friends.in.ua Open in urlscan Pro
91.240.20.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://friends.in.ua/
Effective URL:
https://friends.in.ua/
Submission: On November 30 via api (November 30th 2022, 2:55:06 am UTC) from GB — Scanned from GB

Summary HTTP 384 Redirects Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 33 domains to perform 384 HTTP transactions. The main IP is 91.240.20.7, located in Lithuania and belongs to WIBO-AS, LT. The main domain is friends.in.ua.
TLS certificate: Issued by R3 on October 31st 2022. Valid for: 3 months.

This is the only time friends.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 56	91.240.20.7 91.240.20.7	59939 (WIBO-AS) (WIBO-AS)
1	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	89.149.200.234 89.149.200.234	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	91.228.155.126 91.228.155.126	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	212.118.48.164 212.118.48.164	204076 (CITYLAN-EAST) (CITYLAN-EAST)
1	138.201.51.138 138.201.51.138	24940 (HETZNER-AS) (HETZNER-AS)
16	13.225.78.128 13.225.78.128	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1 7	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
15	2606:4700:20:... 2606:4700:20::681a:b19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.196.39.165 213.196.39.165	7979 (SERVERS-COM) (SERVERS-COM)
93	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
24	185.86.137.114 185.86.137.114	201081 (SMARTADSE...) (SMARTADSERVER)
15	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	23.88.17.186 23.88.17.186	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
40	96.16.144.106 96.16.144.106	16625 (AKAMAI-AS) (AKAMAI-AS)
20	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
10	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:aa00:c:aa3e:9800:21	16509 (AMAZON-02) (AMAZON-02)
6	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.55.236.224 162.55.236.224	24940 (HETZNER-AS) (HETZNER-AS)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
384	42

56 91.240.20.7 (Lithuania) 1 redirects

ASN59939 (WIBO-AS, LT)

friends.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

kodir2.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 89.149.200.234 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

franecki.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.228.155.126 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde377-1.fornex.org

aurabom.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.118.48.164 (Russian Federation)

ASN204076 (CITYLAN-EAST, RU)

www.megastock.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.51.138 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.138.51.201.138.clients.your-server.de

stats.myangular.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.225.78.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-128.fra2.r.cloudfront.net

sholke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 89.108.119.28 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.196.39.165 (Netherlands)

ASN7979 (SERVERS-COM, US)

mxtads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

93 37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.17.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.17.88.23.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8b7a89116670f110d5a2c37ac178b291.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 96.16.144.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-144-106.deploy.static.akamaitechnologies.com

ssl.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:aa00:c:aa3e:9800:21 (United States)

ASN16509 (AMAZON-02, US)

dpjgrnd6i7dk0.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
123	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 276 acdn.adnxs.com — Cisco Umbrella Rank: 764 fra1-ib.adnxs.com — Cisco Umbrella Rank: 4306 cdn.adnxs.com — Cisco Umbrella Rank: 1802	748 KB
56	friends.in.ua 1 redirects friends.in.ua	2 MB
40	connextra.com ssl.connextra.com — Cisco Umbrella Rank: 8496	2 MB
24	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1523	13 KB
18	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 814 gum.criteo.com — Cisco Umbrella Rank: 434 mug.criteo.com — Cisco Umbrella Rank: 1897	10 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 8b7a89116670f110d5a2c37ac178b291.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 182	244 KB
16	sholke.com sholke.com — Cisco Umbrella Rank: 118580	55 KB
15	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5233	3 KB
15	adpone.com hb.adpone.com — Cisco Umbrella Rank: 20659	2 MB
7	aidata.io 1 redirects x01.aidata.io — Cisco Umbrella Rank: 11574	49 KB
6	clean.gg i.clean.gg — Cisco Umbrella Rank: 1896	45 B
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248	161 KB
6	franecki.net franecki.net — Cisco Umbrella Rank: 86925	40 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84	40 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2237	59 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 16	3 KB
3	aurabom.ru aurabom.ru	45 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 590	58 KB
2	cloudfront.net dpjgrnd6i7dk0.cloudfront.net	85 KB
2	richaudience.com shb.richaudience.com — Cisco Umbrella Rank: 4073 sync.richaudience.com — Cisco Umbrella Rank: 2580	453 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 2819	914 B
2	gstatic.com fonts.gstatic.com	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	89 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107 ajax.googleapis.com — Cisco Umbrella Rank: 455	35 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	86 KB
1	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 3382	43 KB
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 6424	287 B
1	mxtads.com mxtads.com	6 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 961	700 B
1	myangular.life stats.myangular.life — Cisco Umbrella Rank: 54936	187 B
1	megastock.ru www.megastock.ru	2 KB
1	github.io kodir2.github.io — Cisco Umbrella Rank: 111440	2 KB
0	takedwn.ws Failed test.takedwn.ws Failed
384	33

	Domain	Requested by
56	friends.in.ua	1 redirects friends.in.ua ajax.googleapis.com
55	ib.adnxs.com	hb.adpone.com acdn.adnxs.com
40	ssl.connextra.com	friends.in.ua acdn.adnxs-simple.com ssl.connextra.com dpjgrnd6i7dk0.cloudfront.net
38	fra1-ib.adnxs.com	friends.in.ua hb.adpone.com acdn.adnxs-simple.com dpjgrnd6i7dk0.cloudfront.net cdn.adnxs.com
24	prg.smartadserver.com	hb.adpone.com
20	acdn.adnxs.com	hb.adpone.com sholke.com
16	sholke.com	friends.in.ua sholke.com
15	prebid-eu.creativecdn.com	hb.adpone.com
15	bidder.criteo.com	hb.adpone.com
15	hb.adpone.com	sholke.com
10	cdn.adnxs.com	hb.adpone.com
10	pagead2.googlesyndication.com	friends.in.ua pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
7	x01.aidata.io	1 redirects friends.in.ua x01.aidata.io
6	i.clean.gg	acdn.adnxs-simple.com dpjgrnd6i7dk0.cloudfront.net
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	franecki.net	friends.in.ua franecki.net
5	www.google-analytics.com	friends.in.ua www.google-analytics.com www.googletagmanager.com
4	securepubads.g.doubleclick.net	sholke.com securepubads.g.doubleclick.net
4	mc.yandex.ru	1 redirects aurabom.ru friends.in.ua
3	aurabom.ru	friends.in.ua aurabom.ru
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	hb.adpone.com static.criteo.net
2	www.google.com	tpc.googlesyndication.com
2	dpjgrnd6i7dk0.cloudfront.net	hb.adpone.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.co.uk	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	friends.in.ua connect.facebook.net
2	www.googletagmanager.com	friends.in.ua aurabom.ru
1	mug.criteo.com
1	sync.richaudience.com
1	acdn.adnxs-simple.com	hb.adpone.com
1	8b7a89116670f110d5a2c37ac178b291.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	counter.yadro.ru	1 redirects
1	shb.richaudience.com	hb.adpone.com
1	mxtads.com	aurabom.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.myangular.life	friends.in.ua
1	www.megastock.ru	friends.in.ua
1	ajax.googleapis.com	friends.in.ua
1	fonts.googleapis.com	friends.in.ua
1	kodir2.github.io	friends.in.ua
0	test.takedwn.ws Failed	kodir2.github.io
384	44

This site contains no links.

Subject Issuer	Validity	Valid
friends.in.ua R3	`2022-10-31` - `2023-01-29`	3 months	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
franecki.net R3	`2022-11-26` - `2023-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-08` - `2022-12-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
aurabom.ru R3	`2022-11-26` - `2023-02-24`	3 months	crt.sh
megastock.ru R3	`2022-11-08` - `2023-02-06`	3 months	crt.sh
stats.myangular.life Sectigo RSA Domain Validation Secure Server CA	`2022-09-04` - `2023-10-03`	a year	crt.sh
sholke.com Amazon	`2022-11-28` - `2023-12-27`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
mxtads.com R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
my.aidata.me Sectigo RSA Domain Validation Secure Server CA	`2022-02-15` - `2023-02-15`	a year	crt.sh
*.connextra.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-26` - `2023-05-26`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2022-10-04` - `2023-01-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh

This page contains 76 frames:

Primary Page: https://friends.in.ua/
Frame ID: D8FF20BD9BB8688B52CC66937E90F845
Requests: 96 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 18A84120C4911456501AF871270EEDFD
Requests: 1 HTTP requests in this frame

Frame: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Frame ID: 5993D41618085D10F5C27B655D398EBC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1034840951493578&output=html&adk=1812271804&adf=3025194257&lmt=1669776898&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ffriends.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669776898389&bpp=3&bdt=701&idt=172&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6637307009969&frm=20&pv=2&ga_vid=1614074609.1669776898&ga_sid=1669776899&ga_hid=362943463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C44774648%2C42531706%2C44767167%2C44773613%2C44774652%2C44770880%2C44778741&oid=2&pvsid=3793529583876169&tmod=2050232302&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=193
Frame ID: 359BEAB8F46EE31A392B6E9A700FEF40
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 9D9CA52F8190E72706D0BC867475A3B1
Requests: 19 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=ngizwhwp&e=1731193540923
Frame ID: 59BB8E571A3717BB80DF94787E845881
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=alwjcyieh&e=1731193540923
Frame ID: A9B09FA7C2FBEBB77E3591B087EF3764
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=yqvehrt&e=1731193540923
Frame ID: 3FB12B4893018F9510ACD09AAFEEC475
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=rdzgqquyhm&e=1731193540923
Frame ID: A39C2A9C1B7822E8EE57D16238988044
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=dljymeet&e=1731193540923
Frame ID: C1BC73D715BF6FBF3A53CB4414A85CBB
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=xlembrcyf&e=1731193540923
Frame ID: AD2E43F1CF7A4FD4689D95D03EE97C80
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=nzmqounkzh&e=1731193540923
Frame ID: 0009ED3B922E76F3D51557CCE0A3909D
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=ojofxscs&e=1731193540923
Frame ID: 65A8A381A3C3E593CA3A01748C1F7FE2
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=dercuczi&e=1731193540923
Frame ID: E3C2878F3EA371600E44DFB449818A47
Requests: 6 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=jgbdaqh&e=1731193540923
Frame ID: 46A8A5C1B292353F22A89CEEF17854CD
Requests: 6 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=zpbms&e=1731193540923
Frame ID: C7BE65405667CAF27B1758932BA403F1
Requests: 6 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=nfzrbozjr&e=1731193540923
Frame ID: 62EFDAB65FD09B715472F816AF558015
Requests: 6 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=vxwnlotzh&e=1731193540923
Frame ID: 18DE029BF6F38C2D73F1FB58E8686355
Requests: 6 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=jhyrgzcc&e=1731193540923
Frame ID: F0B9ECD5A159ECE77B99A63676AB62F4
Requests: 6 HTTP requests in this frame

Frame: https://x01.aidata.io/stats?pixel=VIBOOM&v=1669776899327&url=https%3A%2F%2Ffriends.in.ua%2F&is_js_referrer=1&origin_referrer=&pid=VIBOOM&js=1&sid=c349642585e54c1cadeb1b0372035805&__upin=0cDhY2VAVZjp2AKGee2ovQ&id=3244e989c10efe3a56d586644102a1b7&url=https%3A%2F%2Ffriends.in.ua%2F&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22%22%7D%7D
Frame ID: 88E95EEB96A7CD69F3A8564705DCB755
Requests: 4 HTTP requests in this frame

Frame: https://8b7a89116670f110d5a2c37ac178b291.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 68C1725C9201D871C9B21EB7F27257BB
Requests: 1 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=179262378&apnauc=4330973731643758864&bidid=4330973731643758864&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPxCZLJaptRo8EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3STLOAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21BxoM8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2OTBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU2OTA=/bn=93402/clickenc=
Frame ID: 4B172B9A10B19056BC952D23F597157B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 9377EA34497475C8402C1293DB7E3936
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQkLKysZm1rY08GJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXja2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFkb0pqOXdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFk1TU9BRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBVzZMSkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhQnhvTTh3OmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVMk9UQkE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFCAIMTk1ODY5NTQBFQgFQ1ABFBQJMjgwMDVheDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYQQHN4kCAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDCoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjU2OTDaBAIIAeAEAfAEpXAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULwAAAANgFAeAFAfAFtiL6BQQIABAAkAYAmAYAogYPMTAyNjQjRlJBMTo1NjgwuAYAwQYBMjAAAPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQjZ8zkSgAFmUk0zSVZvQXPYREFBa0NCUUVJd2EtY0JoRHNnTTRCR1BlSXJ3SWdCeWdBUUlhbDN3UklqTnpwQkZEdkwxaXdMSH1BDEhnQWe1JWHirWUsSm9CQWdnQXFBRUFzLiAAOEEuLoAHAYgHAKAHAboHDwHgSBgAIAAwADiSCUAAyAfa2QXSBw01DQG-CNoHBgknbOAHAOoHAggA8Afa85UCiggCEACVCAAAgD-YCAE.&s=1d079dddbab5cec951d318ceed2132cb41452c61&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Ddljymeet%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Ddljymeet%26e%3D1731193540923&
Frame ID: 177D5206EC125F1178ED1ACC5E6B7ADD
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 767F04F8C383CF0C67ABE0F6231D8C43
Requests: 7 HTTP requests in this frame

Frame: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Frame ID: 31CC43D1A04BB16618E6E214EDB66484
Requests: 7 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1339246946&apnauc=8835985374899178223&bidid=8835985374899178223&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP--KaSfiuZ96EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAYCiMsQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Dxo89QiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU3Nzk=/bn=93375/clickenc=
Frame ID: 04250B7EDE69CCCC22890F22B2A6175B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: CD7F7E7F77FC0CB119825481A189BE57
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQ75Wmu6K87s96GJD6ya6H16fCVSo2CfrnANKd570_EazRc4enSbY_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi_2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFXSUtVNXdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGMzT2VBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV1RMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRHhvODlROmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM056bEE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFCAIMTk1ODY5NTQBFQgFQ1ABFBQJMjgwMDVheDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYQQHN4kCAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDCoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjU3NznaBAIIAeAEAfAEpXAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULwAAAANgFAeAFAfAFtiL6BQQIABAAkAYAmAYAogYPMTAyNjQjRlJBMTo1Njc2uAYAwQYBMjAAAPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQjZ8zkSgAFlUk43SUZvQXPYREFBa0NCUUVJd2EtY0JoRHNnTTRCR1BlSXJ3SWdCeWdBUUlhbDN3UklqTnpwQkZEdkwxaXNMSH1BDEhnQWe1JWHirWUsSm9CQWdnQXFBRUFzLiAAOEEuLoAHAYgHAKAHAboHDwHgSBgAIAAwADiSCUAAyAe_2QXSBw01DQG-CNoHBgknbOAHAOoHAggA8Afa85UCiggCEACVCAAAgD-YCAE.&s=44f3eacf574461ece3521d0be459feb33a159a72&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djgbdaqh%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djgbdaqh%26e%3D1731193540923&
Frame ID: 8AFDF02864DBCB0DA83A667AB0C9E822
Requests: 5 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1916103205&apnauc=3512759897087487594&bidid=3512759897087487594&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP2ouI9eD1L8wEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAeyfnYwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Dhr39AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODdA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU3ODc=/bn=77251/clickenc=
Frame ID: 917AEC316D576EC964D329439212B061
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: A903F5FF1F219D6093EA14E739FA0683
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQ6tyMub2Q9d8wGJD6ya6H16fCVSo2CfrnANKd570_EazRc4enSbY_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjD2wSAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFYNEthNndpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGM0Ti1BRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV2JMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRGhyMzlBOmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM09EZEE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFCAIMTk1ODY5NTQBFQgFQ1ABFBQJMjgwMDVheDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYQQHN4kCAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDCoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjU3ODfaBAIIAeAEAfAEpXAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULwAAAANgFAeAFAfAFtiL6BQQIABAAkAYAmAYAogYPMTAyNjQjRlJBMTo1NDQ2uAYAwQYBMjAAAPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQjZ8zkSgAFrUlBsSkZvQXPYREFBa0NCUUVJd2EtY0JoRHNnTTRCR1BlSXJ3SWdCeWdBUUlhbDN3UklqTnpwQkZEdkwxakdLbn1BDEhnQWe1JWHiSGdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBIGAAgADAAOJIJQADIB8PbBNIHDTUNAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=3911cce3c478977a9c72ce3b1d1c86821689ce39&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dnzmqounkzh%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dnzmqounkzh%26e%3D1731193540923&
Frame ID: 7D4A3B313F2256F261F8A417F64A766E
Requests: 5 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1213994199&apnauc=1429007713963046450&bidid=1429007713963046450&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?qbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPzJ2D9Tx2tQTsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPycZOgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21CBpJ8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDhA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU0NDg=/bn=93254/clickenc=
Frame ID: 6050A86BB470BC5969EE59A921835E4D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: E164C6F853224A667174D445E973ADE4
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQsuy9oJ3etuoTGLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjG2AWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCEtSUpleVFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVME5EamdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGeUNxUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhQ0JwSjh3OmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEGhBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iMg4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzZpjRzyAhIKBkNQRwEUCAgxOWl5ARUIBUNQARQUCTI4MDA1YXg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhBAc3iQIA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8KSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTQ0ONoEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAChvxTwP9IFCQkBCgEBuNgFAeAFAfAFtiL6BQQIABAAkAYAmAYAogYPMTAyNjQjRlJBMTo1MzIxuAYAwQYAATMsAPA_0AapJdoGFgoQBRAdAWAQABgA4AYB8gaHAQjZ8zkSgAFreE5FSlZvQXPgREFBa0NCUUVJd2EtY0JoRHNnTTRCR1BlSXJ3SWdCeWdBUUlhbDN3UklqTnpwQkZEdkwxakpLWEVBAT0FARBIZ0FnUR0QTElnQkFKQUJBSm9CQWdnQXFBRUFzLiAAOEEuLoAHAYgHAKAHAboHDwHgSBgAIAAwADiSCUAAyAfG2AXSBw01DQG-CNoHBgknbOAHAOoHAggA8Afa85UCiggCEACVCAAAgD-YCAE.&s=07ae2ded9e14129eee19a5a59b0fcf7158d85447&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dzpbms%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dzpbms%26e%3D1731193540923&
Frame ID: 026AC07B6575F8C8692191519394D902
Requests: 5 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1642315745&apnauc=6389971887459229077&bidid=6389971887459229077&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP5VdvXyTva1YEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPiaFrQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Cxoj9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2ODVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU2ODU=/bn=75885/clickenc=
Frame ID: 984118B9F54716955EE53307DBC13F4A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 512717399D52746B58ACCB2C6FE16804
Requests: 3 HTTP requests in this frame

