTctNDU1ZS05NGRiLWMyNWRiY2FhYmIzZCIsImFkX3VuaXRfY29kZSI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMS0wIiwiYWRhcHRlcl9jb2RlIjoib25lbW9iaWxlIiwib3JpZ2luYWxfY3BtIjowLjA3Mjc0NiwiY3BtIjowLjA3Mjc0NiwiYWRqdXN0bWVudCI6MSwibWVkaWFfdHlwZSI6ImRpc3BsYXkiLCJ0aW1lX3RvX3Jlc3BvbmQiOjI0NywicmVzcG9uc2Vfc2l6ZSI6IjE2MHg2MDAiLCJyZXF1ZXN0X3NpemUiOiIxNjB4NjAwIiwiZG9tYWluX2lkIjo4MDM2MSwiZm9ybV9mYWN0b3JfaWQiOjEsInBvc2l0aW9uX3R5cGUiOjM4LCJzdGF0X3NvdXJjZV9pZCI6MTEyOTMsInJlZnJlc2hfY291bnQiOjAsInNvdXJjZSI6ImNsaWVudCIsImFiX3Rlc3RfaWQiOiJtb2QxIn0=
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/kenai.js?gcb=2&cb=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ely.by
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers: Content-Type
content-length: 49
expires: Sat, 13 May 2023 20:15:03 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
472 B 360ms
359ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=2720627923366014&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=2&adks=3465923160&didk=2657332888&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D1379027075309640%26eid%3D1379027075309640%26t%3D134%26d%3D80361%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dely_by-edge-2-1379027075309640%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26ebss%3D10017%2C10061%2C11304%26asau%3D7908452949%26bv%3D24%26bvm%3D0%26bvr%3D2%26avc%3D21%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D84%2C152%2C169%2C4%2C161%2C168%2C87%2C20%2C26%2C135%2C205%2C0%2C172%2C166%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%2C3676&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095303256&lmt=1684095303&dlt=1684095302161&idt=964&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f51ed5d5878677ab2fc0f490c1a35c82c592a7b1c9de2766cbf29ed9f10c37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 441
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5b296c8dde544453caa4c6a2633cb25c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ADB2 6 KB
3 KB 66ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b296c8dde544453caa4c6a2633cb25c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ely.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 20:15:03 GMT
expires: Mon, 13 May 2024 20:15:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
474 B 409ms
408ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=3225521065428900&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=3&adks=1744209889&didk=2657331555&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D1360940831311083%26eid%3D1360940831311083%26t%3D134%26d%3D80361%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dely_by-edge-1-1360940831311083%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26ebss%3D10017%2C10061%2C11304%26asau%3D7908452949%26bv%3D12%26bvm%3D0%26bvr%3D2%26avc%3D21%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D157%2C193%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%2C3676&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095303275&lmt=1684095303&dlt=1684095302161&idt=964&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f164550a8cd3d951745253e63b91326e079032ceb7e5bed212e2dcd864f83bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 443
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
467 B 288ms
288ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=1217954160610195&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=125x125&ifi=4&adks=2917767438&didk=3237305752&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D5058859127283023%26eid%3D5058859127283023%26t%3D134%26d%3D80361%26t1%3D134%26pvc%3D0%26ap%3D1118%26sap%3D1118%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dely_by-box-1-5058859127283023%26eb_br%3D291d27313eb66c50243129b23df8a579%26eba%3D1%26ebss%3D10017%2C10061%2C11304%26asau%3D7908452949%26bv%3D12%26bvm%3D0%26bvr%3D2%26avc%3D21%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D10%26br2%3D4%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D79%2C193%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C30%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%2C3676&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095303280&lmt=1684095303&dlt=1684095302161&idt=964&adxs=-300&adys=311&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=1600&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

264238db6e0c2a003e81eaa9b6d804dfde5504363c6cd15ba85202e30972b9ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 436
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 65ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 May 2023 20:15:03 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 198A 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ely.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 16:51:35 GMT
expires: Mon, 13 May 2024 16:51:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 93AF 783 B
1 KB 46ms
22ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5187e4334144a14c1e5ef0efcde0e0854b16e2418b2b09c7edd56e5fde8d2b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ERw3ZvseZ8wihlbtstntwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ely.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-ERw3ZvseZ8wihlbtstntwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 20:15:03 GMT
expires: Sun, 14 May 2023 20:15:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 198A 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 21:34:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 93AF 0
0 106ms
106ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=2626847617639519&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 198A 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?m7uI0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 greenoaks.gif
g.ezoic.net/detroitchicago/ 0
69 B 8ms
7ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJkb21haW5faWQiOiI4MDM2MSIsInRfZXBvY2giOjE2ODQwOTUzMDIsImRhdGEiOlt7Im5hbWUiOiJkZXZpY2Vfd2lkdGgiLCJ2YWwiOiIxNjAwIn0seyJuYW1lIjoiZGV2aWNlX2hlaWdodCIsInZhbCI6IjEyMDAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJkb21haW5faWQiOiI4MDM2MSIsInRfZXBvY2giOjE2ODQwOTUzMDIsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA1LTE0In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMjAifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMCJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiZG9tYWluX2lkIjoiODAzNjEiLCJ0X2Vwb2NoIjoxNjg0MDk1MzAyLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJkb21haW5faWQiOiI4MDM2MSIsInRfZXBvY2giOjE2ODQwOTUzMDIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiZG9tYWluX2lkIjoiODAzNjEiLCJ0X2Vwb2NoIjoxNjg0MDk1MzAyLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX1d
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:03 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:03 GMT

POST
H2 204 greenoaks.gif
g.ezoic.net/detroitchicago/ 0
62 B 9ms
8ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJkb21haW5faWQiOiI4MDM2MSIsInRfZXBvY2giOjE2ODQwOTUzMDIsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjU5In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiI4NiJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMiJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIzODMifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiI0MDcifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTAzOSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMxZDJjN2U0LTg1ZDUtNGI4YS03YjA5LWZhNTE4Y2VhOTNkMSIsImRvbWFpbl9pZCI6IjgwMzYxIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiMTkxIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiZG9tYWluX2lkIjoiODAzNjEiLCJ0X2Vwb2NoIjoxNjg0MDk1MzAyLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjQzNyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMxZDJjN2U0LTg1ZDUtNGI4YS03YjA5LWZhNTE4Y2VhOTNkMSIsImRvbWFpbl9pZCI6IjgwMzYxIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZWZmZWN0aXZlX3R5cGUiLCJ2YWwiOiI0ZyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMxZDJjN2U0LTg1ZDUtNGI4YS03YjA5LWZhNTE4Y2VhOTNkMSIsImRvbWFpbl9pZCI6IjgwMzYxIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX1d
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:05 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:05 GMT

POST
H2 204 greenoaks.gif
g.ezoic.net/detroitchicago/ 0
62 B 9ms
9ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJkb21haW5faWQiOiI4MDM2MSIsInRfZXBvY2giOjE2ODQwOTUzMDIsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJkb21haW5faWQiOiI4MDM2MSIsInRfZXBvY2giOjE2ODQwOTUzMDIsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiNzg1In1dfV0=
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:04 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:04 GMT

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
16 B 10ms
9ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTA1ODg1OTEyNzI4MzAyMyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjg0MDk1MzAyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMTgsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiNzg1In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:04 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:04 GMT

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
16 B 8ms
8ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM3OTAyNzA3NTMwOTY0MCIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjgzNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:04 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:04 GMT

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
16 B 9ms
8ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM2MDk0MDgzMTMxMTA4MyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6Ijg5OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:04 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:04 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
741 B 290ms
289ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=3265400154087551&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&adks=410963353&didk=2428807379&sfv=1-0-40&ists=1&fas=8&prev_scp=bra%3Dmod1%26ic%3D1%26ezoic%3D1%26br1%3D16%26tap%3Dely_by-pixel1-2203892377262505%26avc%3D11%26d%3D80361%26reft%3Dn%26iid1%3D2203892377262505%26bvr%3D8%26ap%3D9999%26al%3D1006%26eb_br%3De29f69dd468d31a5514dc9b5587ce757%26br2%3D10%26ga%3D2497208&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095303811&lmt=1684095303&dlt=1684095302161&idt=964&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7613c97fcb932df4b2016d9f6ee4bded85f066283a849e0add654454c4890984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 712
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ 36 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