Frame: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Frame ID: E3828329D79AFCA327E2CA8F39F5D9A7
Requests: 7 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1327386994&apnauc=6782563424760227056&bidid=6782563424760227056&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?qbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_DkY89_gSBesgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAhicqVwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Dhr19AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY1Nzk=/bn=99263/clickenc=
Frame ID: 2532A7B6F0A39AD947381CD5976CE404
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: F5078EBD947BB26034F9081328095B7C
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLcGPQXAVwMAAADANYABQEIg4ybnAYQ8MmP-_yvoJBeGLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi_hwaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgL5DiFLcDMyUHdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwdXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pZMU56bmdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCcWdUUUJ3al9fX19fX18BBAw4QkVQAQgNAQh3RVkNCgUBCEFTRAUICQEIOEJLNiwAAHcJGAkBBEFUNlgAAFEyLAAERkkJJgkBBEFWNlgAAFc2LAAAZwkmCQEEQVc2WAAAYzYsAAA0CSYJAQxBWUFCCQoJAQhBWWc2EAAAWjogAABaOiAAAGE6IAAAYTogAABiOiAAAGI6IAAAYzogAABjOiAAAGQ6IAAAZDogAABlOiAAAGU6IAAAZjogAABmOiAACFlBQwn6CQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS5ZAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUp-gkBCEFZZzYQAABaOiAAAFo6IAAsYUFFXzd2cXlBYW9CMmgDBEd3OhAAADQ2EAAESEE6EAAASToQAABROhAAAFk6EAAAZzoQADqAAABIOoAAAEg6gAAMR0FCZgn0BQEId0dJOhAAAFE6EAAAWToQAJB5QkFrSXZ1b1JFTzdLb2cyNkJCa0k3UWdSdUI2RjYxRzRuajhapbUJAQBnASw8d1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQGQaUFXek01QUYyZk01bUFYVXJzV0ZBYWtGNkJONWtuVE43ai14QqHUWEtDVXgtZ193UVdabVpraEN4RGxQOGtGAUcgSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRGhyMTlBOn0HNEl1eWxRRWdBQ2dBTVpxBW8YbWUwX09nbN21FGxBN3k5ShFiDDhEOVIRDAxBQUJaHQwAaDmNBDlwHRgAeB0MDDRBSWs1eMg4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzYWqQgc8gISCgZDUEcBFCAIMTk1ODY5NTQBFQgFQ1ABFBQJMjgwMDUOlAg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhBAc3Fh4JAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDCoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjY1NznaBAIIAeAEAfAEEowKIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC8AAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTY4ObgGAMEGATIwAADwP9AGqSXaBhYKEAkRGQFgEAAYAOAGAfIGhwEI2fM5EoABaGhQZUlsb0Fz2ERBQWtDQlFFSXdhLWNCaERzZ000QkdQZUlyd0lnQnlnQVFJYWwzd1JJak56cEJGRHZMMWk1TEh9QRBIZ0FnUR0QTElnQkFKQUJBSm9CQWdnQXFBRUFzLiAAOEEuLoAHAYgHAKAHAboHDwHgSBgAIAAwADiSCUAAyAe_hwbSBw01DQG-CNoHBgknbOAHAOoHAggA8Afa85UCiggCEACVCAAAgD-YCAE.&s=5bd7cc94986678cc43cf666d224790087db78664&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dvxwnlotzh%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dvxwnlotzh%26e%3D1731193540923&
Frame ID: 20432B7C344FD0D99513EB9E99986FB8
Requests: 4 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=589645780&apnauc=9189975296556597488&bidid=9189975296556597488&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?qbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_AA33XXWYl_sgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAfidvUQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21_hmH8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDNA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMDM=/bn=93324/clickenc=
Frame ID: 2F236BEF8765B7C18E7377ADD5F3AB7C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 24F65D2824683856ADAA239A4207B277
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLcGPQXAVwMAAADANYABQEIg4ybnAYQ8IH8rve61sR_GLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXiM2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgL5DiFGSjJ0N2dpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwdXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVek1EUGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCcWdUUUJ3al9fX19fX18BBAw4QkVQAQgNAQh3RVkNCgUBCEFTRAUICQEIOEJLNiwAAHcJGAkBBEFUNlgAAFEyLAAERkkJJgkBBEFWNlgAAFc2LAAAZwkmCQEEQVc2WAAAYzYsAAA0CSYJAQxBWUFCCQoJAQhBWWc2EAAAWjogAABaOiAAAGE6IAAAYTogAABiOiAAAGI6IAAAYzogAABjOiAAAGQ6IAAAZDogAABlOiAAAGU6IAAAZjogAABmOiAACFlBQwn6CQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS5ZAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUp-gkBCEFZZzYQAABaOiAAAFo6IAAsYUFFXzd2cXlBYW9CMmgDBEd3OhAAADQ2EAAESEE6EAAASToQAABROhAAAFk6EAAAZzoQADqAAABIOoAAAEg6gAAMR0FCZgn0BQEId0dJOhAAAFE6EAAAWToQAJB5QkFrSXZ1b1JFTzdLb2cyNkJCa0k3UWdSdUI2RjYxRzRuajhapbUJAQBnASw8d1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQGQaUFXM0taQUYyZk01bUFYVXJzV0ZBYWtGNkJONWtuVE43ai14QqHUWEtDVXgtZ193UVdabVpraEN4RGxQOGtGAUcgSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhX2htSDhBOn0HNEl1eWxRRWdBQ2dBTVpxBW8YbWUwX09nbN21FE5BN3k5ShFiDDhEOVIRDAxBQUJaHQwAaDmNBDlwHRgAeB0MDDRBSWs1eMg4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzYWqQgc8gISCgZDUEcBFCAIMTk1ODY5NTQBFQgFQ1ABFBQJMjgwMDUOlAg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhBAc3Fh4JAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDCoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjUzMDPaBAIIAeAEAfAEpfLuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAQzAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NjYxOLgGAMEGAAU1KPA_0AapJdoGFgoQBRAdAWAQABgA4AYB8gaHAQjZ8zkSgAFyaE12S2xvQXPYREFBa0NCUUVJd2EtY0JoRHNnTTRCR1BlSXJ3SWdCeWdBUUlhbDN3UklqTnpwQkZEdkwxamFNM31BEEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBMGAAgADAAOJIJQADIB4zZBdIHDQkRwQG-CNoHBgknbOAHAOoHAggA8Afa85UCiggCEACVCAAAgD-YCAE.&s=01a2b9c71b60573b6690921b4e9efc6283f7d878&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Ddercuczi%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Ddercuczi%26e%3D1731193540923&
Frame ID: 584ABF01B99DDF95E86B979F4E336CA7
Requests: 5 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=579218538&apnauc=2052072407904711172&bidid=2052072407904711172&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPwRyio77bHocsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyXxWwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21_RlD8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMjA=/bn=93174/clickenc=
Frame ID: 4928974162403B746EAD6586F479548F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: C9817B43A6872BCECA247417444B6800
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQhOSp9Lifm70cGLKR1KadmZOpLyo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXj21wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCE3SUtadlFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVek1qRGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGeUNtUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhX1JsRDhBOmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEEJBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iMg4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzZpjRzyAhIKBkNQRwEUCAgxOWl5ARUIBUNQARQUCTI4MDA1YXg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhBAc3iQIA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8IaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTMyMNoEAggB4AQB8ASlcCCIBQGYBQCgBf8RARQBwAUAyQWhvRwAAPA_0gUJCQkMwAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY2MTe4BgDBBgAFNyjwP9AGqSXaBhYKEAUQHQFgEAAYAOAGAfIGhwEI2fM5EoABclJNQUtsb0Fz4ERBQWtDQlFFSXdhLWNCaERzZ000QkdQZUlyd0lnQnlnQVFJYWwzd1JJak56cEJGRHZMMWpaTTNFQQE9BQEQSGdBZ1EdEExJZ0JBSkFCQUpvQkFnZ0FxQUVBcy4gADhBLi6ABwGIBwCgBwG6Bw8B4EgYACAAMAA4kglAAMgH9tcF0gcNNQ0BvgjaBwYJJ2zgBwDqBwIIAPAH2vOVAooIAhAAlQgAAIA_mAgB&s=3bb1fa549ee0fe7ce605df269ca4077f503289ed&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djhyrgzcc%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djhyrgzcc%26e%3D1731193540923&
Frame ID: 79C6B718485BF875B465CDD232AE8008
Requests: 4 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=4330973731643758864&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPxCZLJaptRo8EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3STLOAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21BxoM8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2OTBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU2OTA%3D%2Fbn%3D93402%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=4330973731643758864&_cb=179262378
Frame ID: 5A356F473D740B1558B3C69C62E2281D
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=8835985374899178223&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP--KaSfiuZ96EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAYCiMsQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dxo89QiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3Nzk%3D%2Fbn%3D93375%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=8835985374899178223&_cb=1339246946
Frame ID: FBC30D98763368F9D40EAB21C86396AF
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=1429007713963046450&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPzJ2D9Tx2tQTsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPycZOgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21CBpJ8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDhA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU0NDg%3D%2Fbn%3D93254%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=1429007713963046450&_cb=1213994199
Frame ID: CB68B70A15E040511BB2DF293E2880BC
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=6389971887459229077&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP5VdvXyTva1YEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPiaFrQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Cxoj9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2ODVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU2ODU%3D%2Fbn%3D75885%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=6389971887459229077&_cb=1642315745
Frame ID: FC353AD41D9E8E8007D1A72D2F706D40
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=3512759897087487594&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP2ouI9eD1L8wEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAeyfnYwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dhr39AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODdA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3ODc%3D%2Fbn%3D77251%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=3512759897087487594&_cb=1916103205
Frame ID: 7998AE37E949EBBEA63055130D47CF84
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=8136238&apnauc=7249360779036987053&bidid=7249360779036987053&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP60OJkM455pkEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yS9QgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21DRqx9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODZA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU3ODY=/bn=77257/clickenc=
Frame ID: 10F1668A48297583DF58528825670428
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 8D4239EF49CC433BC808B22265E78294
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=6782563424760227056&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_DkY89_gSBesgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAhicqVwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dhr19AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1Nzk%3D%2Fbn%3D99263%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=6782563424760227056&_cb=1327386994
Frame ID: 1D68DC578E0BB0F639AD677A295FB2E4
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=838551019&apnauc=2123882921547127053&bidid=2123882921547127053&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPw3ZVatDjHkdsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yTcRwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21BhrC8giV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY2MjVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY2MjU=/bn=99384/clickenc=
Frame ID: C5E78BDA22E99F5E2CE2D9BBDA9AFA56
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: B952F1471ED7CD5F6B60D7E912F39D20
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5917F2CAACD01B6E30340E35A0CA9408
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F023F9E3533BD39A72AD48785C331428
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C70BF639C613F7F5A7DCFB6A7CDA168D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4B27B4054AD202B21FC749D9E21CC8EF
Requests: 2 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=9189975296556597488&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_AA33XXWYl_sgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAfidvUQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21_hmH8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDNA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMDM%3D%2Fbn%3D93324%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=9189975296556597488&_cb=589645780
Frame ID: 2BA459A32298021D0A5DEACF317868FF
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2052072407904711172&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPwRyio77bHocsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyXxWwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21_RlD8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMjA%3D%2Fbn%3D93174%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=2052072407904711172&_cb=579218538
Frame ID: A685BB64B6AE4AC92CB181B295CFCFAB
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=7249360779036987053&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP60OJkM455pkEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yS9QgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21DRqx9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODZA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3ODY%3D%2Fbn%3D77257%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=7249360779036987053&_cb=8136238
Frame ID: 2EEA98AD490F1E658DAB9D0ACDF0D534
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2123882921547127053&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPw3ZVatDjHkdsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yTcRwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21BhrC8giV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY2MjVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY2MjU%3D%2Fbn%3D99384%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=2123882921547127053&_cb=838551019
Frame ID: DB2E2BE144A18EA5A428D2E97DE8223B
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: E409ED6E63C2928BC7E681BF076663D5
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FAD005CBC164AFF244A28DEDA50EB3EC
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2F86A35D1183C00A5CDCB58F7B3ADEFD
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 17EBFE8C001BDE05BF88C46674897046
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BF02456293FAEA561BA0206F63C93F7F
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E077C067A23A96083B037B3CCC309E89
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7571289733D946EAB393932B6364F9D2
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 69517EA50BBAB7638D4EB3CBA3C020E6
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7F3CD3AA04A2F9587F13C4A0CC4FDBE4
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 93A4591015DCB991407DBF0B5C2D29D1
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DC81EE31870722CB8784113F5A1EC056
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Дивитися культові Серіали та Мультсеріали українською мовою онлайн на сайті FRIENDS

Page URL History Show full URLs

http://friends.in.ua/ HTTP 301
https://friends.in.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

384
Requests

99 %
HTTPS

52 %
IPv6

33
Domains

44
Subdomains

42
IPs

6
Countries

7301 kB
Transfer

15232 kB
Size

32
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://friends.in.ua/ HTTP 301
https://friends.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=3244e989c10efe3a56d586644102a1b7&v=1669776898767 HTTP 302
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=3244e989c10efe3a56d586644102a1b7&v=1669776898767&pid=VIBOOM&js=1&show_js_referer=1&bounce=1

Request Chain 132

https://mc.yandex.ru/watch/36124145?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1273193477022%3Ahid%3A50931047%3Az%3A0%3Ai%3A20221130025459%3Aet%3A1669776899%3Ac%3A1%3Arn%3A210219007%3Arqn%3A1%3Au%3A1669776899835718396%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C223%2C488%2C46%2C160%2C0%2C%2C664%2C14%2C%2C%2C%2C1582%3Acpf%3A1%3Ans%3A1669776896812%3Arqnl%3A1%3Ast%3A1669776899%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1273193477022%3Ahid%3A50931047%3Az%3A0%3Ai%3A20221130025459%3Aet%3A1669776899%3Ac%3A1%3Arn%3A210219007%3Arqn%3A1%3Au%3A1669776899835718396%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C223%2C488%2C46%2C160%2C0%2C%2C664%2C14%2C%2C%2C%2C1582%3Acpf%3A1%3Ans%3A1669776896812%3Arqnl%3A1%3Ast%3A1669776899%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Request Chain 200

https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 353

https://gum.criteo.com/sid/json?origin=publishertag&domain=friends.in.ua&sn=ChromeSyncframe&so=0&topUrl=friends.in.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=b_ccHnxkcFpWbDZQK1dDcmZ3a0RGNTJqV0ZTc2I3WjFGNW9oU3Z1d28yLzhMdDJoWkVWLzNETkROSE50bFpGN3IxNllOTFdEQ3ZXeGF2eHQvcSs0U3kxZXczcFFXazdIMHBMUHZybXk0N0RhS0FtckYySGFra3pMeFIweWs0MkZ5K2hKTVZHT2ZWWGlrYUNxNTgxT25MOXpDcTZYbXozWXJIU1I1KzR2bVU3Wkt5WXFpc2RuNmh0OWtPUlFIYnFhV21vUlJqck5MRC9tcC9vUUJVNzdxYUd1amxsT0pHeTRJYy9zYnZjOFNjRSt5MnB4aG1jYnVuaEtHQ3UrRUg5ckU5NFB4NEozMDVpTkhMV2h0WjZsSUMxU2VXdz09fA&cppv=2

384 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
friends.in.ua/
Redirect Chain

http://friends.in.ua/
https://friends.in.ua/

35 KB
12 KB

712ms
488ms

Document
text/html

91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 / PHP/5.6.40

Resource Hash

65a38a7dbd02da8b2fd475f8a87f3aaae42d897ff8935eca89148edf9ed30eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 30 Nov 2022 02:54:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.16.1
strict-transport-security: max-age=31536000;
x-powered-by: PHP/5.6.40

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:54:56 GMT
Location: https://friends.in.ua:443/
Server: nginx/1.16.1
Transfer-Encoding: chunked

GET
H2 200 actualize.js Show response
kodir2.github.io/ 3 KB
2 KB 650ms
211ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kodir2.github.io/actualize.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