456c8b9bd894019058e65810ca410a4b275e47a82c179bc47d25ccb89e26fde5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 11:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31281
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12850
x-xss-protection: 0
server: cafe
etag: 12492328584916901251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 13 May 2024 11:33:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 111ms
109ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=2626847617639519&bg=!g4ClgNTNAAYldGN0BXQ7ADkAdvg8WmOb3EHEyGdFXRH-_erruIKkjYhw2R6XqmUi-STsgSm-sabxuXbOjcrVmhkWVaG_u4BCd2cCAAAAYlIAAAALaAEHmQKbslKEZoSCX8LcvK-VddbsRqccmcgFKzIipX37Qd8kF0VuWzkpJxx4d0ggy0ChLpAcLHNAZQPn1FLWDM5MXJd2m3njgi_LPEKz5eZcnhEpFLgPm8xYkXsBO033NW9T-Y23kS-rxl1ZNRG1B5wy-kt_jS9kbezvlRNOuj9ZvasRj_OAVxC7wkaiOSUgx4WxX7BLm83xclEM9Q3CD0NH2GZaad9accjgocHuvBlOE1Caq90qfp-UEaa46lEjrN77AMvaBG5rU1pYbP4dObgbKF0qdXXlao3uRgEas_h_OWv-BZ3Uq1xGPgJQPiXhl3RlVoxUJTJ3e77xddWi6IsfmchNwoH99JXO_pzgOv8tOvkjAuQ_v3thxo9jfCtc5Jci6kx3dNtKLDWApKLczZZ7-bPwE8wcq7_-0mcPBR6oU-zKLu5oLJb0dRioHNNrAaraTGjcTxKnooaQY0ZhEfu51jcr2ufmdZ7j9iK3GS3Kw1ZJq5ZHmKX0jugCJWqpgArS3VQWsB8YmdnRxMULLGcwcddAczzSjsd7Aa5TScyjbn4pygsZfRjytRSk6O2ppVC6m0j4QgnYRG6IQuSijOgIc9alG3-W6xE3xKLrPzHWrE3oBL5a3iV1QxXxafjy8AJ0Seb1XmbxP1AM7Iv_xHr6nzmm1TqNRpXmAnU5qJauVZyIvGYzZAwtrZlCdfmyjSotqc_7op4NaHIgj4Pa-0wXEsOtqP_3GqaUk5I-6FduL-kaB7itGfxK1uWCcHIZYw4_yEKZspL-jNt7piQb5Fq-GX9t_nYWVccN3gMagIrctgw39WVmS7BQnFlGrPdp2QERpZj4y86C5aNfPTuDeCMVgdc7IbQs4l6QGJi2B_l7Z2KW8Qc-H8ti0eFVDscysg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
16 B 15ms
4ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjIwMzg5MjM3NzI2MjUwNSIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImVseV9ieS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjg0MDk1MzAyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTMxMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:04 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:04 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 64ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 May 2023 20:15:05 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2FEC 15 KB
6 KB 59ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ely.by

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ely.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 20:15:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 511352
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 50ms
24ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 May 2023 20:15:05 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2FEC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ely.by&sn=ChromeSyncframe&so=0&topUrl=ely.by&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=tAgNI3xOU3R6THh0akVZMGRlNE1zVVdFMkFFRFg2K0ZvYUdsK0FCcTRpa3FvZDhVYVJXa1hNNDVSMEhNd0tHN3hOZGlXOWlYY1FHakZLWitFVE9CYmJvelZUODRGUlp3RWpjT3o0dFYyci9GQzVaRlVFeUc3MW1vWWFYVF...

430 B
657 B

83ms
18ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tAgNI3xOU3R6THh0akVZMGRlNE1zVVdFMkFFRFg2K0ZvYUdsK0FCcTRpa3FvZDhVYVJXa1hNNDVSMEhNd0tHN3hOZGlXOWlYY1FHakZLWitFVE9CYmJvelZUODRGUlp3RWpjT3o0dFYyci9GQzVaRlVFeUc3MW1vWWFYVFhxZkRVK00xQzFlbUI0ZDJxRFZGV2xNcExxVHRWc1E0MEtGeEZyS2FIb2YzUHA5dHg5SzVLQWZmazRTV2JFSDlUTytpbjR3ZWlueG8rWE1ObkF5cHVyekVPR1RXa1JCelYzV0o1TVlUTWkyZ2l4RzlrT0tzTFVFaFVza21oTEJPODVBbytVYUxockMrakJsS3RxeHhEWWZ1dGJyc0FRdz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

69188f2d4502ec21c0ae0aabcb1321443454b6db1bd3722903dd1a39464ef65d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1430478
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=tAgNI3xOU3R6THh0akVZMGRlNE1zVVdFMkFFRFg2K0ZvYUdsK0FCcTRpa3FvZDhVYVJXa1hNNDVSMEhNd0tHN3hOZGlXOWlYY1FHakZLWitFVE9CYmJvelZUODRGUlp3RWpjT3o0dFYyci9GQzVaRlVFeUc3MW1vWWFYVFhxZkRVK00xQzFlbUI0ZDJxRFZGV2xNcExxVHRWc1E0MEtGeEZyS2FIb2YzUHA5dHg5SzVLQWZmazRTV2JFSDlUTytpbjR3ZWlueG8rWE1ObkF5cHVyekVPR1RXa1JCelYzV0o1TVlUTWkyZ2l4RzlrT0tzTFVFaFVza21oTEJPODVBbytVYUxockMrakJsS3RxeHhEWWZ1dGJyc0FRdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 365511
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 41ms
15ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fely.by%2F&domain=ely.by&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ely.by
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ely.by
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 14 May 2023 20:15:06 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 299593
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 / Show response
id.a-mx.com/sync/ 66 B
568 B 104ms
33ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://ely.by/&tl=https://ely.by/&nf=0&rt=true&v=7.46.0&av=2.0&vg=epbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1bbec78cab766af4537e0684c7b0ff0c58e4ffee6839f52614460d46b81a7f2

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYpyZ7ULhoeAK%2BGzHd5YHUoqJLkTkqpxOGoB%2BTozvVBtDXrx1%2FUz%2F4AM45vwFZMT%2BvdoZd9ovZ%2Bw56EeZMxljQzzmwV0axzkIjiOXNeYRk2Fa5FUAr8f0mHTLvNHWSByyQOQs%2FzzHR5sjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ely.by
access-control-allow-credentials: true
cf-ray: 7c75cfb07f223736-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
364 B 14ms
14ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fely.by%2F&domain=ely.by&cw=1&pbt=1&lsw=1

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 307763
expires: 0

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 141 B
305 B 113ms
38ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=524&_it=prebid
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cce336f4fcdd345b5311dbacb6040eafcd60805f98054fef1715c7a90ea06b0

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
content-encoding: gzip
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 7c75cfb07dd01e66-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
535 B 30ms
7ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ely.by
date: Sun, 14 May 2023 20:15:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
312 B 155ms
45ms XHR
application/json 54.76.92.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.92.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-92-86.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ely.by
cache-control: no-cache
x-server: 10.45.16.168
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 204 pbcas
ads.yieldmo.com/ Frame 8507 0
0 32ms
32ms Document
text/plain 52.19.220.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.220.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-220-224.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ely.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sun, 14 May 2023 20:15:06 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
393 B 38ms
8ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

0950828377d299a67ef47d7456c14305eaf3627d5f413a7e01fb4f3561dc213f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ely.by
date: Sun, 14 May 2023 20:15:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 240 B
640 B 27ms
13ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-56

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

ca555a742376d48a7aa1ac9ac7a393b6b54c9bb876f4439f0e4647ad66c94249

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ely.by
date: Sun, 14 May 2023 20:15:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
741 B 412ms
412ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=3575558403610703&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&adks=410963354&didk=2428807372&sfv=1-0-40&ists=1&fas=8&prev_scp=bra%3Dmod1%26ic%3D2%26ezoic%3D1%26br1%3D8%26tap%3Dely_by-pixel1-2203892377262505%26avc%3D11%26d%3D80361%26reft%3Dn%26iid1%3D2203892377262505%26bvr%3D8%26ap%3D9999%26al%3D1006%26eb_br%3D2e8b8c60843e52e5aaa1e3a52287a2bb%26br2%3D10%26ga%3D2497208%26lb%3D16&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095306441&lmt=1684095306&dlt=1684095302161&idt=964&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