0bb75f6e07ec4d6d4e3ae2039822690b7d71e52c0208b63e5f34529d975db744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-fastly-request-id: f1b525ac7af6f8b75be9c406157543a02a9c8bc1
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Wed, 30 Nov 2022 02:54:58 GMT
age: 149
x-cache: HIT
x-cache-hits: 12
x-proxy-cache: MISS
content-length: 1531
x-served-by: cache-bog2260029-BOG
last-modified: Thu, 13 Oct 2022 10:51:59 GMT
server: GitHub.com
x-github-request-id: 64EE:53DF:D3B2CE:11A55E7:637F70ED
x-timer: S1669776898.236351,VS0,VE1
etag: W/"6347edcf-c36"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 24 Nov 2022 13:36:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 171ms
60ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-60815340-5

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d59164ddcbfdc18c8c76ad2a4c548e57b276b967091c4a118910a536bd26baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43667
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Nov 2022 02:54:57 GMT

GET
H2 200 index.php Show response
friends.in.ua/engine/classes/min/ 205 KB
61 KB 131ms
125ms Script
application/x-javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/engine/classes/min/index.php?charset=utf-8&g=general&21

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 / PHP/5.6.40

Resource Hash

4f8c566f2cc5e60ddec29774fddf017646b0d814eb25c6132d89c5c7cebd4cc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:31:36 GMT
server: nginx/1.16.1
x-powered-by: PHP/5.6.40
etag: "pub1497792696;gz"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
content-length: 62137
expires: Thu, 30 Nov 2023 02:54:57 GMT

GET
H2 200 grid.css
friends.in.ua/templates/StopFilm/css/ 17 KB
18 KB 51ms
45ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/grid.css

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

a472ce20c2c4ab1907fedde9d44b4f0d09e295d22603d26bc392233ba4a4448a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 11 Mar 2019 19:53:00 GMT
server: nginx/1.16.1
etag: "5c86bc9c-4559"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 17753
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 style.css
friends.in.ua/templates/StopFilm/css/ 11 KB
11 KB 96ms
90ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/style.css?v=1.1.3

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

19a504af35c5c86859ecc31d7c9851dfc96dfe7828484998fdfd544d45fe6add

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 08 Jul 2019 13:20:42 GMT
server: nginx/1.16.1
etag: "5d23432a-2a87"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 10887
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 engine.css
friends.in.ua/templates/StopFilm/css/ 59 KB
59 KB 97ms
91ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/engine.css

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

46967c5357950663d5b99cea4a1646982f8cc90467f8d2fcd5d7c5e38d0f96dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:12 GMT
server: nginx/1.16.1
etag: "594681cc-eab1"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 60081
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 style.css
friends.in.ua/templates/StopFilm/stylesheets/ 31 KB
31 KB 129ms
123ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/stylesheets/style.css?v=1.0.5

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

02a58acbc441082afffc279ae739aa8359c1e3b39ec18621647611b1e93809a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Wed, 20 Nov 2019 22:48:43 GMT
server: nginx/1.16.1
etag: "5dd5c2cb-7af4"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 31476
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 font-awesome.css
friends.in.ua/templates/StopFilm/css/ 27 KB
27 KB 129ms
124ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/font-awesome.css

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

b27dac1362a907e10e84987c6e2ba5f5fbb716f095bd646f85de1d1927750b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 02 Jun 2019 00:17:35 GMT
server: nginx/1.16.1
etag: "5cf3159f-6cff"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 27903
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 responsive.css
friends.in.ua/templates/StopFilm/css/ 7 KB
8 KB 129ms
124ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/responsive.css

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f0890052c64e6ebeb30ce1522f4b4255ec1e28acd020f57ed371134d4cf06801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 16 May 2019 20:34:47 GMT
server: nginx/1.16.1
etag: "5cddc967-1d2d"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 7469
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 pushy.css
friends.in.ua/templates/StopFilm/css/ 4 KB
4 KB 129ms
124ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/pushy.css

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ec7c7704dff96cefde09d463320858879f5d02567828c3e3c1480527cd23f012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:12 GMT
server: nginx/1.16.1
etag: "594681cc-f08"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 3848
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 buttons.css
friends.in.ua/templates/StopFilm/css/ 18 KB
19 KB 130ms
124ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/buttons.css?v=1.0.2

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

486cf8923081a57175e52763b3ecaf24fa6c3c2338770f3ae07064e5161865d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 21 Apr 2018 21:44:52 GMT
server: nginx/1.16.1
etag: "5adbb0d4-4994"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 18836
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 slick.css
friends.in.ua/templates/StopFilm/css/ 2 KB
2 KB 130ms
125ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/slick.css

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 08 Mar 2019 22:46:03 GMT
server: nginx/1.16.1
etag: "5c82f0ab-6f0"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 1776
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 slick-theme.css
friends.in.ua/templates/StopFilm/css/ 2 KB
2 KB 130ms
125ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/slick-theme.css?v=1.0.7

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

833bf0ec37d8a8c48ee876d0eb3d4c140fa7436d272d693097f005606f288e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 08 Mar 2019 22:46:03 GMT
server: nginx/1.16.1
etag: "5c82f0ab-617"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 1559
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 new_header.css
friends.in.ua/templates/StopFilm/css/ 9 KB
9 KB 130ms
126ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/new_header.css?v=1.0.1

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9a210f208afe7d94673898071f42e05c6040ae0d98aff80c0dd2770a18da62d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 03 Nov 2020 15:31:45 GMT
server: nginx/1.16.1
etag: "5fa177e1-23c1"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 9153
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 155ms
55ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a49365a0972e0978e6bb697a7f2f6916fcc47c6482b994b69e16122589964f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Nov 2022 02:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 02:54:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Nov 2022 02:54:57 GMT

GET
H2 200 scripts.js Show response
friends.in.ua/templates/StopFilm/js/ 36 KB
36 KB 130ms
126ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/scripts.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ca706f7070b55f04ad7e61bcd28ddf780ca341464cd42a329400101f0b01e423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:13 GMT
server: nginx/1.16.1
etag: "594681cd-8e69"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 36457
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 modernizr.js Show response
friends.in.ua/templates/StopFilm/js/ 10 KB
10 KB 130ms
126ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/modernizr.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d83c8c684c71b22436e90b2de30f4346a6691d1a40e93a19285864ee5725108a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:13 GMT
server: nginx/1.16.1
etag: "594681cd-2663"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 9827
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 ads.js Show response
friends.in.ua/templates/StopFilm/js/ 17 B
235 B 131ms
127ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/ads.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ab8b6924619317a40378b8e6300d982eed7212151048bc43bd2f3706ca428621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 10 Apr 2018 22:38:13 GMT
server: nginx/1.16.1
etag: "5acd3cd5-11"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 17
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 libs.js Show response
friends.in.ua/templates/StopFilm/js/ 3 KB
3 KB 131ms
127ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/libs.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

371bd1007ecc50fdb3474537fd2a65516483e547bd0a552e0c51770c5c4e5952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 16 May 2019 18:04:24 GMT
server: nginx/1.16.1
etag: "5cdda628-b99"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 2969
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 share42.js Show response
friends.in.ua/photos/share/ 3 KB
3 KB 132ms
128ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/photos/share/share42.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

e25b1807f6285a992305a2a993e7894c56c8864b20d7627f8956c454a8a84824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 28 Jul 2018 11:46:07 GMT
server: nginx/1.16.1
etag: "5b5c577f-b4c"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 2892
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
34 KB 144ms
45ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 02:27:27 GMT

GET
H2 200 slick.min.js Show response
friends.in.ua/templates/StopFilm/js/ 42 KB
42 KB 132ms
129ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/slick.min.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 22 Dec 2018 17:00:11 GMT
server: nginx/1.16.1
etag: "5c1e6d9b-a76f"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 42863
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 header.js Show response
friends.in.ua/templates/StopFilm/js/ 2 KB
2 KB 132ms
129ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/header.js?v=1.0.2

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f800e06dd0a06d26695ce311bdd13904916ae3e280481842cb5ffec4ddccc9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 09 Aug 2019 17:29:30 GMT
server: nginx/1.16.1
etag: "5d4dad7a-7f5"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 2037
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 video_switches.js Show response
friends.in.ua/templates/StopFilm/js/ 1 KB
1 KB 132ms
129ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/video_switches.js?v=1.0.6

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f4d6fa15792bf2316634e30547b58982f70779af811f4f4612d78d4af4525a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 18 Apr 2019 23:47:53 GMT
server: nginx/1.16.1
etag: "5cb90ca9-4b3"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 1203
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 jquery.video.js Show response
friends.in.ua/js/ 925 B
1 KB 132ms
130ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/js/jquery.video.js?v=2.0.7

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

39980b315eb62a1631c5f4016ab4b3e6cf632996def0434b91cec6077ec9bb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 10 Apr 2018 22:42:44 GMT
server: nginx/1.16.1
etag: "5acd3de4-39d"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 925
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 logo1.png
friends.in.ua/templates/StopFilm/images/ 10 KB
11 KB 57ms
49ms Image
image/png 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/templates/StopFilm/images/logo1.png

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

c24bbcb3112da75415103f764163f3d510440abe4f3916e601ae6c1fa894eb4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 07 Jul 2019 14:02:55 GMT
server: nginx/1.16.1
etag: "5d21fb8f-299c"
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
content-length: 10652
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 serial-druzi.jpg
friends.in.ua/photos/films/ 77 KB
78 KB 57ms
50ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/photos/films/serial-druzi.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

1e7e6b59a5b05255178c9b9acfc303fe2c35a16534e61076c8bfe37a16ec8e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Apr 2019 22:33:58 GMT
server: nginx/1.16.1
etag: "5cb506d6-13533"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 79155
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 charmed.jpg
friends.in.ua/posters/ 26 KB
27 KB 59ms
52ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/charmed.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

8fbef915c39b670da441a27a7ac28cfbd480a921ee6ec1ec0d325aec3d074914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 18 May 2019 16:00:51 GMT
server: nginx/1.16.1
etag: "5ce02c33-69d1"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 27089
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 domogospodarky.jpg
friends.in.ua/posters/ 28 KB
28 KB 73ms
66ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/domogospodarky.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

c2899b0932bdf27ca8d24ffefabe2892045f7dd8bcb3d45ba2c81f683578f308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 16 May 2019 21:40:32 GMT
server: nginx/1.16.1
etag: "5cddd8d0-70da"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 28890
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 pokoyivky.jpg
friends.in.ua/photos/pokoyivky/ 141 KB
141 KB 74ms
67ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/photos/pokoyivky/pokoyivky.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

b9132ab54c6e1bc9d6c1fd6b66b93c77894cda13b87cc8fdb3fabb1d4222ee0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Wed, 09 Feb 2022 09:50:32 GMT
server: nginx/1.16.1
etag: "62038e68-23273"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 143987
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 seks-i-misto.jpg
friends.in.ua/posters/ 49 KB
49 KB 80ms
73ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/seks-i-misto.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

57747d0c58d8a960164c63f821b3132b813318f97d34fe74ed61ff679158ede4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 13 Jun 2019 20:59:48 GMT
server: nginx/1.16.1
etag: "5d02b944-c438"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 50232
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 roksolana.jpg
friends.in.ua/posters/ 64 KB
65 KB 80ms
73ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/roksolana.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f83aba329a813f09369e5835393cf80f17235983b5933dcd51b8a8f3d95aac73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Wed, 07 Aug 2019 11:23:02 GMT
server: nginx/1.16.1
etag: "5d4ab496-1019b"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 65947
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 ErkenciKus.jpg
friends.in.ua/photos/ErkenciKus/ 57 KB
57 KB 80ms
74ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/photos/ErkenciKus/ErkenciKus.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

8078f97416dbfbb2b24d6a2ae82d6130ace453db0199a80746dfac32ac1040b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 29 Jan 2022 20:59:25 GMT
server: nginx/1.16.1
etag: "61f5aaad-e276"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 57974
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 IstanbulluGelin.jpg
friends.in.ua/photos/IstanbulluGelin/ 55 KB
56 KB 81ms
74ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/photos/IstanbulluGelin/IstanbulluGelin.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

825190bc39f5380a2a05980aa17f0503dceaa0704081a20b97f43afb180ca5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 26 Nov 2021 09:34:08 GMT
server: nginx/1.16.1
etag: "61a0aa10-dd71"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 56689
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 vandavizhen.jpg
friends.in.ua/posters/ 82 KB
83 KB 81ms
74ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/vandavizhen.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ae667f9c3a748739ea15139d817849bca484b29d00bdbdb3c5c6c318a87951b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 27 Feb 2021 13:15:04 GMT
server: nginx/1.16.1
etag: "603a45d8-149c4"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 84420
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 mandalorec.jpg
friends.in.ua/posters/ 71 KB
71 KB 81ms
75ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/mandalorec.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0c24d5868a3003ccf924ab3d528967219e03d6c93d46da648dc7e15b7d0b005d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 06 Nov 2020 19:17:18 GMT
server: nginx/1.16.1
etag: "5fa5a13e-11ca9"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 72873
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 office.jpg
friends.in.ua/posters/ 64 KB
64 KB 81ms
75ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/office.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

01f460e02afed4fa122618a31212b246ecb7004961851dce17a42500dc4e0442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 22 Jun 2020 13:53:11 GMT
server: nginx/1.16.1
etag: "5ef0b7c7-fe2a"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 65066
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 la-casa-de-papel.jpg
friends.in.ua/posters/ 84 KB
84 KB 82ms
76ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/la-casa-de-papel.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

855cf138941573cf3dd1daf6ea12a15122e115c9145d809c8e3556f73668e254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 06 Sep 2021 19:29:55 GMT
server: nginx/1.16.1
etag: "61366c33-14e6a"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 85610
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 vidmak.jpg
friends.in.ua/posters/ 68 KB
68 KB 82ms
76ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/vidmak.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

164331299d8714c825f8579119570c0281762fd67567e32cfa7e95cfa0516a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 27 Dec 2019 02:18:08 GMT
server: nginx/1.16.1
etag: "5e0569e0-10e4a"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 69194
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 baffi.jpg
friends.in.ua/posters/ 61 KB
61 KB 82ms
76ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/baffi.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ba6ad3d5f2e4f812f189159634422ef4595e1efecc67ac79f5bd484fba3e3a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 09 Mar 2020 14:44:01 GMT
server: nginx/1.16.1
etag: "5e665631-f28f"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 62095
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 big-bang.jpg
friends.in.ua/posters/ 69 KB
70 KB 82ms
77ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/big-bang.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0462c90aa69c24ecb90cfb59024b71fb99c89c911432d5ad21c7cbf18ef7ea6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 23 Jul 2019 15:21:03 GMT
server: nginx/1.16.1
etag: "5d3725df-11543"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 70979
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 sheldon.jpg
friends.in.ua/posters/ 45 KB
45 KB 83ms
77ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/sheldon.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0914444836fae2f430d7c42f27b07a536508197a35aa9e4c8294bc5f7978d08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 06 Aug 2019 14:10:15 GMT
server: nginx/1.16.1
etag: "5d498a47-b347"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 45895
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 novobranec.jpg
friends.in.ua/posters/ 47 KB
47 KB 83ms
77ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/novobranec.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0312e1f30bf4a79a90bead6d2cd681c2049e8a51d9e4a55249f21b2300da09c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Wed, 20 Nov 2019 20:16:55 GMT
server: nginx/1.16.1
etag: "5dd59f37-bc29"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 48169
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 met-mother.jpg
friends.in.ua/posters/ 56 KB
56 KB 83ms
78ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/met-mother.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

94d7aa346974c2fb89458181777b05db520c81fefd53220dd124f064b08e6866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 06 Aug 2019 19:03:02 GMT
server: nginx/1.16.1
etag: "5d49cee6-e08a"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 57482
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 alf.jpg
friends.in.ua/posters/alf/ 58 KB
59 KB 83ms
78ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/alf/alf.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

19bcad5c32c05a87eeecac5ae6a3398dc2b3d2a0409a32f32c4824b4a0ca9459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 16 Sep 2019 21:48:34 GMT
server: nginx/1.16.1
etag: "5d800332-e9cb"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 59851
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 joey.jpg
friends.in.ua/posters/ 47 KB
47 KB 83ms
78ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/joey.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d9f7eb7abd8c938bdd86975d382911f93580a1a4622b2b816fb920f93e9a66ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 11 Aug 2019 15:35:16 GMT
server: nginx/1.16.1
etag: "5d5035b4-bb7c"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 47996
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 ncis.jpg
friends.in.ua/posters/ 68 KB
68 KB 83ms
79ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/ncis.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

00ac6ba4c7cd386ce2f692f45e7718b866bb00af4a14be2efab8e49a90b3df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Wed, 14 Aug 2019 22:12:20 GMT
server: nginx/1.16.1
etag: "5d548744-10fae"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 69550
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 dyvni-dyva.jpg
friends.in.ua/posters/ 53 KB
54 KB 84ms
79ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/dyvni-dyva.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

c6002842e5f7cd5d7898ccd55452049240e2014e283191fb63770bfe3ec49973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 06 Jul 2019 22:49:34 GMT
server: nginx/1.16.1
etag: "5d21257e-d53b"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 54587
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 doktor-haus.jpg
friends.in.ua/posters/ 52 KB
52 KB 84ms
79ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/doktor-haus.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f60dae7119e9a426e1d780c4975d6bcc5a86ee60638a8bd0588324ed29905438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 17 Jun 2019 15:06:56 GMT
server: nginx/1.16.1
etag: "5d07ac90-d009"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 53257
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 rozcharuvannya.jpg
friends.in.ua/posters/ 41 KB
42 KB 84ms
80ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/rozcharuvannya.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