216528ea8f19ce34b0a27bb3e83d74352472da76f6e2c2fc892c0b4e69a2c4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 712
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
471 B 377ms
377ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=2155813097036655&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=7&adks=3465923160&didk=2657332888&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D1379027075309640%26eid%3D1379027075309640%26t%3D134%26d%3D80361%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dely_by-edge-2-1379027075309640%26eb_br%3D9c3e4ee8eae7f1433cb2fe69b1326605%26eba%3D1%26ebss%3D10017%2C10061%2C11304%26asau%3D7908452949%26bv%3D24%26bvm%3D0%26bvr%3D2%26avc%3D21%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D4%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D84%2C152%2C169%2C4%2C161%2C168%2C87%2C20%2C26%2C135%2C205%2C0%2C172%2C166%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%2C3676%26lb%3D6%26reqt%3D1684095306446&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095306452&lmt=1684095306&dlt=1684095302161&idt=964&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true&cbidsp=CqwBCAEyB3Y3LjQ2LjASFQoGY3JpdGVvUgZjcml0ZW8QgAEgAhIgCglvbmVtb2JpbGVSA2FvbFIJb25lbW9iaWxlEPwBIAISGgoJYWR5b3VsaWtlUglhZHlvdWxpa2UQcSACEhcKB3lpZWxkbW9SB3lpZWxkbW8Q0QEgAhgCIiQwMmZiNjhiMC0zM2RiLTQ5N2ItYmNhZS1mNjA4MDc3YzczZTQqBAgDIABKAEDQDw..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a43c3a7c7ccb24e1a3cf9b9803dd6d84929e2de282d1ebe72864cd06e2d5ca60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 442
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
466 B 316ms
315ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=3477183336762292&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=125x125&ifi=8&adks=2917767438&didk=3237305752&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D5058859127283023%26eid%3D5058859127283023%26t%3D134%26d%3D80361%26t1%3D134%26pvc%3D0%26ap%3D1118%26sap%3D1118%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dely_by-box-1-5058859127283023%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26ebss%3D10017%2C10061%2C11304%26asau%3D7908452949%26bv%3D12%26bvm%3D0%26bvr%3D2%26avc%3D21%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D4%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D79%2C193%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C30%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%2C3676%26lb%3D10%26reqt%3D1684095306448&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095306456&lmt=1684095306&dlt=1684095302161&idt=964&adxs=-300&adys=311&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true&cbidsp=CooBCAEyB3Y3LjQ2LjASFQoGY3JpdGVvUgZjcml0ZW8QgAEgAhIaCglhZHlvdWxpa2VSCWFkeW91bGlrZRBxIAISFwoHeWllbGRtb1IHeWllbGRtbxDRASACGAIiJDcxODU2MGE3LTMyYmYtNDFkOC04NzY3LTg3YTgzNDBkOWQyYSoECAMgAEoAQNAP

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcd1709872892bf202d09640dba0a2262089c632afe466a49f62f6dd3a6d6669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 437
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 398ms
398ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=3988694432031684&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=9&adks=1744209889&didk=2657331555&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D1360940831311083%26eid%3D1360940831311083%26t%3D134%26d%3D80361%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dely_by-edge-1-1360940831311083%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26ebss%3D10017%2C10061%2C11304%26asau%3D7908452949%26bv%3D12%26bvm%3D0%26bvr%3D2%26avc%3D21%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D157%2C193%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%2C3676%26hb_bidder%3Donemobile%26hb_adid%3D165c4ca2af21a83%26hb_format%3Dbanner%26hb_ssid%3D11293%26hb_opt%3D0.07%26hb_rt%3Dclient%26lb%3D6%26nam%3D1%26reqt%3D1684095306442&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095306460&lmt=1684095306&dlt=1684095302161&idt=964&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true&cbidsp=CtIBCAEyB3Y3LjQ2LjASFQoGY3JpdGVvUgZjcml0ZW8QgAEgAhJGCglvbmVtb2JpbGVSA2FvbFIJb25lbW9iaWxlEPcBGiQKDzE2NWM0Y2EyYWYyMWE4MxCquAQaA1VTRCgBOgYIoAEQ2AQgARIaCglhZHlvdWxpa2VSCWFkeW91bGlrZRBxIAISFwoHeWllbGRtb1IHeWllbGRtbxDRASACGAIiJDczZGFlNWQzLTFjYjYtNGEwYi05NGI4LTNjMTkxZmFmNWQ4YSoECAMgAEoAQNAP

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

791a6f49a0625916b938727417b40974876b53e1fec41dc7288ba4225cea4d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10410
x-xss-protection: 0
google-lineitem-id: 5728075597
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138354426985
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 75ms
17ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 14 May 2023 20:15:06 GMT
x-content-type-options: nosniff
age: 26091
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 732
x-served-by: cache-fra-eddf8230059-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 82ms
25ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: 4K0VHT4BRHMM6P72
age: 1189
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7c75cfb46d439211-FRA
x-amz-id-2: mkkUfc3AZ+xh6Fo3WePCTRYmo0s6+w1yMDzH/FE5eW6di6fM9uuhYhe06IiLzyP1a1TCpzzR2TE=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 32ms
7ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:13:04 GMT
via: 1.1 google
age: 122
x-guploader-uploadid: ADPycdvy7YIBXF-LarUb9eFYfNIia26Y9JSyZAU5J_fxxKmjTCUOrl7AbEyxVuUniviwaKhBaUFKAH90QKgFQPZJWZwj7Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Sun, 14 May 2023 21:13:04 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 65ms
19ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 05:55:32 GMT
content-encoding: gzip
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:14:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 51575
x-amz-server-side-encryption: AES256
etag: W/"37e703da55f96b973658b8e7aeed0e93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: pA8q_dpHig0pDXAG4X0jElh9vlMfAGbpbx_xOiCk_4pvSMBQpmXe_Q==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 91ms
15ms Script
text/javascript 2600:9000:2250:4200:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 05:53:38 GMT
Via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 63492
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: FM6VckF9Blsgnb5HEAGZDcblssXZMCSXi1x6O5-lR8N5VzBw7M5NAA==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 29ms
7ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 07:00:45 GMT
content-encoding: gzip
age: 2034861
x-guploader-uploadid: ADPycdvJ9f2JAcW_u33Wuncj8S73-G6Q6wRUusXGmU1oTYHkwdtBIiLp1LRa7LAdcbtsWxYQGd2x5956XBCXTVQq42M4_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 20 Apr 2024 07:00:45 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 17ms
17ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 15 May 2023 20:15:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D9C3 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthDNB54QhjhTG2gs6Bq4mE6PqfKY6UO5m0LsNdBymIsUq7zh-LJmkDaLpKV-73fT_iZZ4_WA6t8ycLYLWjQWXcyCo0M9et1Vik7hWhzEBzqcurnSlUEboPLYit3jrsLai6Wud7vGd7QxBqjZoSZhTpMoUZTmDFr1Tf2CO2yc66mxu4E5x4NumsNIFa2kn_Myy0_UxzxOr32tz-bcqlV3odE4vjdh84BYJRYdg_jBnuJnmdUEFjxt6nYBHhRbN3Egjj-bmrLot3lhZmM8bOejJmiNOp6xuH3973eezvwDz8C5Nduxvp1Zo&sai=AMfl-YTcAd3d4s03awOv0ORF8VIAjc5nQ4IPn_pAaCMd-4r7OoZsMTIFNFi0ogJ8FHkZAZVAnOFUG-c1WgAv45I0Vm9q8kUhJwZIJZULZtGMUzM9M6RqYXpd-m2HB98Icw&sig=Cg0ArKJSzL0Er1BmIyEtEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame D9C3 950 B
1 KB 130ms
25ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=43743149;rtbwp=0.090932;rtbdata=Zf9KJM-Lw8byZNzCB20wB67j5fEE6gy5D1JAyboSgWSgaiBmY4SffTKcJOWgTAkqEErw_4QvGO_Ix2lw6PUX8t9eLf4QwUYnJttxA7An81NfbJtfh18IHwVvycrVgld44ijGfhYj4ffMGZCeqBbW0D5nEYKBsrIoaV7LE1bPUTbnQDxG5hJ5COnQpqHDbK0PN0emMd0A923Vxgaya0qEQwDjWf88op-p0Jt0fwWUV3b5aX__xmU7uHUk2yNF028ryz7phZ_1dE6w9zTwnjgFVqJjdfnOlL1K0

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

555595b15353a095f53fe9db1a9f95841345307e54b5cc35045c74ea0f24fd24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 818
expires: -1

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame D9C3 19 B
150 B 84ms
16ms Script
application/javascript 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55936,57926,55853,55944,55859,47,58301,58154,58292&referrer=&limit=12&us_privacy=null&js=1&_origin=1&gdpr=1&euconsent=

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
server: ATS/9.1.10.57
age: 0
content-type: application/javascript

GET
H2 200 talon-1.0.40.js Show response
cdn.js7k.com/ix/ Frame D9C3 69 KB
17 KB 54ms
13ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.40.js

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 18:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: QZGKA82CVEEQQGM1
age: 5708
x-amz-server-side-encryption: AES256
content-length: 16540
x-amz-id-2: awYedCm2lEswkZLsoiWpcWZyLHgM/eErZcfYn+HlbEKn2JwH5jJGFyCV+QRHGI79dP3MnNKUKcw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 16:08:42 GMT
server: ATS
etag: "adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 adfeedback-1.0.108.js Show response
s.yimg.com/cb/af/ Frame D9C3 129 KB
32 KB 56ms
16ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cb/af/adfeedback-1.0.108.js

Requested by

Host: ely.by
URL: https://ely.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 17:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: MCTDQ77MDRY10V6A
age: 8963
x-amz-server-side-encryption: AES256
x-amz-id-2: ZaaWEayBmwUk2XQrTJ39vnkR/RfPUIaHoCoOH83tZGFNUDK81lZATnQWnImwdbAm7g6rCkjMRAU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 01:19:31 GMT
server: ATS
etag: "dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 adEvent.do
prod-m-node-3113.ssp.advertising.com/admax/ Frame D9C3 43 B
171 B 41ms
8ms Image
image/gif 3.125.30.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-m-node-3113.ssp.advertising.com/admax/adEvent.do?tidi=770936095&dcn=8a9691b20174742046e2210bface012a&posi=1115467&grp=%3F%3F%3F&nl=1684095303123&rts=1684095303034&pix=1&et=1&a=1594e47d6a7042cd993256fa3e7e1ef1&m=aXAtMTAtMjItOTktODQ.&p=MC4wMDAwOTA5MzI&b=MTMzMjg7NTYxMTtjb25nc3Rhci5kZTs7OztkZmNjODBiMTg5MjA0NjUyOTA3MmUwZTYzMTFlZWM0ODsxNTgwNzk7MTY4NDA5Mjc1MTs7MC4wMDAwNzI3NDY7OzA7OzQzNzQzMTQ5O2RhYmZkMTc0MDQwZjBmZTI4NDAxNjQ4NmEyMTdlZmIxMDQxOWZlYWE7MTsxOw..&uid=y-YVnDhOxE2rPiCL0d4jOInas5f55vXy0P0iHevqbw9qQy%7EA&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&hb=true&type=0&af=2&dety=2
Requested by: Host: ely.by
URL: https://ely.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.30.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-30-175.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
last-modified: Fri, 05 May 2023 20:38:46 GMT
server: nginx
accept-ranges: bytes
content-length: 43
content-type: image/gif

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
16 B 11ms
10ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM2MDk0MDgzMTMxMTA4MyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzYwOTQwODMxMzExMDgzIiwiZG9tYWluX2lkIjoiODAzNjEiLCJ1bml0IjoiZGl2LWdwdC1hZC1lbHlfYnktZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjg0MDk1MzAyLCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiMzNkZDUyM2Y4ZTRkZGExNThmMGFhOTk2ODZkZGE3ZjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzNjA5NDA4MzEzMTEwODMiLCJkb21haW5faWQiOiI4MDM2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVseV9ieS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODQwOTUzMDIsInJldmVudWUiOjAuMDAwMDcyNzQ2MDAwMDAwMDAwMDEsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDcyNzQ2MDAwMDAwMDAwMDEsImJpZF9mbG9vcl9wcmV2IjowLjAwMDA2LCJzdGF0X3NvdXJjZV9pZCI6MTEyOTMsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoic3RhdF9zb3VyY2VfaWQiLCJ2YWwiOiIxMTI5MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM2MDk0MDgzMTMxMTA4MyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6Im1lZGlhX3R5cGUiLCJ2YWwiOiJiYW5uZXIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzNjA5NDA4MzEzMTEwODMiLCJkb21haW5faWQiOiI4MDM2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVseV9ieS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODQwOTUzMDIsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMxZDJjN2U0LTg1ZDUtNGI4YS03YjA5LWZhNTE4Y2VhOTNkMSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwcmViaWRfc291cmNlIiwidmFsIjoiY2xpZW50In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:07 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:07 GMT

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
62 B 10ms
10ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM2MDk0MDgzMTMxMTA4MyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwicmV2ZW51ZSI6MC4wMDAwNzI3NDYwMDAwMDAwMDAwMSwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAwNzI3NDYwMDAwMDAwMDAwMSwiYmlkX2Zsb29yX3ByZXYiOjAuMDAwMDYsInN0YXRfc291cmNlX2lkIjoxMTI5MywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMxZDJjN2U0LTg1ZDUtNGI4YS03YjA5LWZhNTE4Y2VhOTNkMSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:07 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9C3 169 KB
53 KB 67ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 May 2023 20:15:06 GMT

POST
H2 204 greenoaks.gif
g.ezoic.net/detroitchicago/ 0
16 B 10ms
10ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJkb21haW5faWQiOiI4MDM2MSIsInRfZXBvY2giOjE2ODQwOTUzMDIsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9sb2FkIiwidmFsIjoiNDEyMCJ9XX1d
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:07 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:07 GMT

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
16 B 10ms
9ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM2MDk0MDgzMTMxMTA4MyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1NzI4MDc1NTk3LCJjcmVhdGl2ZV9pZCI6MTM4MzU0NDI2OTg1LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzNTQ0MjY5ODUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzNjA5NDA4MzEzMTEwODMiLCJkb21haW5faWQiOiI4MDM2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVseV9ieS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODQwOTUzMDIsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMxZDJjN2U0LTg1ZDUtNGI4YS03YjA5LWZhNTE4Y2VhOTNkMSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5NywiY3JlYXRpdmVfaWQiOjEzODM1NDQyNjk4NSwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNTcyODA3NTU5NyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:07 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:07 GMT

GET
H3 200 5728075597 Show response
go.ezodn.com/dac/ 0
626 B 18ms
17ms XHR
text/plain 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/5728075597
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-2&bv=226&v=74&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3455
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Sun, 14 May 2023 17:59:36 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://ely.by
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpYDOyhURYkaP3HnmUPGIcBV0zlsvKHAlX%2FpmuzMLzuXuUTOr3hXwPBRlNlNzI1lZavHVTD8z4Hj4EszRl0mwFCp4sBUj4cTLPDEUu1BdHo5A0gpefcNnx4ML3MBKLoGGCUe7gjV2KMBBbs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7c75cfb43cea35ff-FRA
access-control-allow-headers: Content-Type

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
62 B 10ms
10ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM2MDk0MDgzMTMxMTA4MyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1NzI4MDc1NTk3LCJjcmVhdGl2ZV9pZCI6MTM4MzU0NDI2OTg1LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wNS0xNCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjIwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjAifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:06 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:06 GMT

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
16 B 10ms
10ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTM2MDk0MDgzMTMxMTA4MyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwiYXVjdGlvbl9lcG9jaCI6MTY4NDA5NTMwNywiYWRfcG9zaXRpb24iOjE5NzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NiwiYmlkX2Zsb29yX3ByZXYiOjYsImJpZF9mbG9vcl9maWxsZWQiOjQsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjQ1NCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo1NzI4MDc1NTk3fV0=
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:05 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:05 GMT

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 44ms
22ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ely.by
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://ely.by
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 14 May 2023 20:15:06 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: c6a86fff4bc3e2259fbb84542130e4ca

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 32ms
31ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e6371da53bdc61a9f7f8bb225348caebd37d3907125033b805088a19497b8ed0

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 9ce2a66fd1df4643487c4696fec429be
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fely.by%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fely.by%2F&rid=esp&cc=1

85 B
203 B

120ms
120ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fely.by%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 07ff6a1c176a9f3a6ec311f0177a9fbf46f6e6e1b667320b3e41a58d29a2c4a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:07 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-KtvA6utlIqfgV5I+Bg6ZiLGKolY"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ely.by
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 14 May 2023 20:15:07 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://ely.by
location: /esp?url=https%3A%2F%2Fely.by%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 21ms
20ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
743 B 362ms
362ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=4193283138139683&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=10&adks=410963355&didk=2428807373&sfv=1-0-40&ists=1&fas=8&prev_scp=bra%3Dmod1%26ic%3D3%26ezoic%3D1%26br1%3D6%26tap%3Dely_by-pixel1-2203892377262505%26avc%3D11%26d%3D80361%26reft%3Dn%26iid1%3D2203892377262505%26bvr%3D8%26ap%3D9999%26al%3D1006%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26br2%3D10%26ga%3D2497208%26lb%3D8&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095306950&lmt=1684095306&dlt=1684095302161&idt=964&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCviubNNk-Pi-xvil--tuW9TDNo4sis0L8ofGWov6SCNjkbgJKLi1WjWpvwGQBkynXB2xfYotz_tvjUoj%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhJmc34ExSABSAghkEhkKCnB1YmNpZC5vcmcYg5mc34ExSABSAghkEhcKCHJ0YmhvdXNlGISZnN-BMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiEmZzfgTFIAFICCGQSGQoKdWlkYXBpLmNvbRiEmZzfgTFIAFICCGQSFAoFb3BlbngYhJmc34ExSABSAghkEhsKDGlkNS1zeW5jLmNvbRiEmZzfgTFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f6ea74d788b5657b49954c2ddf94ac41944f0f3dc2f548c37337e218a12c2e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 714
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
328 B 169ms
78ms XHR
application/json 52.49.63.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.63.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-63-182.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8e1461cf58b0d78fbaf687432f007fe0d90ae37f59bdc7a7187d5ee60f874b64