425d14466d34dbb0acaa9cac644d5508c96124e36c0f233b365dff87a6e37874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 16 May 2019 21:43:08 GMT
server: nginx/1.16.1
etag: "5cddd96c-a50d"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 42253
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 policiya-paradayz.jpg
friends.in.ua/posters/ 34 KB
35 KB 84ms
80ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/policiya-paradayz.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

5ce0bbe89a521f471b2e1dcac3dfde2fa5532200acc9d5d3c8a450f363a2c54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 19 May 2019 19:05:17 GMT
server: nginx/1.16.1
etag: "5ce1a8ed-8991"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 35217
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 jquery.cookie.js Show response
friends.in.ua/js/ 3 KB
3 KB 52ms
45ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/js/jquery.cookie.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 11 Aug 2017 11:22:09 GMT
server: nginx/1.16.1
etag: "598d9361-c31"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 3121
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 share.js Show response
friends.in.ua/templates/StopFilm/js/ 3 KB
3 KB 54ms
46ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/share.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

77b923d6fd76d50e9728f2786c10de9ab04d7853b863244de8f4f9ab612f8bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:13 GMT
server: nginx/1.16.1
etag: "594681cd-c98"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 3224
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
48 KB 230ms
116ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8641702971c5ef86d5a8f5b5103671c55f309b9b440e400a15f1b384c589830e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: cafe
etag: 12722331224591909883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Nov 2022 02:54:58 GMT

GET
H2 200 pushy.min.js Show response
friends.in.ua/templates/StopFilm/js/ 2 KB
2 KB 56ms
48ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/pushy.min.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

5f1a3a89f85d7d8fea248137111c5030e521d9efa3da80f95eaa2bf8ac3b6836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:13 GMT
server: nginx/1.16.1
etag: "594681cd-7d2"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 2002
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H/1.1 200
OK lib.js Show response
franecki.net/js/ 37 KB
12 KB 130ms
39ms Script
text/javascript 89.149.200.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://franecki.net/js/lib.js?no_dmp=1

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

openresty /

Resource Hash

ed4a6bfc2ee3e531be78b7330cbdbf23b564fa5144975bca472d60c3b03212b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: close
Expires: 0

GET
H/1.1 200
OK lib.js Show response
franecki.net/js/ 38 KB
12 KB 138ms
41ms Script
text/javascript 89.149.200.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://franecki.net/js/lib.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

openresty /

Resource Hash

da2b4f5e267926226cf9b7b35aa7c01bd089d257b703b5d54a74d94e10483c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: close
Expires: 0

GET
H2 200 thesimpsons.jpg
friends.in.ua/templates/StopFilm/images/ 30 KB
30 KB 48ms
47ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/templates/StopFilm/images/thesimpsons.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/templates/StopFilm/css/style.css?v=1.1.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

480e671f35917348ea232ffe01e2d759469f630f3b4045689e60d2edf69b63e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/templates/StopFilm/css/style.css?v=1.1.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:57 GMT
strict-transport-security: max-age=31536000;
last-modified: Wed, 21 Jun 2017 10:09:06 GMT
server: nginx/1.16.1
etag: "594a45c2-78aa"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 30890
expires: Sat, 10 Dec 2022 02:54:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 170ms
45ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 01:15:51 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5947
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 30 Nov 2022 03:15:51 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 183ms
52ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

506964f58b17716402ad40ec3fcab7535bafa18b92324ba99fc8b40eb830d3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 02:54:58 GMT
content-md5: 1q5n8QUS/Rm9Pi0Z+L9XwA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: JVAbdEoye2LcMglu44n/jtIlSkbQMynFM1fEFGOAToS1jl8J/Wjv9S7OkTCv5P5kTaQI6+ijv+qg4UUCem6maQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 193c1181098477fefba4eeb9aefb1749
cross-origin-opener-policy: same-origin-allow-popups
etag: "fe9db8a3d91f7c34eeb3c5956e3d81f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Wed, 30 Nov 2022 02:57:29 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUJiZTaR.woff2
fonts.gstatic.com/s/oswald/v49/ 6 KB
6 KB 197ms
89ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUJiZTaR.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c298c7796b872b6caa387178a0089923ed809b663bc5584601ec7c2182eb2bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://friends.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 17:19:35 GMT
x-content-type-options: nosniff
age: 380123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5856
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:16:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 17:19:35 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
11 KB 195ms
88ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://friends.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 21:10:00 GMT
x-content-type-options: nosniff
age: 107098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 21:10:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 18A8 10 KB
5 KB 156ms
44ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 58371
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 10:42:07 GMT
etag: 10353107486223812946
expires: Tue, 13 Dec 2022 10:42:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 0cebdb31bcc8cbf9d7da8a95e22b5982.js Show response
franecki.net/assets/pack/ 0
606 B 119ms
43ms Script
text/plain 89.149.200.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://franecki.net/assets/pack/0cebdb31bcc8cbf9d7da8a95e22b5982.js?1&ct=na&webp=1&sw=1600&sh=1200&ww=1600&wh=1200&fp=42a0872bef3364e3484ecd91a6996b1e&libjs=1&dc_rid=

Requested by

Host: franecki.net
URL: https://franecki.net/js/lib.js?no_dmp=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:54:58 GMT
Strict-Transport-Security: max-age=86400; includeSubDomains; preload
Content-Encoding: gzip
x-render-time: 2.79
Server: openresty
Transfer-Encoding: chunked
x-adwsegments: {"r:100842:iprange:1":1}
access-control-allow-credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 67b798e50a15eca78568eeb621e83c3f.js Show response
franecki.net/assets/pack/ 2 KB
2 KB 141ms
65ms Script
application/x-javascript 89.149.200.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://franecki.net/assets/pack/67b798e50a15eca78568eeb621e83c3f.js?1&ct=na&webp=1&sw=1600&sh=1200&ww=1600&wh=1200&fp=42a0872bef3364e3484ecd91a6996b1e&libjs=1&dc_rid=

Requested by

Host: franecki.net
URL: https://franecki.net/js/lib.js?no_dmp=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

openresty /

Resource Hash

a57acc7776143c4260462075f7ee06df650c3ea5969900f63f1246b0fb76cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:54:58 GMT
Strict-Transport-Security: max-age=86400; includeSubDomains; preload
Content-Encoding: gzip
x-render-time: 23.2
Transfer-Encoding: chunked
x-adwsegments: {"r:100842:iprange:1":1}
Connection: close
x-sspt: 15
Pragma: no-cache
Server: openresty
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
Access-Control-Allow-Headers: *
x-cid: 33246
Expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H/1.1 200
OK b884872a195939d21d07f1384cc7928d.js Show response
franecki.net/assets/pack/ 0
676 B 122ms
46ms Script
text/plain 89.149.200.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://franecki.net/assets/pack/b884872a195939d21d07f1384cc7928d.js?1&ct=na&webp=1&sw=1600&sh=1200&ww=1600&wh=1200&fp=42a0872bef3364e3484ecd91a6996b1e&libjs=1&dc_rid=

Requested by

Host: franecki.net
URL: https://franecki.net/js/lib.js?no_dmp=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:54:58 GMT
Strict-Transport-Security: max-age=86400; includeSubDomains; preload
Content-Encoding: gzip
x-render-time: 3.45
Server: openresty
Transfer-Encoding: chunked
x-adwsegments: {"r:100842:iprange:1":1}
access-control-allow-credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 307 KB
87 KB 114ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=03109907662646a9a6d583a600dc452a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f057ca51443737ce794f152c46c08706aeb1ec687322e7e0c37d2ea8077d3c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://friends.in.ua/
Origin: https://friends.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 02:54:58 GMT
content-md5: YIeKhchbtot22D/jbCKxoA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88588
x-fb-rlafr: 0
x-fb-debug: 4EvXTicOIpj85UTQq2VDX34M4j963PCrlA1SnJ3QisUHtjjkNu1DbnejLWmbXoEGNuAOp4o/R3TCt3AMA5TRdQ==
x-fb-content-md5: 4ed93ea9d2a76679ae773d85f6f5156f
cross-origin-opener-policy: same-origin-allow-popups
etag: "d736ca51437ba83c7eac8846650b0ad6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 29 Nov 2023 22:15:17 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 52ms
51ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=362943463&t=pageview&_s=1&dl=https%3A%2F%2Ffriends.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=269501704&gjid=2133880052&cid=1614074609.1669776898&tid=UA-60815340-5&_gid=117404177.1669776898&_r=1&_slc=1&z=620090364

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://friends.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 51ms
51ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=362943463&t=pageview&_s=1&dl=https%3A%2F%2Ffriends.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1090044530&gjid=207959772&cid=1614074609.1669776898&tid=UA-60815340-5&_gid=117404177.1669776898&_r=1&gtm=2oubs0&z=1296428598

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://friends.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
117 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8ad1ed9aa315cd986650033dfe816eab16e05758464729b1cba116a820c52a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119172
x-xss-protection: 0
server: cafe
etag: 1719986280388044642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 30 Nov 2022 02:54:58 GMT

GET
H/1.1 200
OK / Show response
aurabom.ru/player/ 126 KB
39 KB 315ms
128ms Script
text/javascript 91.228.155.126
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://aurabom.ru/player/
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.155.126 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde377-1.fornex.org
Software: nginx /
Resource Hash: 23cc189bf16bb0dc8d64b35e80ce28684de1efc8464b328e9c3eed33bcda7a76

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:54:58 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"1f73f-Q/r+/jCEj2u0ipONs6QHVA"
Vary: Accept-Encoding
Transfer-Encoding: chunked
X-Hostname: dsde326.rotator.viboom.com
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK humanitarian-five.js Show response
franecki.net/js/ 43 KB
13 KB 120ms
41ms Script
application/javascript 89.149.200.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://franecki.net/js/humanitarian-five.js?no_dmp=1
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: openresty /
Resource Hash: 6b5f93fcba0cae2cf7d63478302e219b922d252bca9925061e733d5494da52ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:54:58 GMT
Content-Encoding: gzip
Last-Modified: Sun, 02 Oct 2022 10:49:31 GMT
Server: openresty
ETag: W/"63396cbb-ad30"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: close

GET
H2 200 test-ad.php Show response
friends.in.ua/ 4 B
131 B 209ms
209ms XHR
text/html 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/test-ad.php?adsize=981&adnet=120x600&adspace=adslot

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 / PHP/5.6.40

Resource Hash

5db1fee4b5703808c48078a76768b155b421b210c0761cd6a5d223f4d99f1eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept: */*
Referer: https://friends.in.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
strict-transport-security: max-age=31536000;
server: nginx/1.16.1
x-powered-by: PHP/5.6.40
content-type: text/html; charset=UTF-8

GET
H2 200 fontawesome-webfont.woff
friends.in.ua/templates/StopFilm/fonts/ 64 KB
64 KB 208ms
208ms Font
application/font-woff 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/templates/StopFilm/css/font-awesome.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://friends.in.ua/templates/StopFilm/css/font-awesome.css
Origin: https://friends.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:13 GMT
server: nginx/1.16.1
etag: "ffac-5523c1a1a4d40"
content-type: application/font-woff
accept-ranges: bytes
content-length: 65452

GET
H2 200 adv.png
friends.in.ua/ 544 B
754 B 206ms
206ms Image
image/png 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/adv.png?adsize=981&adnet=120x600&adspace=adslot

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

e9d04b52142cb63af955d167a62bc412e280b01a17648994aa4b838e0c979c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 10 Apr 2018 22:08:58 GMT
server: nginx/1.16.1
etag: "5acd35fa-220"
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
content-length: 544
expires: Sat, 10 Dec 2022 02:54:58 GMT

GET
H/1.1 200
OK azure_rus.gif
www.megastock.ru/doc/88x31_user/ 2 KB
2 KB 291ms
82ms Image
image/gif 212.118.48.164
CITYLAN-EAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.megastock.ru/doc/88x31_user/azure_rus.gif

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.118.48.164 , Russian Federation, ASN204076 (CITYLAN-EAST, RU),

Reverse DNS

Software

openresty / ASP.NET

Resource Hash

1cdfec4471965cdc07a0a4fff3c5d65c624d201dd2d30772d1fa40adff2d9e4e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:54:58 GMT
Last-Modified: Thu, 07 Nov 2013 09:45:35 GMT
Server: openresty
ETag: "1d4ce71b9edbce1:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2183

HEAD ping
test.takedwn.ws/ 0
0

GET
H/1.1 200
OK player
stats.myangular.life/ 0
187 B 175ms
52ms Image
text/plain 138.201.51.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.myangular.life/player?hit=script&sub=actualize&host=friends.in.ua
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.51.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.51.201.138.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 30 Nov 2022 02:54:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H2 200 t.js Show response
sholke.com/ Frame 5993 54 KB
15 KB 154ms
49ms Script
application/javascript 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: _w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding: gzip
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
date: Tue, 29 Nov 2022 16:28:54 GMT
last-modified: Fri, 11 Nov 2022 10:14:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 37565
etag: W/"57c945f3c1feba973398debac47b1341"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ODchzvH1xS0FvniYLlNhjLSuGlM1zLJEtB6T9twzQUBB2-NDgVL0tA==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
700 B 150ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=friends.in.ua&callback=_gfp_s_&client=ca-pub-1034840951493578&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3757cd87759d7906875743128d3356103096ab3bdf1af298f205a666ca5d71f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 188ms
52ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=friends.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 175ms
53ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=friends.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 359B 603 B
68 B 165ms
75ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1034840951493578&output=html&adk=1812271804&adf=3025194257&lmt=1669776898&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ffriends.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669776898389&bpp=3&bdt=701&idt=172&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6637307009969&frm=20&pv=2&ga_vid=1614074609.1669776898&ga_sid=1669776899&ga_hid=362943463&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C44774648%2C42531706%2C44767167%2C44773613%2C44774652%2C44770880%2C44778741&oid=2&pvsid=3793529583876169&tmod=2050232302&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=193

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 02:54:58 GMT
expires: Wed, 30 Nov 2022 02:54:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 t6vjtkugvap61lmhzkwwc.json Show response
sholke.com/c/ Frame 5993 1 KB
2 KB 172ms
81ms Fetch
application/octet-stream 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/c/t6vjtkugvap61lmhzkwwc.json
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b297024f28bf7c02f796c5c55280dd53fd0047fa2e52c9d8c315c6128edb295

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: pVkEGPVSKVwkyogRewqUk3pqmAvdsx25
date: Tue, 29 Nov 2022 16:39:48 GMT
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 36911
x-cache: Hit from cloudfront
content-length: 1358
last-modified: Thu, 10 Nov 2022 10:46:38 GMT
server: AmazonS3
etag: "9a54f2d2288abe8c26895e080138964a"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: WehiINi1X65L1jp9EdHv-AjWQiF-rTsnKgemRklqFecP7nM30hZ1oQ==

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 160 KB
57 KB 367ms
179ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: aurabom.ru
URL: https://aurabom.ru/player/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2007223b097e96995a0c050af1ad3cd83a7d88e9591842e19f54fc45560e2f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 28 Nov 2022 17:04:33 GMT
etag: "6384bff1-e18d"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57741
expires: Wed, 30 Nov 2022 03:54:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 143ms
53ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-57015589-1&l=viboomGa

Requested by

Host: aurabom.ru
URL: https://aurabom.ru/player/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fadf13b347ecb07287970409fcacd0a9fb8001f04c2f9c817f6dff3c04d98487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43632
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Nov 2022 02:54:58 GMT

GET
H/1.1 200
OK video.css
aurabom.ru/ 26 KB
6 KB 56ms
55ms Stylesheet
text/css 91.228.155.126
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://aurabom.ru/video.css
Requested by: Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.155.126 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde377-1.fornex.org
Software: nginx /
Resource Hash: 892cb57a1eeb3e07a75462120d3b8429f2cf28d1f57aba1d7933395a9043bb7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:54:58 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"688f-KJGOmg0i5xsU4jAsDLZ+fw"
Vary: Accept-Encoding
Transfer-Encoding: chunked
X-Hostname: dsde326.rotator.viboom.com
Content-Type: text/css; charset=utf-8
Connection: keep-alive

GET
H2

200

pixel.js Show response
x01.aidata.io/
Redirect Chain

https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=3244e989c10efe3a56d586644102a1b7&v=1669776898767
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=3244e989c10efe3a56d586644102a1b7&v=1669776898767&pid=VIBOOM&js=1&show_js_referer=1&bounce=1

1 KB
1 KB

77ms
76ms

Script
application/javascript

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=3244e989c10efe3a56d586644102a1b7&v=1669776898767&pid=VIBOOM&js=1&show_js_referer=1&bounce=1
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: 44c1b74d0cfa63c14cb4e9f6665867ef7d0ed66484634b33aeb2062d7e4590f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2022 02:54:58 GMT
server: nginx
access-control-allow-methods: GET, POST
content-type: application/javascript
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Wed, 30 Nov 2022 02:54:58 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:58 GMT
last-modified: Wed, 30 Nov 2022 02:54:57 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=3244e989c10efe3a56d586644102a1b7&v=1669776898767&pid=VIBOOM&js=1&show_js_referer=1&bounce=1
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Wed, 30 Nov 2022 02:54:57 GMT

GET
H/1.1 200
OK / Show response
aurabom.ru/video/get/ 202 B
715 B 166ms
113ms Script
text/javascript 91.228.155.126
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://aurabom.ru/video/get/?platformId=101909&format=3&overrollType=embeded&sig=31aeb6078a58f6d2&data=%7B%22shown%22%3A%5B%5D%2C%22errors%22%3A%5B%5D%2C%22dimentions%22%3A%7B%7D%2C%22referer%22%3A%22https%3A%2F%2Ffriends.in.ua%2F%22%2C%22origReferer%22%3A%22https%3A%2F%2Ffriends.in.ua%2F%22%2C%22location%22%3A%22https%3A%2F%2Ffriends.in.ua%2F%22%2C%22n%22%3A0%2C%22lang%22%3A%22en-US%22%2C%22title%22%3A%22%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS%22%7D&vbmuid=3244e989c10efe3a56d586644102a1b7
Requested by: Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.155.126 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde377-1.fornex.org
Software: nginx /
Resource Hash: 8d4b9d561703235b44c824408370d4405e2c2c7ba7da310af7f40fc094da283e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:54:58 GMT
Server: nginx
ETag: W/"ca-2ZN5lu9UKj1bfipcdO3KEw"
Rotator-message: video: no campaignAccess, code: -11, msg: undefined, format: 3, platformId: 101909, rtrCampaignId: false
X-Hostname: dsde326.rotator.viboom.com
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 202

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9D9C 79 KB
27 KB 202ms
62ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

925840568650a020870e2fe1eb5a3a17d945631e6b15e8a5f04865488b7591f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27266
x-xss-protection: 0
server: sffe
etag: "1407 / 639 of 1000 / last-modified: 1669763224"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 30 Nov 2022 02:54:59 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 9D9C 424 KB
122 KB 130ms
50ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1208
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMkWp5lk1OIpf8nGjsCw7X%2FA3VtTXvFJ6C4SXs73v%2BubjEad%2BfNsOtmihfkoTZY%2Fh6%2FmlxZLcpHcB0qVo194rHqVbOVKJ5Gpor4zSw7gTA85VBfsi0wKYKudP92l2hj2VRgfE80ucBbYmoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d328a02dd7c-LHR

GET
H2 200 p.html Show response
sholke.com/r/ Frame 59BB 10 KB
3 KB 45ms
45ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=ngizwhwp&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: dG_g40WLx2bBRbzI9D7Rb4LFTQ4IxgZB_kdoVRWrcbmCKNngSIVR_w==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame A9B0 10 KB
3 KB 45ms
44ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=alwjcyieh&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: RxNKfZHm-s7WCfUNkbgjDIUD2iw6O5W1XojeQYmAK-YZ7chnjnuTlA==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 3FB1 10 KB
3 KB 45ms
45ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=yqvehrt&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: T8dywEcyppR_r0EnlMkjo1auAcPLW4QINV6wJFa6nHGUjJq61tZhrw==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame A39C 10 KB
3 KB 45ms
45ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=rdzgqquyhm&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: qahGl_w1Qng7srKk5NWVt1jjQd-rlVPDbSxviq9r3FfcJgN0PronNQ==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame C1BC 10 KB
3 KB 44ms
44ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=dljymeet&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: zdoBT_k4vfpSI5bLNhBbrPmO_orWK2e_7QN4fECmFvYIZUkG-wJKIg==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame AD2E 10 KB
3 KB 45ms
44ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=xlembrcyf&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: uQ67FCXqVqGa0pHt2E_hdJFMmzCDEIMQLrCABge1UDpv14cg2RF7pw==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 0009 10 KB
3 KB 45ms
44ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=nzmqounkzh&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: gQpSmgieFx1IykKuwS3EbfD8cTfIhKKac39t6Ok4HQykaBUmZzWHOA==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 65A8 10 KB
3 KB 45ms
44ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=ojofxscs&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: LRIV7XMMFlUStXnsEURdxJRVe-Ds9r4FpuxojQilHBVqnc2OR3fzRw==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame E3C2 10 KB
3 KB 45ms
44ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=dercuczi&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: AdO5EFag3c_HLp0E_f429c4DZw2QBljCeCtKdWKTuvPeIzYMIoARKw==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 46A8 10 KB
3 KB 45ms
45ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=jgbdaqh&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: 3K71x4EOftkY2sJ3VYzU9CPvPr4zEA0XWSkfS1n350OA-59DQLAjRg==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame C7BE 10 KB
3 KB 58ms
57ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=zpbms&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: 6DFd8WRXlUAXnc8a9tYjfwqbGIgHFf9wKifeIaYSGst_5FjgEVpFlg==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 62EF 10 KB
3 KB 56ms
55ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=nfzrbozjr&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: XULQ6ZzMUf1yi9YU7N_p_b5orqQilPsb1PWuRZboOqyl7u2Gb_I75Q==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 18DE 10 KB
3 KB 52ms
52ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=vxwnlotzh&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: jEp_P5y3tAQF_VEg7IguMH3IAVMR5aedxzJgqS3e5xG_1TH0JgorNA==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame F0B9 10 KB
3 KB 50ms
50ms Document
text/html 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=jhyrgzcc&e=1731193540923
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3543261669776898510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37569
content-encoding: gzip
content-type: text/html
date: Tue, 29 Nov 2022 16:29:29 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-id: KB-7OAyKRTexQkf2DBRFdSExAVJgrxS1-FLQbwz_fU5P8j7gjB8vCw==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK b Show response
mxtads.com/6238012052/ 23 KB
6 KB 130ms
41ms Script
application/javascript 213.196.39.165
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://mxtads.com/6238012052/b
Requested by: Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.196.39.165 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6845b6896e74c6be8da223ccf09aa5556c1bb53bd3b947c1f91408e8df31871f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: private
Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 02:54:59 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=0
Connection: close
Expires: Wed, 30 Nov 2022 02:54:59 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 52ms
52ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=362943463&t=pageview&_s=1&dl=https%3A%2F%2Ffriends.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=283082191&gjid=1151134769&cid=1614074609.1669776898&tid=UA-57015589-1&_gid=117404177.1669776898&_r=1&gtm=2oubs0&z=311329037

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://friends.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57015589-1&l=viboomGa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 01:15:51 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5948
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 30 Nov 2022 03:15:51 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 59BB 424 KB
122 KB 52ms
51ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=ngizwhwp&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmSe%2B6fm2K%2BCWLIci6o7mlsvDssG9VBXGL2vN9VvXwabYO4uwUnlBZ6JzXEoDroGCRzDqV%2Bg%2F0YENFLBJfDGH5auh09zeZzZyWFCJcZimy4AuTokD1IPyPA4%2F2Gs34euBmGrQxQslvOTsEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d337ac4dd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame A9B0 424 KB
122 KB 53ms
53ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=alwjcyieh&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzipO8lEN%2FdmRDwNI15onjoi5ijVT7zTixiU6bbNCD%2BtSxzDfg8GPLCxrO4xvInBtrsiaJQxRoAP4yGd%2FaIhOvNg50oep7a%2FSS08PfhZiidGM7mSJo3xaeuNMarG29RVhFb04atAZ3FbYg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d338ae2dd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 3FB1 424 KB
122 KB 71ms
71ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=yqvehrt&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqTapFvZ%2B2mVbVPHUJzNFqVBA6LU2eHcYHqbeL52MgwosWnRUD9KuYRndzgvnD5T0PFQh0ztWouAJGIK90FQ%2BuX2Pqn%2FUwoQTJ0UpN3PNrlGK%2BImq%2BSgH8gRqJy%2F8QXFKWr1DEhd3x25fGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d339aefdd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame A39C 424 KB
122 KB 62ms
60ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=rdzgqquyhm&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1OkG3bCEPz2nxeTGra3boKyX1vhFNQLjHIsgVKXrrRwUuV%2FX%2FHkl0vBnXggiOuUqzp5Hq1edBfxYVvLwHpbeZHvitfzPlOURW%2Bs0f4ncvTsjne5qxImVXVL%2BhJX%2Fs%2B5KDZZ9X1I9VRO58c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d33aaffdd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame C1BC 424 KB
122 KB 59ms
59ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=dljymeet&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGGwoVZNhF1nnmXXWAnNUMM1gdUkv0nwn3CN%2FeATPJkzbS88kurh3rHtI5OdddM6P%2FNssKNsQJXK9Nn6Pm6xw4cgbascXomm1qjMhocw%2FjrRJqi174E%2BbliTuU4vatpD1TjENjVhguq9EMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d33bb08dd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame AD2E 424 KB
122 KB 60ms
59ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=xlembrcyf&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXKa%2BgsVnD%2Frc3y534dQYV4Ns%2BT%2BwDWdXMJOgIXSYQQJq%2FaJbRCzxMkwaiZDUsDDJRTo8vxXKtogWEYLLbdf7JxOHZxa2ITAzaT9XpW9vOYhaXOOYmbCMSUf80hU5xELkdm%2FNFuapJhy%2B%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d33cb13dd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 0009 424 KB
122 KB 64ms
63ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=nzmqounkzh&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KP0G9uhORphNN%2B2FlEx8rHWKHSXrAM6HjvnXeXDI%2FrgA%2FYABXXbG5appQ%2Bvo2GZvYlzhlvF2kBk8jFKeg43sqhbU59JonuccUEVI%2B6EZbBnkNuOFk1d9X7lIVCixaufudsYkiA70WJhCV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d33eb26dd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 65A8 424 KB
122 KB 55ms
55ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=ojofxscs&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vg8yPhZdrMCTV22iAokYu7nIstiW2zxVc820Mi4bgjFyPJcVYV%2FKvBOfh4iJqHKj4ixTN32el5RTs4wMphdwWKoSunEa1m4aOIdgDncJlKLlMOO11eskCmS6oiADdznoGUOWD5OTDxYQzjU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d33eb2bdd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame E3C2 424 KB
122 KB 53ms
53ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=dercuczi&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsOkixNp6lVr3nr9HPO0zmcxDxUShUNkxJfQEV29R24iKNwMa%2BxnO3eE0wxEIrzJYoWeWiemCyXXfgVjXZpfSHuaYYNpU7wtOgxozm07E5Fzrp1a3HvrHTjPdj1nQTe4RW5hmWOYgCjGzFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d33fb37dd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 46A8 424 KB
122 KB 55ms
54ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=jgbdaqh&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bW6WdmOQYYbzU4n%2FT5aaoyAI7zW7UpFTl3KK%2B%2BVAGny6NKcdEs3bA0mYT99DI%2B0iwBmL0B45AXjjC55JfDwZDngegOZIP69RyftfXiQ1FbO00Ci8Gcx4bZ3%2Bn0o0hYswK4dua0OqZlMik0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d340b44dd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame C7BE 424 KB
122 KB 55ms
54ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=zpbms&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jveR%2F2FYHooREmWes3oTD1UiZqOEBburH7DhYR8F4wcEBiiE2bJrSzacFjTGyP1zh5wiRU07ZZWfIOMeiGmyrLnJL3bYd0coH14EanDu6kg89Ww31Km3Mow3lCVlol8XaNrzy5bitlj3AQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d344b71dd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 62EF 424 KB
122 KB 48ms
48ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=nfzrbozjr&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2Bm%2Bs9eD2zU1K5wKEEM3NObPsawUuSg1uv%2Fmc681v%2Bip7Rx703QgVmN%2FKApCZ4dr0KEIOVd%2BP3qOG%2BsLHgnKSIwt8J8fKqG5bKbVdx0W6S8nYIucC%2FCXwurhks0IM1oEB5wE3CCe8HcAWwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d345b80dd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame F0B9 424 KB
122 KB 48ms
47ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=jhyrgzcc&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niaL9DxYJIp57q2QQEGa3aT%2BeMaFde9f3pjZFImiv%2F8epoA7bUWlryHc2lhyf0PSpLTHaRtExpLPeh2RBVlR1e4ziLMBPnQeNzO4Y2bUpM0mTYK1qRZwUvqM75CbpFUPvM76%2B%2Fblzr2tg%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d346b92dd7c-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 18DE 424 KB
122 KB 50ms
47ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=vxwnlotzh&e=1731193540923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KSZRBH8JWNED8RB1
age: 1209
x-amz-id-2: UJ3O6GjZpmiYHhdEnaiZOWPKv2EeAx+8obDONPVVk6YCRvoPgy7E1ORNV2HGZog6cu30lnJsrIg=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCu0sJR8QRaeiYckhofjenzaYRNSY5I2ywmAvyY1yud6rQ%2BvDDwRZqFfVwDNlU5GGS0tlw6RIZJAyQtM3%2FQfCWlRmmnOmqKmOqKZVYoHUVehfioTAw3cjaUbYj7TIir%2Fb4JJcpdBWTefN0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77204d347ba4dd7c-LHR

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9D9C 144 B
1 KB 218ms
117ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ba9d86bcf9efa737f000eb3e2fa4770769dfbc9654c65bc57f7f9e0af1c576d0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: 5edc86ab-3571-454a-948f-19de1d9fa47e
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://friends.in.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 9D9C 171 B
555 B 233ms
102ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:58 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://friends.in.ua
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 9D9C 0
215 B 129ms
41ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=69617352120&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://friends.in.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 9D9C 171 B
555 B 228ms
101ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://friends.in.ua
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9D9C 0
176 B 129ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://friends.in.ua
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame 9D9C 0
230 B 172ms
57ms XHR
text/html 23.88.17.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.17.88.23.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://friends.in.ua
access-control-allow-credentials: true

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9D9C 381 KB
129 KB 136ms
45ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 22:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 Nov 2023 22:17:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 9D9C 73 B
83 B 145ms
54ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=friends.in.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cee490fdb12f5a7b47e3c3cb6c07082dbb80d36bac565762799456fde264424d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59
x-xss-protection: 0
expires: Wed, 30 Nov 2022 02:54:59 GMT

GET
H2 200 pixel.js Show response
x01.aidata.io/ 21 KB
5 KB 78ms
77ms Script
application/javascript 89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=3244e989c10efe3a56d586644102a1b7&v=1669776899327&url=https%3A%2F%2Ffriends.in.ua%2F&is_js_referrer=1&origin_referrer=
Requested by: Host: x01.aidata.io
URL: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=3244e989c10efe3a56d586644102a1b7&v=1669776898767
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: 18e79a16c33cdd8d59eddd81ef793fcc0159611cb33c6fd490154dcce43239c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2022 02:54:58 GMT
server: nginx
access-control-allow-methods: GET, POST
content-type: application/javascript
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Wed, 30 Nov 2022 02:54:58 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/36124145/
Redirect Chain

https://mc.yandex.ru/watch/36124145?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.ru/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3A...

447 B
643 B

98ms
97ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1273193477022%3Ahid%3A50931047%3Az%3A0%3Ai%3A20221130025459%3Aet%3A1669776899%3Ac%3A1%3Arn%3A210219007%3Arqn%3A1%3Au%3A1669776899835718396%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C223%2C488%2C46%2C160%2C0%2C%2C664%2C14%2C%2C%2C%2C1582%3Acpf%3A1%3Ans%3A1669776896812%3Arqnl%3A1%3Ast%3A1669776899%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

921d3b2cb28357d57e850b0b57621f3c7b6b0caeaa880c8d7887ceb29fa5d65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 30-Nov-2022 02:54:59 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://friends.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 02:54:59 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 30-Nov-2022 02:54:59 GMT
location: /watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1273193477022%3Ahid%3A50931047%3Az%3A0%3Ai%3A20221130025459%3Aet%3A1669776899%3Ac%3A1%3Arn%3A210219007%3Arqn%3A1%3Au%3A1669776899835718396%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C223%2C488%2C46%2C160%2C0%2C%2C664%2C14%2C%2C%2C%2C1582%3Acpf%3A1%3Ans%3A1669776896812%3Arqnl%3A1%3Ast%3A1669776899%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://friends.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 02:54:59 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 90ms
90ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 28 Nov 2022 17:04:33 GMT
etag: "6384bff1-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 30 Nov 2022 03:54:59 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 59BB 0
211 B 42ms
42ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=53034152652&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 59BB 144 B
1 KB 151ms
113ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

57d306987ff520c8bb4148ea6a43ddb53878cc755fb340eca2a7961d70fc1f76

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: 48b20a67-0486-4259-bd11-1e3d777d0d4d
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 59BB 0
172 B 41ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 59BB 171 B
552 B 191ms
141ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:58 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 59BB 171 B
552 B 153ms
102ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3FB1 0
211 B 42ms
42ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=53787695609&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3FB1 171 B
552 B 169ms
95ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3FB1 142 B
1 KB 194ms
110ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

dfa6ebdd1bea800606406332dfae9b378fdf886a52a8c4caa877712bd5c4f40e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: b931ded1-b6a6-4289-bbc4-3dd29718ae25
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3FB1 0
172 B 41ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3FB1 171 B
552 B 171ms
98ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame A9B0 0
211 B 43ms
42ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=15807438563&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame A9B0 171 B
552 B 169ms
96ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:58 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame A9B0 0
172 B 41ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame A9B0 171 B
552 B 175ms
101ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A9B0 145 B
1 KB 191ms
106ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

aa9668a986f6ac03e7cd406457803eaa97fba3c44d9721578f457454d8f4505d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: 12578d2c-dc2b-4da1-b583-96f87528395c
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame A39C 171 B
557 B 236ms
99ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame A39C 171 B
552 B 255ms
98ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A39C 144 B
1 KB 203ms
116ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7d6306f01990b9dc08895d2b76f65d87ffd3aabd006aaac41f14dadcb94cf7e8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: 32f93666-745c-479c-bc17-a3a749b19a91
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame A39C 0
211 B 41ms
41ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=93965998193&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame A39C 0
172 B 42ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame C1BC 0
172 B 41ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C1BC 171 B
552 B 240ms
100ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame C1BC 0
211 B 41ms
40ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=27719479676&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C1BC 171 B
557 B 233ms
93ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C1BC 14 KB
6 KB 245ms
174ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