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ely.by
cache-control: no-cache
x-server: 10.45.9.210
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
315 B 7ms
7ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ely.by
date: Sun, 14 May 2023 20:15:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame D9C3 34 KB
16 KB 128ms
27ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43743149;rtbwp=0.090932;rtbdata=Zf9KJM-Lw8byZNzCB20wB67j5fEE6gy5D1JAyboSgWSgaiBmY4SffTKcJOWgTAkqEErw_4QvGO_Ix2lw6PUX8t9eLf4QwUYnJttxA7An81NfbJtfh18IHwVvycrVgld44ijGfhYj4ffMGZCeqBbW0D5nEYKBsrIoaV7LE1bPUTbnQDxG5hJ5COnQpqHDbK0PN0emMd0A923Vxgaya0qEQwDjWf88op-p0Jt0fwWUV3b5aX__xmU7uHUk2yNF028ryz7phZ_1dE6w9zTwnjgFVqJjdfnOlL1K0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ae684e653cf5edc8bec110ff0669b6daa58f690d550735f98954697799f963da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:10:47 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 08:19:00 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 19 Apr 2023 13:55:16 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 9FA5 0
176 B 56ms
23ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ely.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 14 May 2023 20:15:07 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame D9C3 5 KB
3 KB 26ms
26ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=43743149;rtbwp=0.090932;rtbdata=Zf9KJM-Lw8byZNzCB20wB67j5fEE6gy5D1JAyboSgWSgaiBmY4SffTKcJOWgTAkqEErw_4QvGO_Ix2lw6PUX8t9eLf4QwUYnJttxA7An81NfbJtfh18IHwVvycrVgld44ijGfhYj4ffMGZCeqBbW0D5nEYKBsrIoaV7LE1bPUTbnQDxG5hJ5COnQpqHDbK0PN0emMd0A923Vxgaya0qEQwDjWf88op-p0Jt0fwWUV3b5aX__xmU7uHUk2yNF028ryz7phZ_1dE6w9zTwnjgFVqJjdfnOlL1K0;js=1;adfxid=1x;7803;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fely.by%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

c728beff54dbde0cfe40936017d9bce0c4f8cdc73de43a85f88592b1f4d81bd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2305
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame D9C3 25 KB
10 KB 107ms
67ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 354722
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JGAjtZfJQwLIE9ldVmvXjY8I4n79U8Mh%2FVKaCBq2T4iP8qtzwkUORFa0GlmX0qbCztXbVG8%2B9vDONkpXQfgpkGp6nkrWqQ1V6SGustKzIdLsBEtIoQp3kt8c0ZCADzW4UMNjbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7c75cfb6bd751987-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 09 May 2023 13:46:06 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame D9C3 35 B
586 B 25ms
25ms Ping
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=43743149&csi=a9IgCg81VSCrhyc3ZJ_5Xtxdh7GkF6Zqx83XCnLZoYjZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ely.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://ely.by
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame D9C3 35 KB
15 KB 33ms
32ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:10:48 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 08:19:00 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 19 Apr 2023 13:55:16 GMT

GET
DATA 200
OK truncated
/ Frame D9C3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b22a6159194e44d5106b49768a38cf5eea15336bd10586aca4355f0bf5e9a95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D9C3 0
0 52ms
51ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu70hWu0sVnfjihHC_3u4PbqACAztdzWBBj6UHs11kOxBV02uvaqyFgqMC3s9wlOxeBgwsEsu7b4-opHxj9it3rrqqRHl5prZXVelOvh6mT5QEp2-_UgM9vSUMikLTRELXY1sV9EwfllC7sQWoqqFvRSvF4xN1NlMT8ym_loBCbcqWCioqDNqWlMv3ymXpa6m7I1izY3H5zxVOnq8L7KLf7b0T_X-_ppjl36_O7iqIruHcVkdcPm0yC0-nEGw0AWbwglbtINljcHp3y3UcbgkDHgucoQY-zfF_t37uZil5vwAgoSQ2wrZ8g4A&sai=AMfl-YSq-dEziF8DZ5s6uFkbWGT-RmCJX23OMldYYm7LBPJqgSA1heHmHa0DHurqbcC7QQHSK5D5ViZaXsAIL-mUXTyUK51b5h1NNCCKth71L04uLRp8japxqJob1ZyuHQ&sig=Cg0ArKJSzLxzDI4FquWLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 14 May 2023 20:15:07 GMT

GET
H2 200 frame.html Show response
ad4m.at/ Frame AD6D 2 KB
1 KB 26ms
25ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://ely.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1494796
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7c75cfb7bee31987-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 14 May 2023 20:15:07 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfeYm2mleAMMZlaCDEnbhCPRgz7UrMaMK%2BVByXkCleuU0wSLPmcNxEnl2%2BrdZ1gPi6tolHg0Q8aBfyoFw39q7y6f8e3hhB80AFpgciGuY98mBW49VmQeMdbEm7ggvXSOWHtoXLg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
741 B 313ms
312ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=1866742851930773&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=11&adks=410963332&didk=2428807374&sfv=1-0-40&ists=1&fas=8&prev_scp=bra%3Dmod1%26ic%3D4%26ezoic%3D1%26br1%3D4%26tap%3Dely_by-pixel1-2203892377262505%26avc%3D11%26d%3D80361%26reft%3Dn%26iid1%3D2203892377262505%26bvr%3D8%26ap%3D9999%26al%3D1006%26eb_br%3D9c3e4ee8eae7f1433cb2fe69b1326605%26br2%3D10%26ga%3D2497208%26lb%3D6&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095307490&lmt=1684095307&dlt=1684095302161&idt=964&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCviubNNk-Pi-xvil--tuW9TDNo4sis0L8ofGWov6SCNjkbgJKLi1WjWpvwGQBkynXB2xfYotz_tvjUoj%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhJmc34ExSABSAghkEhkKCnB1YmNpZC5vcmcY05mc34ExSABSAghqEsIBCghydGJob3VzZRKsAXJ0aHJSQkpoU2dDSENwOHdTUU16b0crN2M0c0wrVStFaHlSa2RUSXVDVEt1aW56MDlocGJUTmp4WXNwb1AwY3ZVUCtnWlNueDdkSUlOeStFb2lFSmRMd2hNcDMwaytPSnByb1M1RFRtWkh6TlFMcnlFcGlJdlc0c0o3b0d4anA0Vnhlc0NWR2x5VUphVFh3d1dZQjhDWUxPNjBrR2MzRGJpUzVJM3diWjFPZz0Y_Jmc34ExSAASHQoOZXNwLmNyaXRlby5jb20YhJmc34ExSABSAghkEhkKCnVpZGFwaS5jb20YhJmc34ExSABSAghkEj4KBW9wZW54EixleUpwSWpvaU1rc3ljRmN4YkZSVGRFdDRNVUp1Vlhwa1ExUlFaejA5SW4wPRi7m5zfgTFIABIbCgxpZDUtc3luYy5jb20Y6pmc34ExSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0169748765f24536688bfa73c62fccc73b4ac2ac55ad6ac33dbe26afaeb1d3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 712
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST rs
ad4m.at/ Frame D9C3 0
0

OPTIONS
H3 502 rs
ad4m.at/ Frame 0
0 38ms
29ms Preflight
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/rs