71fad0359873c92b0d4db09e6ffa666e73e888bb6e0fe00c1022099fa07164bd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: aa53af8a-9a48-4f42-8db9-66b53dd37350
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame AD2E 14 KB
6 KB 151ms
118ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7cba56d1cb925da4ad5fedcfdebe49cb432b8b30f22eda462027915c3e90e3fd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e1bfe3e1-26b3-4099-9683-44f1169ab9ce
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame AD2E 171 B
552 B 182ms
95ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame AD2E 0
172 B 41ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame AD2E 0
211 B 42ms
41ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=69782970466&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame AD2E 171 B
552 B 201ms
112ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 65A8 171 B
552 B 239ms
114ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 65A8 0
172 B 41ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 65A8 171 B
552 B 241ms
100ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 65A8 14 KB
6 KB 124ms
107ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9e6eb1a3edcc3d9621d752e31cc8a1a0c2a058b585ec3d4690b2d50099d3e38a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2e267c80-71bc-4d1a-97e9-54af202a010f
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 65A8 0
211 B 43ms
42ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=58489362431&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 46A8 14 KB
6 KB 178ms
114ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d7442d19163e678e160c7bde9d23d0c1fa1a23e3b374f81b199940516e36bfa2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6249d34f-ac59-4d59-a83a-ef0567ca80f3
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 46A8 0
172 B 42ms
42ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 46A8 171 B
552 B 239ms
103ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 46A8 0
211 B 41ms
41ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=93085580290&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0009 0
172 B 42ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0009 14 KB
6 KB 178ms
119ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

39cc97d615dab3f651c597e8f1969b7d115cd100e9cc2dd2c80f82436a290aaa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 256a3572-d765-45c5-a523-9dcb22c330d8
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0009 171 B
552 B 217ms
84ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0009 171 B
552 B 244ms
108ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 0009 0
211 B 41ms
40ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=5035375483&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C7BE 13 KB
6 KB 182ms
111ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b13d57d407073f40099a1262fb0cde00ea2743758bd99ad550d85f06b1038e07

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d7145c48-6328-4d02-b73a-b6065bd16c70
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C7BE 171 B
552 B 257ms
104ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame C7BE 0
172 B 42ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame C7BE 0
211 B 42ms
42ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=46039625006&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 62EF 0
211 B 42ms
42ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=20674754978&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 62EF 171 B
552 B 301ms
95ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 62EF 14 KB
7 KB 210ms
117ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d80f2ce34e7dd96170db904343a279d46172e2eddc2a4884213ecd33e5daedea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: eb45fbb1-c1f3-42d7-944f-f2dfa1f64146
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 62EF 0
172 B 42ms
42ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E3C2 171 B
552 B 306ms
102ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E3C2 0
211 B 42ms
41ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=43300886363&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E3C2 16 KB
7 KB 199ms
107ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2e0ee9b507f7af5cce2c5c4eab46d1e66b160987010579d59b5ebf6801bd47ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d4472523-439a-4fff-9f7e-b0243fda30c3
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame E3C2 0
172 B 42ms
42ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F0B9 171 B
552 B 303ms
98ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F0B9 0
172 B 42ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame F0B9 0
211 B 42ms
42ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=73204742942&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F0B9 13 KB
6 KB 222ms
107ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b3609bec7e3cd2bbb02ca11cfa728ba14c5612daf63155709419b29fe561a629

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6a2c8622-5dea-467f-a40a-840f8732ea2a
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 18DE 0
172 B 41ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Wed, 30 Nov 2022 02:54:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 18DE 16 KB
7 KB 273ms
133ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a53f4b8e4d6114dcbdec6e365995be3a70e3ce2c1a4780bf36d100edd95d51e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 72511ecf-12ff-4748-a3d8-69adc33558dc
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 18DE 171 B
552 B 293ms
91ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 18DE 0
211 B 42ms
41ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=905233953&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 149ms
58ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a41bcf1649d5434f11a8c1fe30b0894a9eaf3d0e8dccd70607ddb95f201213a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11027
x-xss-protection: 0

GET
H2 204 stats
x01.aidata.io/ Frame 88E9 0
40 B 79ms
76ms Image
text/plain 89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/stats?pixel=VIBOOM&v=1669776899327&url=https%3A%2F%2Ffriends.in.ua%2F&is_js_referrer=1&origin_referrer=&pid=VIBOOM&js=1&sid=c349642585e54c1cadeb1b0372035805&__upin=0cDhY2VAVZjp2AKGee2ovQ&id=3244e989c10efe3a56d586644102a1b7&url=https%3A%2F%2Ffriends.in.ua%2F&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22%22%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
server: nginx

GET
H2

204

0.gif
x01.aidata.io/ Frame 88E9
Redirect Chain

https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
433 B

133ms
76ms

Image
text/plain

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Protocol: H2
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:55:00 GMT
last-modified: Wed, 30 Nov 2022 02:54:59 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Wed, 30 Nov 2022 02:54:59 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Wed, 30 Nov 2022 02:54:59 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 pixel.js
x01.aidata.io/ Frame 88E9 21 KB
21 KB 79ms
77ms Image
application/javascript 89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=3244e989c10efe3a56d586644102a1b7&url=https%3A%2F%2Ffriends.in.ua%2F&v=1669776899679&is_js_referrer=1&es_name=GA&es_uid=1614074609.1669776898
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2022 02:54:58 GMT
server: nginx
access-control-allow-methods: GET, POST
content-type: application/javascript
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Wed, 30 Nov 2022 02:54:58 GMT

GET
H2 200 pixel.js
x01.aidata.io/ Frame 88E9 21 KB
21 KB 155ms
153ms Image
application/javascript 89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=3244e989c10efe3a56d586644102a1b7&url=https%3A%2F%2Ffriends.in.ua%2F&v=1669776899679&is_js_referrer=1&es_name=YM&es_uid=1669776899835718396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2022 02:54:58 GMT
server: nginx
access-control-allow-methods: GET, POST
content-type: application/javascript
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Wed, 30 Nov 2022 02:54:58 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame 9D9C 107 B
122 B 145ms
54ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=friends.in.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9D9C 107 B
122 B 142ms
53ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=friends.in.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9D9C 592 B
354 B 81ms
81ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=228924933139099&correlator=951456704299037&eid=31070880%2C31069101&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=21671350435%3A22643588514%2C300x600-friends.in.ua&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=651839845&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7d146bf171127471-2215cab500d80079%3AT%3D1669776898%3ART%3D1669776898%3AS%3DALNI_MbYLFymXo0mAINJ_p9qCMRxJZFcPw&gpic=UID%3D00000b8a460e3b0e%3AT%3D1669776898%3ART%3D1669776898%3AS%3DALNI_MbHsyl9zaw7emxfPI0RCK4H3CvRRg&abxe=1&dt=1669776899722&lmt=1669776899&dlt=1669776898867&idt=825&adxs=1115&adys=100&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=l5ryauoymjb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Ffriends.in.ua%2F&ref=https%3A%2F%2Ffriends.in.ua%2F&top=https%3A%2F%2Ffriends.in.ua%2F&frm=23&vis=1&psz=300x600&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1614074609.1669776898&ga_sid=1669776900&ga_hid=1498865024&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dbe4b69a88e5e505a117e1f210cfdd14aa6659c2792f30d27adc137f1dee48b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 323
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://friends.in.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9D9C 14 KB
11 KB 81ms
63ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f97b9b76fe7e193698abc5ca9c47dffdb6f8bb920fe7c2edc090135706930d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11064
x-xss-protection: 0

GET
H2 200 container.html Show response
8b7a89116670f110d5a2c37ac178b291.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 68C1 6 KB
3 KB 188ms
51ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8b7a89116670f110d5a2c37ac178b291.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 02:54:59 GMT
expires: Thu, 30 Nov 2023 02:54:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 4B17 1001 B
1 KB 178ms
64ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=179262378&apnauc=4330973731643758864&bidid=4330973731643758864&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPxCZLJaptRo8EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3STLOAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21BxoM8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2OTBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU2OTA=/bn=93402/clickenc=
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7306089c702f08b3cd35431f6b71ae089ab6b0a51a259884ede0f4905e570eaa

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 686
content-type: text/html;charset=utf-8
date: Wed, 30 Nov 2022 02:54:59 GMT
expires: Wed, 30 Nov 2022 02:54:59 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv09.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9377 52 KB
17 KB 108ms
32ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:54:59 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459174
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600055-LCY
X-Timer: S1669776900.870388,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 177D 0
819 B 156ms
52ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQkLKysZm1rY08GJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXja2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFkb0pqOXdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFk1TU9BRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBVzZMSkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhQnhvTTh3OmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVMk9UQkE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFCAIMTk1ODY5NTQBFQgFQ1ABFBQJMjgwMDVheDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYQQHN4kCAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDCoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjU2OTDaBAIIAeAEAfAEpXAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULwAAAANgFAeAFAfAFtiL6BQQIABAAkAYAmAYAogYPMTAyNjQjRlJBMTo1NjgwuAYAwQYBMjAAAPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQjZ8zkSgAFmUk0zSVZvQXPYREFBa0NCUUVJd2EtY0JoRHNnTTRCR1BlSXJ3SWdCeWdBUUlhbDN3UklqTnpwQkZEdkwxaXdMSH1BDEhnQWe1JWHirWUsSm9CQWdnQXFBRUFzLiAAOEEuLoAHAYgHAKAHAboHDwHgSBgAIAAwADiSCUAAyAfa2QXSBw01DQG-CNoHBgknbOAHAOoHAggA8Afa85UCiggCEACVCAAAgD-YCAE.&s=1d079dddbab5cec951d318ceed2132cb41452c61&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Ddljymeet%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Ddljymeet%26e%3D1731193540923&

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: 69557228-0b1b-4158-a3bb-e84c25207c51
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/230/ Frame 177D 80 KB
27 KB 213ms
59ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/230/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 09:56:48 GMT
Server: AkamaiNetStorage
ETag: "058fa2042959b529aeb940fcab36a18f:1668074208.514848"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27458
Expires: Thu, 30 Nov 2023 02:54:59 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 177D 0
819 B 203ms
49ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQkLKysZm1rY08GJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXja2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFkb0pqOXdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFk1TU9BRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBVzZMSkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhQnhvTTh3OmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVMk9UQkE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC9IEBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTY5MNoEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTY4MLgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI2fM5EoABZlJNM0lWb0FBQUFEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFpd0xIRUFBQUEpnAxIZ0FnlQ5By41OLEpvQkFnZ0FxQUVBcy4gAJhBLi6ABwGIBwCgBwG6Bw8IABAAGAAgADAAOJIJQADIB9rZBdIHDQkuvgAI2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=89b4ab2138563e602b701a3e202eedd76b3fa46b

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: 32d28683-0daf-4ed2-b062-9c05434ce6dd
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame 767F 120 KB
43 KB 102ms
32ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3ef4992026593e0ea951ba520ff9eca88a7ea12712aca5daba6c181031ac6ab4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires: Tue, 01 Nov 2022 05:37:33 GMT
Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 76268
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 42990
X-Served-By: cache-lga13622-LGA, cache-lcy-eglc8600046-LCY
Last-Modified: Wed, 12 Oct 2022 13:08:12 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1669776900.873238,VS0,VE0
ETag: W/"6346bc3c-1e1bd"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 25, 45146

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/230/ Frame 767F 80 KB
27 KB 205ms
60ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/230/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:54:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 09:56:48 GMT
Server: AkamaiNetStorage
ETag: "058fa2042959b529aeb940fcab36a18f:1668074208.514848"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27458
Expires: Thu, 30 Nov 2023 02:54:59 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 767F 0
819 B 203ms
53ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQlbv15bey79ZYGJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjt0ASAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFkWUpKLUFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFk0TmVBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBVzFMSkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhATGdHQ2cuLpoCmQEhQ3hvajk-YQI0SXV5bFFFZ0FDZ0FNWnEFb1xtZTBfT2dsR1VrRXhPalUyT0RWQTd5OUoRYgw4RDlSEQwMQUFCWh0MAGg5jQQ5cB0YAHgdDAg0QUkuaQL0gQE4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1Njg12gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFtiL6BQQIABAAkAYAmAYAogYPMTAyNjQjRlJBMTo2NjI5uAYAwQYAAAAAAADwP9AGqSXaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gaHAQjZ8zkSgAF1Uk0wTEZvQUFBQURBQWtDQlFFSXdhLWNCaERzZ000QkdQZUlyd0lnQnlnQVFJYWwzd1JJak56cEJGRHZMMWpsTTNFQUFBQSmcDEhnQWeVDkHLjU4sSm9CQWdnQXFBRUFzLiAAmEEuLoAHAYgHAKAHAboHDwgAEAAYACAAMAA4kglAAMgH7dAE0gcNCS6-AAjaBwYJJ2zgBwDqBwIIAPAH2vOVAooIAhAAlQgAAIA_mAgB&s=07774f07bef1bcfd76e348e0d8f4cd3a346edf73

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: 63ff1427-5bf3-4e42-a4a5-56de6d31a9d3
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9D9C 17 KB
7 KB 182ms
69ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 02:54:59 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 190ms
85ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 02:54:59 GMT

GET
H2 200 script.js Show response
dpjgrnd6i7dk0.cloudfront.net/ Frame 31CC 122 KB
43 KB 174ms
55ms Script
application/javascript 2600:9000:21f3:aa00:c:aa3e:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:aa00:c:aa3e:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99931e991971efe66806d488c78658151b87b00438fc26d0076faf8f14dc26fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: vRYv.apRlIaA9UVJkgb4hcSsvFTgXtLC
content-encoding: gzip
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
date: Wed, 30 Nov 2022 02:49:49 GMT
last-modified: Tue, 29 Nov 2022 19:13:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 329
etag: W/"339bdebb7e419191ebb7629600793392"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: mXfhibzFuXnrymxdQOMglP_AxpyvD1ZexhMLBzKSuu0JZUcETR88Lw==

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/230/ Frame 31CC 80 KB
27 KB 196ms
56ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/230/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:55:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 09:56:48 GMT
Server: AkamaiNetStorage
ETag: "058fa2042959b529aeb940fcab36a18f:1668074208.514848"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27458
Expires: Thu, 30 Nov 2023 02:55:00 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 31CC 0
819 B 142ms
48ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQrZ2YmYTnuc1kGJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjJ2wSAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFYWUwyNlFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGM0TnVBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV2FMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRFJxeDlBOmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM09EWkE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC9IEBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTc4NtoEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NjYxObgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI2fM5EoABcnhOZUtsb0FBQUFEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqYk0zRUFBQUEpnAxIZ0FnlQ5By41OLEpvQkFnZ0FxQUVBcy4gAJhBLi6ABwGIBwCgBwG6Bw8IABAAGAAgADAAOJIJQADIB8nbBNIHDQkuvgAI2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=5f9d209f40780a0ad8fe3dce2878c517cd60afc4

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: ec33409f-fa84-4902-a978-ab0c1997a0a3
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 0425 1002 B
1 KB 107ms
65ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1339246946&apnauc=8835985374899178223&bidid=8835985374899178223&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP--KaSfiuZ96EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAYCiMsQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Dxo89QiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU3Nzk=/bn=93375/clickenc=
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b910e0e5a876c0f9825c6716a7c58a89d7ad45bc4a6b05a9bdceacf91e2dce62

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 688
content-type: text/html;charset=utf-8
date: Wed, 30 Nov 2022 02:54:59 GMT
expires: Wed, 30 Nov 2022 02:54:59 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv01.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CD7F 52 KB
17 KB 75ms
32ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:54:59 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459175
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600055-LCY
X-Timer: S1669776900.908529,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 8AFD 0
819 B 81ms
48ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQ75Wmu6K87s96GJD6ya6H16fCVSo2CfrnANKd570_EazRc4enSbY_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi_2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFXSUtVNXdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGMzT2VBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV1RMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRHhvODlROmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM056bEE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFCAIMTk1ODY5NTQBFQgFQ1ABFBQJMjgwMDVheDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYQQHN4kCAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDCoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjU3NznaBAIIAeAEAfAEpXAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULwAAAANgFAeAFAfAFtiL6BQQIABAAkAYAmAYAogYPMTAyNjQjRlJBMTo1Njc2uAYAwQYBMjAAAPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQjZ8zkSgAFlUk43SUZvQXPYREFBa0NCUUVJd2EtY0JoRHNnTTRCR1BlSXJ3SWdCeWdBUUlhbDN3UklqTnpwQkZEdkwxaXNMSH1BDEhnQWe1JWHirWUsSm9CQWdnQXFBRUFzLiAAOEEuLoAHAYgHAKAHAboHDwHgSBgAIAAwADiSCUAAyAe_2QXSBw01DQG-CNoHBgknbOAHAOoHAggA8Afa85UCiggCEACVCAAAgD-YCAE.&s=44f3eacf574461ece3521d0be459feb33a159a72&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djgbdaqh%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djgbdaqh%26e%3D1731193540923&

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: b352d52a-debe-4d55-ba5e-49046bc7c76d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/230/ Frame 8AFD 80 KB
27 KB 248ms
53ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/230/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:55:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 09:56:48 GMT
Server: AkamaiNetStorage
ETag: "058fa2042959b529aeb940fcab36a18f:1668074208.514848"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27458
Expires: Thu, 30 Nov 2023 02:55:00 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 8AFD 0
819 B 142ms
51ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQ75Wmu6K87s96GJD6ya6H16fCVSo2CfrnANKd570_EazRc4enSbY_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi_2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFXSUtVNXdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGMzT2VBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV1RMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRHhvODlROmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM056bEE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC9IEBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTc3OdoEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTY3NrgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI2fM5EoABZVJON0lGb0FBQUFEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFpc0xIRUFBQUEpnAxIZ0FnlQ5By41OLEpvQkFnZ0FxQUVBcy4gAJhBLi6ABwGIBwCgBwG6Bw8IABAAGAAgADAAOJIJQADIB7_ZBdIHDQkuvgAI2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=5b938a6531ac1bab4a2ecc834c1416450aab7ae8

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: 29998074-552a-4553-89a8-59985e24b725
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 917A 1002 B
1 KB 171ms
142ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1916103205&apnauc=3512759897087487594&bidid=3512759897087487594&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP2ouI9eD1L8wEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAeyfnYwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Dhr39AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODdA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU3ODc=/bn=77251/clickenc=
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3968deba6550cabb10d3cd70508aac9c62e774f4f9f3759ec31b2572eb8aecf9

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 685
content-type: text/html;charset=utf-8
date: Wed, 30 Nov 2022 02:54:59 GMT
expires: Wed, 30 Nov 2022 02:54:59 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv05.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A903 52 KB
17 KB 87ms
32ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:54:59 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459552
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600021-LCY
X-Timer: S1669776900.935397,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 7D4A 0
819 B 65ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQ6tyMub2Q9d8wGJD6ya6H16fCVSo2CfrnANKd570_EazRc4enSbY_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjD2wSAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFYNEthNndpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGM0Ti1BRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV2JMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRGhyMzlBOmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM09EZEE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFCAIMTk1ODY5NTQBFQgFQ1ABFBQJMjgwMDVheDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYQQHN4kCAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDCoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjU3ODfaBAIIAeAEAfAEpXAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULwAAAANgFAeAFAfAFtiL6BQQIABAAkAYAmAYAogYPMTAyNjQjRlJBMTo1NDQ2uAYAwQYBMjAAAPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQjZ8zkSgAFrUlBsSkZvQXPYREFBa0NCUUVJd2EtY0JoRHNnTTRCR1BlSXJ3SWdCeWdBUUlhbDN3UklqTnpwQkZEdkwxakdLbn1BDEhnQWe1JWHiSGdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBIGAAgADAAOJIJQADIB8PbBNIHDTUNAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=3911cce3c478977a9c72ce3b1d1c86821689ce39&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dnzmqounkzh%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dnzmqounkzh%26e%3D1731193540923&

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: 2acb1ac7-e55e-487c-958a-a97ba667f4ca
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/230/ Frame 7D4A 80 KB
27 KB 235ms
54ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/230/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:55:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 09:56:48 GMT
Server: AkamaiNetStorage
ETag: "058fa2042959b529aeb940fcab36a18f:1668074208.514848"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27458
Expires: Thu, 30 Nov 2023 02:55:00 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 7D4A 0
819 B 132ms
52ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQ6tyMub2Q9d8wGJD6ya6H16fCVSo2CfrnANKd570_EazRc4enSbY_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjD2wSAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFYNEthNndpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGM0Ti1BRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV2JMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRGhyMzlBOmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM09EZEE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC9IEBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTc4N9oEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTQ0NrgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI2fM5EoABa1JQbEpGb0FBQUFEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqR0tuRUFBQUEpnAxIZ0FnlQ5By41OLEpvQkFnZ0FxQUVBcy4gAJhBLi6ABwGIBwCgBwG6Bw8IABAAGAAgADAAOJIJQADIB8PbBNIHDQkuvgAI2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=81a6c650e85b8b91bd530a98ac53997a70d36f40

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: 678e6c31-f44a-4e0c-90a5-0247864d292c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 6050 1002 B
1 KB 76ms
66ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1213994199&apnauc=1429007713963046450&bidid=1429007713963046450&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?qbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPzJ2D9Tx2tQTsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPycZOgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21CBpJ8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDhA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU0NDg=/bn=93254/clickenc=
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9820b7d1347a7ea25f9ce3892d6e4a63e97c1445e841b8aa9f9dd03c3d6e1594

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 687
content-type: text/html;charset=utf-8
date: Wed, 30 Nov 2022 02:54:59 GMT
expires: Wed, 30 Nov 2022 02:54:59 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv13.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E164 52 KB
17 KB 84ms
35ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:54:59 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459203
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600025-LCY
X-Timer: S1669776900.951228,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 026A 0
819 B 97ms
48ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQsuy9oJ3etuoTGLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjG2AWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCEtSUpleVFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVME5EamdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGeUNxUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhQ0JwSjh3OmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEGhBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iMg4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzZpjRzyAhIKBkNQRwEUCAgxOWl5ARUIBUNQARQUCTI4MDA1YXg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhBAc3iQIA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8KSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTQ0ONoEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAChvxTwP9IFCQkBCgEBuNgFAeAFAfAFtiL6BQQIABAAkAYAmAYAogYPMTAyNjQjRlJBMTo1MzIxuAYAwQYAATMsAPA_0AapJdoGFgoQBRAdAWAQABgA4AYB8gaHAQjZ8zkSgAFreE5FSlZvQXPgREFBa0NCUUVJd2EtY0JoRHNnTTRCR1BlSXJ3SWdCeWdBUUlhbDN3UklqTnpwQkZEdkwxakpLWEVBAT0FARBIZ0FnUR0QTElnQkFKQUJBSm9CQWdnQXFBRUFzLiAAOEEuLoAHAYgHAKAHAboHDwHgSBgAIAAwADiSCUAAyAfG2AXSBw01DQG-CNoHBgknbOAHAOoHAggA8Afa85UCiggCEACVCAAAgD-YCAE.&s=07ae2ded9e14129eee19a5a59b0fcf7158d85447&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dzpbms%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dzpbms%26e%3D1731193540923&

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: e97c024e-6100-4b42-b925-91ccccba451f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/230/ Frame 026A 80 KB
27 KB 218ms
53ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/230/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:55:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 09:56:48 GMT
Server: AkamaiNetStorage
ETag: "058fa2042959b529aeb940fcab36a18f:1668074208.514848"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27458
Expires: Thu, 30 Nov 2023 02:55:00 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 026A 0
819 B 209ms
48ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQsuy9oJ3etuoTGLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjG2AWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCEtSUpleVFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVME5EamdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGeUNxUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhQ0JwSjh3OmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEGhBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iPDJOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1NDQ42gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAIGoFPA_0gUJCQEKAQG42AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjUzMjG4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAWt4TkVKVm8hXOBEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqSktYRUEBPQUBEEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBIGAAgADAAOJIJQADIB8bYBdIHDTUNAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=a954cad40756c2ada5a531ddbb587c01fabd9871

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: f03e865f-9afa-406d-9ca5-10650dd25939
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9377 0
747 B 50ms
50ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:54:59 GMT
AN-X-Request-Uuid: be11d27d-92d2-42d1-9b40-6ff244fa2b2a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 220ms
110ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 30 Nov 2022 02:55:00 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H3 200 1a Show response
i.clean.gg/ Frame 767F 0
15 B 178ms
110ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 9841 1002 B
1 KB 65ms
64ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1642315745&apnauc=6389971887459229077&bidid=6389971887459229077&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP5VdvXyTva1YEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPiaFrQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Cxoj9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2ODVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU2ODU=/bn=75885/clickenc=
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 993397e159aa28663a5108b893117b27dee2a97ec2e2657d5f290fc7c5f9659c

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 688
content-type: text/html;charset=utf-8
date: Wed, 30 Nov 2022 02:54:59 GMT
expires: Wed, 30 Nov 2022 02:54:59 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv01.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5127 52 KB
17 KB 33ms
33ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=xlembrcyf&e=1731193540923
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:54:59 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459176
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600055-LCY
X-Timer: S1669776900.964346,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 767F 0
819 B 86ms
51ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQlbv15bey79ZYGJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjt0ASAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFkWUpKLUFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFk0TmVBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBVzFMSkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhATGdHQ2cuLpoCmQEhQ3hvajk-YQI0SXV5bFFFZ0FDZ0FNWnEFb1xtZTBfT2dsR1VrRXhPalUyT0RWQTd5OUoRYgw4RDlSEQwMQUFCWh0MAGg5jQQ5cB0YAHgdDAg0QUkuaQLwPjgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzY4MTM5NDPyAhIKBkNQRwEUIAgxOTU4Njk1NAEVCAVDUAEUFAkyODAwNWF4PPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFhBAc3iQIA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8IaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTY4NdoEAggB4AQB8ASlcCCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQvAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY2Mjm4BgDBBgEyMAAA8D_QBqkl2gYWChAJERkBYBAAGADgBgHyBocBCNnzORKAAXVSTTBMRm9Bc9hEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqbE0zfUEMSGdBZ7UlYeKtZSxKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBIGAAgADAAOJIJQADIB-3QBNIHDTUNAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=5e83b6d89564db431a8e42badce1d165388369a9&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dxlembrcyf%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dxlembrcyf%26e%3D1731193540923&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 501ef8ba-5a0c-4057-acf2-96c5266e8794
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 script.js Show response
dpjgrnd6i7dk0.cloudfront.net/ Frame E382 122 KB
43 KB 94ms
92ms Script
application/javascript 2600:9000:21f3:aa00:c:aa3e:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:aa00:c:aa3e:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99931e991971efe66806d488c78658151b87b00438fc26d0076faf8f14dc26fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: vRYv.apRlIaA9UVJkgb4hcSsvFTgXtLC
content-encoding: gzip
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
date: Wed, 30 Nov 2022 02:49:49 GMT
last-modified: Tue, 29 Nov 2022 19:13:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 329
etag: W/"339bdebb7e419191ebb7629600793392"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: aITxWt31qNUO_fQzyEXQNhsC3E_zjn0VDYijnS53-d4tKNiaFV_qyw==

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/230/ Frame E382 80 KB
27 KB 150ms
67ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/230/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:55:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 09:56:48 GMT
Server: AkamaiNetStorage
ETag: "058fa2042959b529aeb940fcab36a18f:1668074208.514848"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27458
Expires: Thu, 30 Nov 2023 02:55:00 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame E382 0
819 B 129ms
51ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQjbLX2rqI47wdGLKR1KadmZOpLyo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi4iAaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFHSU8yM0FpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pZMk1qWGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGNFRPUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhQmhyQzhnOmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEFZBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iPDJOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo2NjI12gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAIGoFPA_0gUJCQEKAQG42AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjUzMDO4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAWxSUE9KbG8hXOBEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z1VRSWFsM3dSSWpOenBCRkR2TDFpM0tYRUEBPQUBEEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBIGAAgADAAOJIJQADIB7iIBtIHDTUNAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=18cc2c11f94228615e11113678a588ecbfee3256

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 1633c32f-1071-482a-adda-1e40773f0354
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 2532 1002 B
1 KB 70ms
64ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1327386994&apnauc=6782563424760227056&bidid=6782563424760227056&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?qbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_DkY89_gSBesgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAhicqVwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Dhr19AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY1Nzk=/bn=99263/clickenc=
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2685c986f11c6c0917f2d4533d69c7a6dde27cf89fe27480697da378e7d48dc3

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 686
content-type: text/html;charset=utf-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 02:55:00 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv05.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F507 52 KB
17 KB 52ms
48ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:00 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459204
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600025-LCY
X-Timer: S1669776900.000132,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 2043 0
819 B 59ms
53ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLcGPQXAVwMAAADANYABQEIg4ybnAYQ8MmP-_yvoJBeGLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi_hwaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgL5DiFLcDMyUHdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwdXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pZMU56bmdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCcWdUUUJ3al9fX19fX18BBAw4QkVQAQgNAQh3RVkNCgUBCEFTRAUICQEIOEJLNiwAAHcJGAkBBEFUNlgAAFEyLAAERkkJJgkBBEFWNlgAAFc2LAAAZwkmCQEEQVc2WAAAYzYsAAA0CSYJAQxBWUFCCQoJAQhBWWc2EAAAWjogAABaOiAAAGE6IAAAYTogAABiOiAAAGI6IAAAYzogAABjOiAAAGQ6IAAAZDogAABlOiAAAGU6IAAAZjogAABmOiAACFlBQwn6CQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS5ZAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUp-gkBCEFZZzYQAABaOiAAAFo6IAAsYUFFXzd2cXlBYW9CMmgDBEd3OhAAADQ2EAAESEE6EAAASToQAABROhAAAFk6EAAAZzoQADqAAABIOoAAAEg6gAAMR0FCZgn0BQEId0dJOhAAAFE6EAAAWToQAJB5QkFrSXZ1b1JFTzdLb2cyNkJCa0k3UWdSdUI2RjYxRzRuajhapbUJAQBnASw8d1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQGQaUFXek01QUYyZk01bUFYVXJzV0ZBYWtGNkJONWtuVE43ai14QqHUWEtDVXgtZ193UVdabVpraEN4RGxQOGtGAUcgSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRGhyMTlBOn0HNEl1eWxRRWdBQ2dBTVpxBW8YbWUwX09nbN21FGxBN3k5ShFiDDhEOVIRDAxBQUJaHQwAaDmNBDlwHRgAeB0MDDRBSWs1eMg4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzYWqQgc8gISCgZDUEcBFCAIMTk1ODY5NTQBFQgFQ1ABFBQJMjgwMDUOlAg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhBAc3Fh4JAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDCoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjY1NznaBAIIAeAEAfAEEowKIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC8AAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTY4ObgGAMEGATIwAADwP9AGqSXaBhYKEAkRGQFgEAAYAOAGAfIGhwEI2fM5EoABaGhQZUlsb0Fz2ERBQWtDQlFFSXdhLWNCaERzZ000QkdQZUlyd0lnQnlnQVFJYWwzd1JJak56cEJGRHZMMWk1TEh9QRBIZ0FnUR0QTElnQkFKQUJBSm9CQWdnQXFBRUFzLiAAOEEuLoAHAYgHAKAHAboHDwHgSBgAIAAwADiSCUAAyAe_hwbSBw01DQG-CNoHBgknbOAHAOoHAggA8Afa85UCiggCEACVCAAAgD-YCAE.&s=5bd7cc94986678cc43cf666d224790087db78664&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dvxwnlotzh%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dvxwnlotzh%26e%3D1731193540923&

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 2ad609e8-c84f-4a03-b503-376734ee7b2c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/230/ Frame 2043 80 KB
27 KB 131ms
59ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/230/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:55:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 09:56:48 GMT
Server: AkamaiNetStorage
ETag: "058fa2042959b529aeb940fcab36a18f:1668074208.514848"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27458
Expires: Thu, 30 Nov 2023 02:55:00 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 2043 0
819 B 116ms
48ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLFFvQXAUULAAADANYABQEIg4ybnAYQ8MmP-_yvoJBeGLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi_hwaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgL5DiFLcDMyUHdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwdXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pZMU56bmdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCcWdUUUJ3al9fX19fX18BBAw4QkVQAQgNAQh3RVkNCgUBCEFTRAUICQEIOEJLNiwAAHcJGAkBBEFUNlgAAFEyLAAERkkJJgkBBEFWNlgAAFc2LAAAZwkmCQEEQVc2WAAAYzYsAAA0CSYJAQxBWUFCCQoJAQhBWWc2EAAAWjogAABaOiAAAGE6IAAAYTogAABiOiAAAGI6IAAAYzogAABjOiAAAGQ6IAAAZDogAABlOiAAAGU6IAAAZjogAABmOiAACFlBQwn6CQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS5ZAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUp-gkBCEFZZzYQAABaOiAAAFo6IAAsYUFFXzd2cXlBYW9CMmgDBEd3OhAAADQ2EAAESEE6EAAASToQAABROhAAAFk6EAAAZzoQADqAAABIOoAAAEg6gAAMR0FCZgn0BQEId0dJOhAAAFE6EAAAWToQAJB5QkFrSXZ1b1JFTzdLb2cyNkJCa0k3UWdSdUI2RjYxRzRuajhapbUJAQBnASw8d1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQGQaUFXek01QUYyZk01bUFYVXJzV0ZBYWtGNkJONWtuVE43ai14QqHUWEtDVXgtZ193UVdabVpraEN4RGxQOGtGAUcgSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRGhyMTlBOn0HNEl1eWxRRWdBQ2dBTVpxBW8YbWUwX09nbN21FGxBN3k5ShFiDDhEOVIRDAxBQUJaHQwAaDmNBDlwHRgAeB0MDDRBSWs1ePDXOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo2NTc52gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ642AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjU2ODm4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAWhoUGVJbG8hXNhEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFpNUxIXSoQSGdBZ1EdEExJZ0JBSkFCQUpvQkFnZ0FxQUVBcy4gADhBLi6ABwGIBwCgBwG6Bw8B4EwYACAAMAA4kglAAMgHv4cG0gcNCRHBAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=184385ccf9ee89d38048222c36fe8da299eff652

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: d5e788c6-b4de-4453-a8da-1a63b768a040
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 2F23 1001 B
1 KB 129ms
65ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=589645780&apnauc=9189975296556597488&bidid=9189975296556597488&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?qbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_AA33XXWYl_sgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAfidvUQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21_hmH8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDNA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMDM=/bn=93324/clickenc=
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7696327f0ec96becc9acfad250c264600a943253bb28dd0b6adc33b438b7d6e9