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ely.by
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7c75cfb81acc18df-FRA
content-type: text/html; charset=UTF-8
date: Sun, 14 May 2023 20:15:07 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
16 B 8ms
7ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM2MDk0MDgzMTMxMTA4MyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1NzI4MDc1NTk3LCJjcmVhdGl2ZV9pZCI6MTM4MzU0NDI2OTg1LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:06 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:06 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
471 B 338ms
337ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=4234322234251112&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=12&adks=3465923160&didk=2657332888&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D1379027075309640%26eid%3D1379027075309640%26t%3D134%26d%3D80361%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dely_by-edge-2-1379027075309640%26eb_br%3Dzero%26eba%3D1%26ebss%3D10017%2C10061%2C11304%26asau%3D7908452949%26bv%3D24%26bvm%3D0%26bvr%3D2%26avc%3D21%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D2%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D84%2C152%2C169%2C4%2C161%2C168%2C87%2C20%2C26%2C135%2C205%2C0%2C172%2C166%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%2C3676%26lb%3D4%26reqt%3D1684095306955%26ss38%3D1%26ss9%3D1&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095307960&lmt=1684095307&dlt=1684095302161&idt=964&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABHeCviubNNk-Pi-xvil--tuW9TDNo4sis0L8ofGWov6SCNjkbgJKLi1WjWpvwGQBkynXB2xfYotz_tvjUoj%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCviqnZI2v77jd0YTLeKIQ81-otWAxB4g75miFDg96Y11&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhJmc34ExSABSAghkEhkKCnB1YmNpZC5vcmcY05mc34ExSABSAghqEsIBCghydGJob3VzZRKsAXJ0aHJSQkpoU2dDSENwOHdTUU16b0crN2M0c0wrVStFaHlSa2RUSXVDVEt1aW56MDlocGJUTmp4WXNwb1AwY3ZVUCtnWlNueDdkSUlOeStFb2lFSmRMd2hNcDMwaytPSnByb1M1RFRtWkh6TlFMcnlFcGlJdlc0c0o3b0d4anA0Vnhlc0NWR2x5VUphVFh3d1dZQjhDWUxPNjBrR2MzRGJpUzVJM3diWjFPZz0Y_Jmc34ExSAASHQoOZXNwLmNyaXRlby5jb20YhJmc34ExSABSAghkEhkKCnVpZGFwaS5jb20YhJmc34ExSABSAghkEj4KBW9wZW54EixleUpwSWpvaU1rc3ljRmN4YkZSVGRFdDRNVUp1Vlhwa1ExUlFaejA5SW4wPRi7m5zfgTFIABIbCgxpZDUtc3luYy5jb20Y6pmc34ExSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80f622213302e6217e3e8a171e42033ee4ad3ead9fd9af269c65325062501d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 442
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
466 B 606ms
605ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=440576996265042&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=125x125&ifi=13&adks=2917767438&didk=3237305752&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D5058859127283023%26eid%3D5058859127283023%26t%3D134%26d%3D80361%26t1%3D134%26pvc%3D0%26ap%3D1118%26sap%3D1118%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dely_by-box-1-5058859127283023%26eb_br%3Dzero%26eba%3D1%26ebss%3D10017%2C10061%2C11304%26asau%3D7908452949%26bv%3D12%26bvm%3D0%26bvr%3D2%26avc%3D21%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D4%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D79%2C193%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C30%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1428%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3052%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3856%2C4184%2C4185%2C4186%2C4276%2C3676%26lb%3D6%26reqt%3D1684095306967%26ss38%3D1%26ss9%3D1&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095307970&lmt=1684095307&dlt=1684095302161&idt=964&adxs=-300&adys=311&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCviubNNk-Pi-xvil--tuW9TDNo4sis0L8ofGWov6SCNjkbgJKLi1WjWpvwGQBkynXB2xfYotz_tvjUoj%2CABHeCviqnZI2v77jd0YTLeKIQ81-otWAxB4g75miFDg96Y11&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhJmc34ExSABSAghkEhkKCnB1YmNpZC5vcmcY05mc34ExSABSAghqEsIBCghydGJob3VzZRKsAXJ0aHJSQkpoU2dDSENwOHdTUU16b0crN2M0c0wrVStFaHlSa2RUSXVDVEt1aW56MDlocGJUTmp4WXNwb1AwY3ZVUCtnWlNueDdkSUlOeStFb2lFSmRMd2hNcDMwaytPSnByb1M1RFRtWkh6TlFMcnlFcGlJdlc0c0o3b0d4anA0Vnhlc0NWR2x5VUphVFh3d1dZQjhDWUxPNjBrR2MzRGJpUzVJM3diWjFPZz0Y_Jmc34ExSAASHQoOZXNwLmNyaXRlby5jb20YhJmc34ExSABSAghkEhkKCnVpZGFwaS5jb20YhJmc34ExSABSAghkEj4KBW9wZW54EixleUpwSWpvaU1rc3ljRmN4YkZSVGRFdDRNVUp1Vlhwa1ExUlFaejA5SW4wPRi7m5zfgTFIABIbCgxpZDUtc3luYy5jb20Y6pmc34ExSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4e3b80341b574cb23a65b42b280f877aad7fe29f56944dd203e40f157a1eab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 437
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
744 B 382ms
381ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=773055359586435&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=14&adks=410963333&didk=2428807375&sfv=1-0-40&ists=1&fas=8&prev_scp=bra%3Dmod1%26ic%3D5%26ezoic%3D1%26br1%3D2%26tap%3Dely_by-pixel1-2203892377262505%26avc%3D11%26d%3D80361%26reft%3Dn%26iid1%3D2203892377262505%26bvr%3D8%26ap%3D9999%26al%3D1006%26eb_br%3Db6c98a8bb15764f1c4ee331dcb724178%26br2%3D10%26ga%3D2497208%26lb%3D4&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095307996&lmt=1684095307&dlt=1684095302161&idt=964&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCviubNNk-Pi-xvil--tuW9TDNo4sis0L8ofGWov6SCNjkbgJKLi1WjWpvwGQBkynXB2xfYotz_tvjUoj%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhJmc34ExSABSAghkEhkKCnB1YmNpZC5vcmcY05mc34ExSABSAghqEsIBCghydGJob3VzZRKsAXJ0aHJSQkpoU2dDSENwOHdTUU16b0crN2M0c0wrVStFaHlSa2RUSXVDVEt1aW56MDlocGJUTmp4WXNwb1AwY3ZVUCtnWlNueDdkSUlOeStFb2lFSmRMd2hNcDMwaytPSnByb1M1RFRtWkh6TlFMcnlFcGlJdlc0c0o3b0d4anA0Vnhlc0NWR2x5VUphVFh3d1dZQjhDWUxPNjBrR2MzRGJpUzVJM3diWjFPZz0Y_Jmc34ExSAASHQoOZXNwLmNyaXRlby5jb20YhJmc34ExSABSAghkEhkKCnVpZGFwaS5jb20YhJmc34ExSABSAghkEj4KBW9wZW54EixleUpwSWpvaU1rc3ljRmN4YkZSVGRFdDRNVUp1Vlhwa1ExUlFaejA5SW4wPRi7m5zfgTFIABIbCgxpZDUtc3luYy5jb20Y6pmc34ExSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bd98aea25acd8f827edd32e5ac98a75185812ab34db214caea4dc07d967b6d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 715
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ely.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
16 B 8ms
7ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM3OTAyNzA3NTMwOTY0MCIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzYwOTQwODMxMzExMDgzIiwiZG9tYWluX2lkIjoiODAzNjEiLCJ1bml0IjoiZGl2LWdwdC1hZC1lbHlfYnktZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjg0MDk1MzAyLCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjU3MjgwNzU1OTcsImNyZWF0aXZlX2lkIjoxMzgzNTQ0MjY5ODUsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTA1ODg1OTEyNzI4MzAyMyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjg0MDk1MzAyLCJhZF9wb3NpdGlvbiI6MTExOCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:07 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:07 GMT

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
62 B 8ms
7ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM3OTAyNzA3NTMwOTY0MCIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTQ0MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzYwOTQwODMxMzExMDgzIiwiZG9tYWluX2lkIjoiODAzNjEiLCJ1bml0IjoiZGl2LWdwdC1hZC1lbHlfYnktZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjg0MDk1MzAyLCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjU3MjgwNzU1OTcsImNyZWF0aXZlX2lkIjoxMzgzNTQ0MjY5ODUsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjMwMCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTA1ODg1OTEyNzI4MzAyMyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjg0MDk1MzAyLCJhZF9wb3NpdGlvbiI6MTExOCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiItMzAwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:09 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:09 GMT

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
62 B 8ms
8ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM3OTAyNzA3NTMwOTY0MCIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiY29tcF9pZCI6MSwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:08 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:08 GMT

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
16 B 8ms
8ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTM2MDk0MDgzMTMxMTA4MyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4NDA5NTMwMiwiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzFkMmM3ZTQtODVkNS00YjhhLTdiMDktZmE1MThjZWE5M2QxIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1NzI4MDc1NTk3LCJjcmVhdGl2ZV9pZCI6MTM4MzU0NDI2OTg1LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwLDYwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzNjA5NDA4MzEzMTEwODMiLCJkb21haW5faWQiOiI4MDM2MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVseV9ieS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODQwOTUzMDIsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMxZDJjN2U0LTg1ZDUtNGI4YS03YjA5LWZhNTE4Y2VhOTNkMSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTcyODA3NTU5NywiY3JlYXRpdmVfaWQiOjEzODM1NDQyNjk4NSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzYwOTQwODMxMzExMDgzIiwiZG9tYWluX2lkIjoiODAzNjEiLCJ1bml0IjoiZGl2LWdwdC1hZC1lbHlfYnktZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjg0MDk1MzAyLCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjU3MjgwNzU1OTcsImNyZWF0aXZlX2lkIjoxMzgzNTQ0MjY5ODUsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:08 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:08 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D9C3 42 B
64 B 109ms
109ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutLbOTCe5CHGARhdqJGMgnvlxFzZXQVWGFsV1mPP1Hzj3u9EXxeR5AFDH6UQW71rJjX9SR2XWubpXKc4Gjv9_DGkrNhSm7hS8R6AYK5LeKZ-3HQ0Z9&sig=Cg0ArKJSzCo-nbhn42a1EAE&id=lidar2&mcvt=1000&p=302,0,902,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1744209889&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684095306896&rpt=565&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 20:15:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ely.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 20:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

POST
H2 204 army.gif
g.ezoic.net/porpoiseant/ 0
62 B 7ms
7ms Ping
text/plain 2a05:d014:776:a63d:6339:2a28:fc90:eea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTA1ODg1OTEyNzI4MzAyMyIsImRvbWFpbl9pZCI6IjgwMzYxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWx5X2J5LWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjg0MDk1MzAyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMTgsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMWQyYzdlNC04NWQ1LTRiOGEtN2IwOS1mYTUxOGNlYTkzZDEiLCJjb21wX2lkIjoxLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/detroitchicago/memphis.js?gcb=195-2&cb=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ely.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://ely.by
x-middleton-display: ezp_sol
date: Sun, 14 May 2023 20:15:10 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sat, 13 May 2023 20:15:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad4m.at
URL: https://ad4m.at/rs

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2626847617639519&correlator=352421887533301&eid=31074171%2C21065724&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=1254144%3A22648562359%2Cely_by-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=15&adks=410963334&didk=2428807368&sfv=1-0-40&ists=1&fas=8&prev_scp=bra%3Dmod1%26ic%3D6%26ezoic%3D1%26br1%3D0%26tap%3Dely_by-pixel1-2203892377262505%26avc%3D11%26d%3D80361%26reft%3Dn%26iid1%3D2203892377262505%26bvr%3D8%26ap%3D9999%26al%3D1006%26eb_br%3Dzero%26br2%3D10%26ga%3D2497208%26lb%3D2%26at%3Dbf%26ss38%3D1%26ss9%3D1&eri=1&sc=1&cookie=ID%3D3534d82e6949ff9c-22fc83d6d5dd00cf%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ&gpic=UID%3D00000c159a9a86d4%3AT%3D1684095302%3ART%3D1684095302%3AS%3DALNI_MbjkB9yP19PPwg9O61FGbPeksmNag&abxe=1&dt=1684095308502&lmt=1684095308&dlt=1684095302161&idt=964&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fely.by%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCviubNNk-Pi-xvil--tuW9TDNo4sis0L8ofGWov6SCNjkbgJKLi1WjWpvwGQBkynXB2xfYotz_tvjUoj%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=802863605.1684095303&ga_sid=1684095303&ga_hid=1500577756&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhJmc34ExSABSAghkEhkKCnB1YmNpZC5vcmcY05mc34ExSABSAghqEsIBCghydGJob3VzZRKsAXJ0aHJSQkpoU2dDSENwOHdTUU16b0crN2M0c0wrVStFaHlSa2RUSXVDVEt1aW56MDlocGJUTmp4WXNwb1AwY3ZVUCtnWlNueDdkSUlOeStFb2lFSmRMd2hNcDMwaytPSnByb1M1RFRtWkh6TlFMcnlFcGlJdlc0c0o3b0d4anA0Vnhlc0NWR2x5VUphVFh3d1dZQjhDWUxPNjBrR2MzRGJpUzVJM3diWjFPZz0Y_Jmc34ExSAASHQoOZXNwLmNyaXRlby5jb20YhJmc34ExSABSAghkEhkKCnVpZGFwaS5jb20YhJmc34ExSABSAghkEj4KBW9wZW54EixleUpwSWpvaU1rc3ljRmN4YkZSVGRFdDRNVUp1Vlhwa1ExUlFaejA5SW4wPRi7m5zfgTFIABIbCgxpZDUtc3luYy5jb20Y6pmc34ExSABSAghq

Verdicts & Comments Add Verdict or Comment

350 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ely.by/	1969-12-31 23:59:59	Name: PHPSESSID Value: bd4bc36852701900c8e838087da09bc4
.ely.by/	1970-01-20 21:24:15	Name: _ga Value: GA1.2.802863605.1684095303
.ely.by/	1970-01-20 11:49:41	Name: _gid Value: GA1.2.416846924.1684095303
.ely.by/	1970-01-20 11:48:15	Name: _gat Value: 1
.ely.by/	1970-01-20 11:48:17	Name: ezoadgid_80361 Value: -1
.ely.by/	1970-01-20 11:48:22	Name: ezoref_80361 Value:
.ely.by/	1970-01-20 20:33:51	Name: ezosuibasgeneris-1 Value: 4d1bf837-b899-49d6-6eeb-71be67a99d2c
.ely.by/	1970-01-20 11:48:22	Name: ezoab_80361 Value: mod1
.ely.by/	1970-01-20 11:48:17	Name: ezovid_80361 Value: 2131570054
.ely.by/	1970-01-20 11:48:17	Name: lp_80361 Value: https://ely.by/
.ely.by/	1970-01-20 11:51:08	Name: ezovuuidtime_80361 Value: 1684095302
.ely.by/	1970-01-20 11:48:17	Name: ezovuuid_80361 Value: 4d210869-93e1-41f8-45f7-7b04e6e4c548
.ely.by/	1970-01-20 11:51:08	Name: active_template::80361 Value: pub_site.1684095302
.ely.by/	1970-01-20 11:48:17	Name: ezopvc_80361 Value: 1
.ely.by/	1970-01-20 11:49:41	Name: ezepvv Value: 3
.ely.by/	1970-01-20 21:09:51	Name: __gads Value: ID=3534d82e6949ff9c-22fc83d6d5dd00cf:T=1684095302:RT=1684095302:S=ALNI_Ma8Hs8kSLDzNC_UYkdqfq_6W3iYlQ
.ely.by/	1970-01-20 21:09:51	Name: __gpi Value: UID=00000c159a9a86d4:T=1684095302:RT=1684095302:S=ALNI_MbjkB9yP19PPwg9O61FGbPeksmNag
ely.by/	1970-01-20 12:31:27	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ely.by/	1970-01-20 20:33:51	Name: _sharedid Value: fa6950e8-2a26-4e41-b581-228ca71eee82
.yahoo.com/	1970-01-20 20:34:12	Name: A3 Value: d=AQABBEdBYWQCENWoXODPDzz7aNJR4Lh5WmMFEgEBAQGSYmRrZAAAAAAA_eMAAA&S=AQAAAgKVA2ES_jo0SGhivrDPX2g
ely.by/	1970-01-20 20:33:51	Name: ezux_lpl_80361 Value: 1684095303200\|c1d2c7e4-85d5-4b8a-7b09-fa518cea93d1\|false
.doubleclick.net/	1970-01-20 21:09:51	Name: IDE Value: AHWqTUmMcU6Kaz4TKemCNPlbVohXfKN8c8S6Zv9UGMhiO5f6u35L5VSxGiOVsDCxwcg
.criteo.com/	1970-01-20 21:09:51	Name: uid Value: f940d304-81e3-4b56-ab54-d0a8370c004c
.ely.by/	1970-01-20 21:09:51	Name: cto_bundle Value: omG6yV9nN24xRHYwZjN6TWp4bmhYNmdSOUVQSzdsN3VVaXFXMXBHbE5DUHM4Mjg2OGdQMFpJZDViOFB1T1RUNUolMkZtWUpHZzlZdGl4MzNIVmdCTXh3R2tFJTJCdVE1Z2dQJTJGU1hybThhSDlNV2VVcjFSNUlQdzFQWUk1JTJGNEtzV0NCT1pUd2VZN0xoVmVka3BCcGQ4ODlIczNjUiUyRklBJTNEJTNE
ely.by/	1969-12-31 23:59:59	Name: ezouspvv Value: 6
ely.by/	1969-12-31 23:59:59	Name: ezouspva Value: 1
ely.by/	1969-12-31 23:59:59	Name: ezouspvh Value: 6
.openx.net/	1970-01-20 20:33:51	Name: i Value: d8ada95b-5953-4ad2-b1d4-19d4cdd0933e\|1684095307

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://ely.by/ Message: Access to XMLHttpRequest at 'https://ad4m.at/rs' from origin 'https://ely.by' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ad4m.at/rs Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5b296c8dde544453caa4c6a2633cb25c.safeframe.googlesyndication.com
ad4m.at
ads.yieldmo.com
adservice.google.com
adservice.google.de
bcp.crwdcntrl.net
bidder.criteo.com
bshr.ezodn.com
c2shb.ssp.yahoo.com
cdn.id5-sync.com
cdn.js7k.com
cdn.jsdelivr.net
cdn.polyfill.io
cdn.prod.uidapi.com
ely.by
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
g.ezoic.net
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
prod-m-node-3113.ssp.advertising.com
s.yimg.com
s1.adform.net
script.4dex.io
securepubads.g.doubleclick.net
service.idsync.analytics.yahoo.com
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
track.adform.net
www.ezojs.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagservices.com
ad4m.at
securepubads.g.doubleclick.net
162.19.138.118
162.19.138.119
178.250.7.13
18.156.195.47
185.255.84.150
195.201.80.5
2600:9000:2250:4200:a:e047:752:b361
2606:4700:10::6816:3456
2606:4700:10::ac43:17ea
2606:4700:20::681a:8a9
2606:4700:20::681a:bd1
2606:4700:3034::6815:24f2
2606:4700:e4::ac40:a602
2606:4700:e4::ac40:a702
2a00:1288:80:807::1
2a00:1288:80:807::2
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c09::9c
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a04:4e42:200::282
2a04:4e42:200::485
2a05:d014:776:a63d:6339:2a28:fc90:eea
2a06:98c1:3120::3
3.125.30.175
3.75.62.37
34.102.146.192
34.120.107.143
34.96.70.87
35.190.39.111
35.244.159.8
37.157.2.249
37.157.6.253
52.19.220.224
52.49.63.182
54.76.92.86
65.9.66.104
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0169748765f24536688bfa73c62fccc73b4ac2ac55ad6ac33dbe26afaeb1d3bb
0730ea662702384bb01abf66275bab7f70f4b8edad0eee15c9a8948a5d5f5cdd
07ff6a1c176a9f3a6ec311f0177a9fbf46f6e6e1b667320b3e41a58d29a2c4a6
0950828377d299a67ef47d7456c14305eaf3627d5f413a7e01fb4f3561dc213f
0f55f975a90d3b45589a5cdfbecfddc6a5f5f7513a17ee22d71cb1167cc13d37
12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b
1d568fa6632c283fd4b37482c66ba2d6c82fcf01d39d4a9acd7ac3e9c432f982
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
216528ea8f19ce34b0a27bb3e83d74352472da76f6e2c2fc892c0b4e69a2c4dd
264238db6e0c2a003e81eaa9b6d804dfde5504363c6cd15ba85202e30972b9ba
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8
2b3d127b2a33edc1fb2dfc224e31fca161d01c0a51622e6a7164ea67ccf6ff94
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
30887d75ca7268ceabc93067bca019f8ffe07189630a759407b236736e1f15af
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
3500d427ade53ae5f73baa981d2d4859d49699f7ab556674956b58e0d6c6a629
359785585ea911cbb5805012d8e7f04478a720ea649e6f1046694d0215e5b3e2
366b852a67aeca6a82b972ff59d842387c2a000f984976700ee15fb1045d19fa
3811b7185ca22af2963009683d13627aa2165581f64ee28ced6e4793ab4e1f64
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
40e084afde599dba202108218f0be508d789251c9689ec1bbb017112b5972d78
41516169d31ca1b01fd1760a11be21bed2e7a9398e191415ef12243ac25507b7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
456c8b9bd894019058e65810ca410a4b275e47a82c179bc47d25ccb89e26fde5
464b0f0403da8ab7658132d68d3238f2e96be449c7ede3ac0abb4c6da23d2160
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b22a6159194e44d5106b49768a38cf5eea15336bd10586aca4355f0bf5e9a95
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
4fa11c8898871b67c8280a7fdc44d42f0108aa1c2a31b50d25d010f61e873b49
4ff98885e18fdd775a1ccf39a186462bc06469e54add744bd0186769f91fa569
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
555595b15353a095f53fe9db1a9f95841345307e54b5cc35045c74ea0f24fd24
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f41af6d7fa4b3b979fd1a8e9c00bae3f47df6c8a3cb0b344560792ef1272c0
5a3d4af6fa0c4aa12f576c5934099ddbaf4ea4223c315e15578fe4cec8e671d3
5abb1be86107f53cb50c6fd364dd7565728b6bd8fd151f283f1f264010cbecf5
5be514070723ffc618fc80be80a7b8c6940f3b36a92390f4cbebd79351576587
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f51ed5d5878677ab2fc0f490c1a35c82c592a7b1c9de2766cbf29ed9f10c37a
5fe6e0a693ffe84d6a5db9459511fc738086c4d9df57a49f2453325c27beab1e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67dd5d748b1ec30b5d458551a363cc2728e2459c24a884092a614486cc54fffb
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
69188f2d4502ec21c0ae0aabcb1321443454b6db1bd3722903dd1a39464ef65d
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cce336f4fcdd345b5311dbacb6040eafcd60805f98054fef1715c7a90ea06b0
6fa04d8b4b07ebd5ebb250e33b532615e80dd02d46afb5cc0654c3c128b1c427
753fa7b04751066160f1f5b44c4d518e839277591836a51da5d0fd614e63c863
7613c97fcb932df4b2016d9f6ee4bded85f066283a849e0add654454c4890984
791a6f49a0625916b938727417b40974876b53e1fec41dc7288ba4225cea4d61
7a6d2692c7cc0f1b2cefc40c87d1e0d21c9205f17d1dd000ef2365355fe9c189
7dd34f8f80307acd6f3dafe0ba702397f2daa480a0311b07b707dd1365ef6d31
7f6ea74d788b5657b49954c2ddf94ac41944f0f3dc2f548c37337e218a12c2e0
80f622213302e6217e3e8a171e42033ee4ad3ead9fd9af269c65325062501d9a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bd98aea25acd8f827edd32e5ac98a75185812ab34db214caea4dc07d967b6d5
8e1461cf58b0d78fbaf687432f007fe0d90ae37f59bdc7a7187d5ee60f874b64
93df6b932f78a94beb1a9aaf63e733e4969724b68bae11e4b60d8cb8ce4ff3ac
95cc1db41b0f1e0273b5930444e898391fe23e924c819eba716f1fc914a00acb
9681db3e4bdf84e2173f0083c07041004eb7b133dbf503e59e0aec8fcb2d57e6
9a094c934231cf0677a8d44c2c903146369ea663551712f45c8f932565ddb8a8
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
a1bbec78cab766af4537e0684c7b0ff0c58e4ffee6839f52614460d46b81a7f2
a43c3a7c7ccb24e1a3cf9b9803dd6d84929e2de282d1ebe72864cd06e2d5ca60
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e3b80341b574cb23a65b42b280f877aad7fe29f56944dd203e40f157a1eab4
a5187e4334144a14c1e5ef0efcde0e0854b16e2418b2b09c7edd56e5fde8d2b9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa7bdac43a2bedabe35a56d982b3ce99cdfc5cb359d6eef5feb14d472b6c98b1
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae684e653cf5edc8bec110ff0669b6daa58f690d550735f98954697799f963da
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b3b800c61df4249f8d2b8a595c138e7488b04a0db65a4022da9660afef96d286
b5cd816bfc6268f39fd6b7dfb1b0bb86397a9b498e52c1b9fe2c2f48b536cb7c
c1ee62c10a7e29437e8f151ad0b21938005895cd05cf0574453559ec618d2385
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234
c5d9c9f6bbfd42b7c3c63a20fb54ba49978b53f6b981fbabe4d56dd90b2b44ab
c728beff54dbde0cfe40936017d9bce0c4f8cdc73de43a85f88592b1f4d81bd5
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c92a126a502538ee13dc14c9f4d36bf3a3d98ac9adbd0d0646096e87538a7223
ca555a742376d48a7aa1ac9ac7a393b6b54c9bb876f4439f0e4647ad66c94249
d839b193eba1dd4578cc90dfe2fe6edea552e807f65af9e79780a58d0ad9b1bb
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
dc550e7862e8131ed4d5c55e0712b054a412f20bfcf5ab80be98d4794721c369
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0292a2d00d173884932f80d1283cca764b9a4da198e1ee1a46f78f0090a69fb
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ea92cc06721a4ea12876a68b6d36861955ba64cf8e2a3f86d6f146b902dfc2
e611f58b19c2ff6aba81588e7b0a148e523d8acbadc40092f8de5f50dca2f93c
e6371da53bdc61a9f7f8bb225348caebd37d3907125033b805088a19497b8ed0
e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f164550a8cd3d951745253e63b91326e079032ceb7e5bed212e2dcd864f83bb4
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f43b21e95e2b10a9837ce1c8310077d63276467f9a8fde652a5f3fe4093bcd2b
fcd1709872892bf202d09640dba0a2262089c632afe466a49f62f6dd3a6d6669
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fe55ec73b537cc0efcd511d18c7b603f244b04552a67bab0aac30e684e8f11cc

ely.by Open in urlscan Pro 195.201.80.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

165 Requests

98 %HTTPS

63 %IPv6

37 Domains

52 Subdomains

52 IPs

7 Countries

1457 kBTransfer

4051 kBSize

28 Cookies

8 Outgoing links

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ely.by Open in urlscan Pro
195.201.80.5 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

98 %
HTTPS

63 %
IPv6

37
Domains

52
Subdomains

52
IPs

7
Countries

1457 kB
Transfer

4051 kB
Size

28
Cookies

165 HTTP transactions
1 data transactions