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 689
content-type: text/html;charset=utf-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 02:55:00 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv05.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 24F6 52 KB
17 KB 90ms
35ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:00 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459177
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600055-LCY
X-Timer: S1669776900.062039,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 584A 0
819 B 107ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLcGPQXAVwMAAADANYABQEIg4ybnAYQ8IH8rve61sR_GLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXiM2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgL5DiFGSjJ0N2dpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwdXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVek1EUGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCcWdUUUJ3al9fX19fX18BBAw4QkVQAQgNAQh3RVkNCgUBCEFTRAUICQEIOEJLNiwAAHcJGAkBBEFUNlgAAFEyLAAERkkJJgkBBEFWNlgAAFc2LAAAZwkmCQEEQVc2WAAAYzYsAAA0CSYJAQxBWUFCCQoJAQhBWWc2EAAAWjogAABaOiAAAGE6IAAAYTogAABiOiAAAGI6IAAAYzogAABjOiAAAGQ6IAAAZDogAABlOiAAAGU6IAAAZjogAABmOiAACFlBQwn6CQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS5ZAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUp-gkBCEFZZzYQAABaOiAAAFo6IAAsYUFFXzd2cXlBYW9CMmgDBEd3OhAAADQ2EAAESEE6EAAASToQAABROhAAAFk6EAAAZzoQADqAAABIOoAAAEg6gAAMR0FCZgn0BQEId0dJOhAAAFE6EAAAWToQAJB5QkFrSXZ1b1JFTzdLb2cyNkJCa0k3UWdSdUI2RjYxRzRuajhapbUJAQBnASw8d1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQGQaUFXM0taQUYyZk01bUFYVXJzV0ZBYWtGNkJONWtuVE43ai14QqHUWEtDVXgtZ193UVdabVpraEN4RGxQOGtGAUcgSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhX2htSDhBOn0HNEl1eWxRRWdBQ2dBTVpxBW8YbWUwX09nbN21FE5BN3k5ShFiDDhEOVIRDAxBQUJaHQwAaDmNBDlwHRgAeB0MDDRBSWs1eMg4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzYWqQgc8gISCgZDUEcBFCAIMTk1ODY5NTQBFQgFQ1ABFBQJMjgwMDUOlAg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhBAc3Fh4JAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDCoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjUzMDPaBAIIAeAEAfAEpfLuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAQzAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NjYxOLgGAMEGAAU1KPA_0AapJdoGFgoQBRAdAWAQABgA4AYB8gaHAQjZ8zkSgAFyaE12S2xvQXPYREFBa0NCUUVJd2EtY0JoRHNnTTRCR1BlSXJ3SWdCeWdBUUlhbDN3UklqTnpwQkZEdkwxamFNM31BEEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBMGAAgADAAOJIJQADIB4zZBdIHDQkRwQG-CNoHBgknbOAHAOoHAggA8Afa85UCiggCEACVCAAAgD-YCAE.&s=01a2b9c71b60573b6690921b4e9efc6283f7d878&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Ddercuczi%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Ddercuczi%26e%3D1731193540923&

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 3fe00b3a-50d8-42cb-9240-2621c79a613f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/230/ Frame 584A 80 KB
27 KB 165ms
66ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/230/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:55:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 09:56:48 GMT
Server: AkamaiNetStorage
ETag: "058fa2042959b529aeb940fcab36a18f:1668074208.514848"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27458
Expires: Thu, 30 Nov 2023 02:55:00 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 584A 0
819 B 103ms
47ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLFFvQXAUULAAADANYABQEIg4ybnAYQ8IH8rve61sR_GLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXiM2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgL5DiFGSjJ0N2dpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwdXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVek1EUGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCcWdUUUJ3al9fX19fX18BBAw4QkVQAQgNAQh3RVkNCgUBCEFTRAUICQEIOEJLNiwAAHcJGAkBBEFUNlgAAFEyLAAERkkJJgkBBEFWNlgAAFc2LAAAZwkmCQEEQVc2WAAAYzYsAAA0CSYJAQxBWUFCCQoJAQhBWWc2EAAAWjogAABaOiAAAGE6IAAAYTogAABiOiAAAGI6IAAAYzogAABjOiAAAGQ6IAAAZDogAABlOiAAAGU6IAAAZjogAABmOiAACFlBQwn6CQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS5ZAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUp-gkBCEFZZzYQAABaOiAAAFo6IAAsYUFFXzd2cXlBYW9CMmgDBEd3OhAAADQ2EAAESEE6EAAASToQAABROhAAAFk6EAAAZzoQADqAAABIOoAAAEg6gAAMR0FCZgn0BQEId0dJOhAAAFE6EAAAWToQAJB5QkFrSXZ1b1JFTzdLb2cyNkJCa0k3UWdSdUI2RjYxRzRuajhapbUJAQBnASw8d1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQGQaUFXM0taQUYyZk01bUFYVXJzV0ZBYWtGNkJONWtuVE43ai14QqHUWEtDVXgtZ193UVdabVpraEN4RGxQOGtGAUcgSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhX2htSDhBOn0HNEl1eWxRRWdBQ2dBTVpxBW8YbWUwX09nbN21FE5BN3k5ShFiDDhEOVIRDAxBQUJaHQwAaDmNBDlwHRgAeB0MDDRBSWs1ePDXOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1MzAz2gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ642AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY2MTi4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAXJoTXZLbG8hXNhEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqYU0zXSoQSGdBZ1EdEExJZ0JBSkFCQUpvQkFnZ0FxQUVBcy4gADhBLi6ABwGIBwCgBwG6Bw8B4EwYACAAMAA4kglAAMgHjNkF0gcNCRHBAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=4b8801da6e8ab92718a62262feea2e90cba38bcd

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 530889dc-6120-4f31-a2b4-a875372c0dc0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 4928 1001 B
1 KB 121ms
66ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=579218538&apnauc=2052072407904711172&bidid=2052072407904711172&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPwRyio77bHocsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyXxWwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21_RlD8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMjA=/bn=93174/clickenc=
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e27100bec2e2c92a30bbb640f069a6d7b0206fc6b63ce2e541acae1ac1cc215b

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 686
content-type: text/html;charset=utf-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 02:55:00 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv01.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C981 52 KB
17 KB 86ms
36ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:00 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459553
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600021-LCY
X-Timer: S1669776900.062661,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 79C6 0
819 B 99ms
47ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQhOSp9Lifm70cGLKR1KadmZOpLyo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXj21wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCE3SUtadlFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVek1qRGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGeUNtUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhX1JsRDhBOmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEEJBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iMg4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzZpjRzyAhIKBkNQRwEUCAgxOWl5ARUIBUNQARQUCTI4MDA1YXg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhBAc3iQIA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8IaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTMyMNoEAggB4AQB8ASlcCCIBQGYBQCgBf8RARQBwAUAyQWhvRwAAPA_0gUJCQkMwAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY2MTe4BgDBBgAFNyjwP9AGqSXaBhYKEAUQHQFgEAAYAOAGAfIGhwEI2fM5EoABclJNQUtsb0Fz4ERBQWtDQlFFSXdhLWNCaERzZ000QkdQZUlyd0lnQnlnQVFJYWwzd1JJak56cEJGRHZMMWpaTTNFQQE9BQEQSGdBZ1EdEExJZ0JBSkFCQUpvQkFnZ0FxQUVBcy4gADhBLi6ABwGIBwCgBwG6Bw8B4EgYACAAMAA4kglAAMgH9tcF0gcNNQ0BvgjaBwYJJ2zgBwDqBwIIAPAH2vOVAooIAhAAlQgAAIA_mAgB&s=3bb1fa549ee0fe7ce605df269ca4077f503289ed&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djhyrgzcc%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djhyrgzcc%26e%3D1731193540923&

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: cdf48b90-73cd-4bcc-933e-70e5f77bf9c2
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/230/ Frame 79C6 80 KB
27 KB 187ms
60ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/230/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:55:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 09:56:48 GMT
Server: AkamaiNetStorage
ETag: "058fa2042959b529aeb940fcab36a18f:1668074208.514848"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27458
Expires: Thu, 30 Nov 2023 02:55:00 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 79C6 0
819 B 152ms
46ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQhOSp9Lifm70cGLKR1KadmZOpLyo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXj21wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCE3SUtadlFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVek1qRGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGeUNtUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhX1JsRDhBOmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEEJBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iPDJOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1MzIw2gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAIGoFPA_0gUJCQEKAQG42AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY2MTe4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAXJSTUFLbG8hXOBEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqWk0zRUEBPQUBEEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBIGAAgADAAOJIJQADIB_bXBdIHDTUNAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=42e9cb668d53caccc9a70820be575430b472226b

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: d8b3d0be-de5c-4747-8d48-49e71ff22d96
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD7F 0
747 B 47ms
47ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: c921cef6-a05b-439c-a864-1176e13afcb0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A903 0
747 B 47ms
47ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 6027d5ea-509e-4641-beab-723af58fa06f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame 5A35 1 KB
843 B 90ms
90ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=4330973731643758864&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPxCZLJaptRo8EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3STLOAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21BxoM8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2OTBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU2OTA%3D%2Fbn%3D93402%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=4330973731643758864&_cb=179262378
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=179262378&apnauc=4330973731643758864&bidid=4330973731643758864&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPxCZLJaptRo8EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3STLOAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21BxoM8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2OTBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU2OTA=/bn=93402/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d4c2b6e5719585ff41149bb134b17c36cd68196409183835b4413801601e223

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=179262378&apnauc=4330973731643758864&bidid=4330973731643758864&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPxCZLJaptRo8EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3STLOAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21BxoM8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2OTBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU2OTA=/bn=93402/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 03:01:06 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv05.connextra.net

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame FBC3 1 KB
843 B 89ms
88ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=8835985374899178223&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP--KaSfiuZ96EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAYCiMsQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dxo89QiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3Nzk%3D%2Fbn%3D93375%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=8835985374899178223&_cb=1339246946
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1339246946&apnauc=8835985374899178223&bidid=8835985374899178223&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP--KaSfiuZ96EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAYCiMsQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Dxo89QiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU3Nzk=/bn=93375/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d4c2b6e5719585ff41149bb134b17c36cd68196409183835b4413801601e223

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1339246946&apnauc=8835985374899178223&bidid=8835985374899178223&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP--KaSfiuZ96EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAYCiMsQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Dxo89QiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU3Nzk=/bn=93375/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 03:01:06 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv01.connextra.net

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame CB68 1 KB
843 B 91ms
88ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=1429007713963046450&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPzJ2D9Tx2tQTsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPycZOgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21CBpJ8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDhA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU0NDg%3D%2Fbn%3D93254%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=1429007713963046450&_cb=1213994199
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1213994199&apnauc=1429007713963046450&bidid=1429007713963046450&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?qbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPzJ2D9Tx2tQTsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPycZOgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21CBpJ8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDhA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU0NDg=/bn=93254/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d4c2b6e5719585ff41149bb134b17c36cd68196409183835b4413801601e223

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1213994199&apnauc=1429007713963046450&bidid=1429007713963046450&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?qbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPzJ2D9Tx2tQTsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPycZOgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21CBpJ8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDhA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU0NDg=/bn=93254/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 03:01:06 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv05.connextra.net

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E164 0
747 B 47ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: c0834384-5e35-4d89-8754-5d5da7b59a70
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5127 0
747 B 47ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: c31ea7a6-df34-4b4c-97d0-b08ab5fdd945
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame FC35 1 KB
843 B 46ms
45ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=6389971887459229077&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP5VdvXyTva1YEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPiaFrQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Cxoj9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2ODVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU2ODU%3D%2Fbn%3D75885%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=6389971887459229077&_cb=1642315745
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1642315745&apnauc=6389971887459229077&bidid=6389971887459229077&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP5VdvXyTva1YEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPiaFrQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Cxoj9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2ODVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU2ODU=/bn=75885/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d4c2b6e5719585ff41149bb134b17c36cd68196409183835b4413801601e223

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1642315745&apnauc=6389971887459229077&bidid=6389971887459229077&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP5VdvXyTva1YEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPiaFrQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Cxoj9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2ODVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU2ODU=/bn=75885/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 03:01:06 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv01.connextra.net

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F507 0
747 B 48ms
47ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: e735c194-07d5-47b2-a183-b5484c3d2a9a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame 7998 1 KB
843 B 45ms
45ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=3512759897087487594&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP2ouI9eD1L8wEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAeyfnYwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dhr39AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODdA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3ODc%3D%2Fbn%3D77251%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=3512759897087487594&_cb=1916103205
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1916103205&apnauc=3512759897087487594&bidid=3512759897087487594&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP2ouI9eD1L8wEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAeyfnYwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Dhr39AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODdA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU3ODc=/bn=77251/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d4c2b6e5719585ff41149bb134b17c36cd68196409183835b4413801601e223

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1916103205&apnauc=3512759897087487594&bidid=3512759897087487594&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP2ouI9eD1L8wEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAeyfnYwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Dhr39AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODdA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU3ODc=/bn=77251/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 03:01:06 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv05.connextra.net

OPTIONS
H3 204 1a
i.clean.gg/ Frame 0
0 118ms
111ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 30 Nov 2022 02:55:00 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H3 200 1a Show response
i.clean.gg/ Frame 31CC 0
15 B 112ms
111ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: dpjgrnd6i7dk0.cloudfront.net
URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 10F1 999 B
1 KB 64ms
64ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=8136238&apnauc=7249360779036987053&bidid=7249360779036987053&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP60OJkM455pkEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yS9QgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21DRqx9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODZA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU3ODY=/bn=77257/clickenc=
Requested by: Host: dpjgrnd6i7dk0.cloudfront.net
URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 683dbc7ea360c52b4b65738f5f04f0e907532223b16509e8acfaa33f9c731ca5

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 687
content-type: text/html;charset=utf-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 02:55:00 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv01.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8D42 52 KB
17 KB 33ms
33ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=ojofxscs&e=1731193540923
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:00 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459178
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600055-LCY
X-Timer: S1669776900.244761,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 31CC 0
819 B 47ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQrZ2YmYTnuc1kGJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjJ2wSAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFYWUwyNlFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGM0TnVBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV2FMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRFJxeDlBOmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM09EWkE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFCAIMTk1ODY5NTQBFQgFQ1ABFBQJMjgwMDVheDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYQQHN4kCAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDCoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjU3ODbaBAIIAeAEAfAEpXAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULwAAAANgFAeAFAfAFtiL6BQQIABAAkAYAmAYAogYPMTAyNjQjRlJBMTo2NjE5uAYAwQYBMjAAAPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQjZ8zkSgAFyeE5lS2xvQXPYREFBa0NCUUVJd2EtY0JoRHNnTTRCR1BlSXJ3SWdCeWdBUUlhbDN3UklqTnpwQkZEdkwxamJNM31BDEhnQWe1JWHirWUsSm9CQWdnQXFBRUFzLiAAOEEuLoAHAYgHAKAHAboHDwHgSBgAIAAwADiSCUAAyAfJ2wTSBw01DQG-CNoHBgknbOAHAOoHAggA8Afa85UCiggCEACVCAAAgD-YCAE.&s=529c769e74203d1218195b590c2b68a37d2c0d61&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dojofxscs%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dojofxscs%26e%3D1731193540923&

Requested by

Host: dpjgrnd6i7dk0.cloudfront.net
URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: defe51a5-0f01-40fa-95e2-f449950a2661
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame 1D68 1 KB
843 B 45ms
45ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=6782563424760227056&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_DkY89_gSBesgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAhicqVwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dhr19AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1Nzk%3D%2Fbn%3D99263%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=6782563424760227056&_cb=1327386994
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1327386994&apnauc=6782563424760227056&bidid=6782563424760227056&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?qbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_DkY89_gSBesgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAhicqVwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Dhr19AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY1Nzk=/bn=99263/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d4c2b6e5719585ff41149bb134b17c36cd68196409183835b4413801601e223

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=1327386994&apnauc=6782563424760227056&bidid=6782563424760227056&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?qbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_DkY89_gSBesgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAhicqVwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21Dhr19AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY1Nzk=/bn=99263/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 03:01:06 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv05.connextra.net

OPTIONS
H3 204 1a
i.clean.gg/ Frame 0
0 111ms
110ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 30 Nov 2022 02:55:00 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H3 200 1a Show response
i.clean.gg/ Frame E382 0
15 B 111ms
111ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: dpjgrnd6i7dk0.cloudfront.net
URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame C5E7 1001 B
1 KB 66ms
64ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=838551019&apnauc=2123882921547127053&bidid=2123882921547127053&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPw3ZVatDjHkdsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yTcRwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21BhrC8giV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY2MjVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY2MjU=/bn=99384/clickenc=
Requested by: Host: dpjgrnd6i7dk0.cloudfront.net
URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 933b957669bcb1f3782b29e4e15b7fd5345b9e4dc2525ee6b5ba92e4dab41759

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 688
content-type: text/html;charset=utf-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 02:55:00 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv01.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B952 52 KB
17 KB 38ms
37ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=nfzrbozjr&e=1731193540923
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:00 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459554
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600021-LCY
X-Timer: S1669776900.265050,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame E382 0
819 B 47ms
47ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLADvQXAUAHAAADANYABQEIg4ybnAYQjbLX2rqI47wdGLKR1KadmZOpLyo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi4iAaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFHSU8yM0FpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pZMk1qWGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGNFRPUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhQmhyQzhnOmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEFZBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iMg4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzZpjRzyAhIKBkNQRwEUCAgxOWl5ARUIBUNQARQUCTI4MDA1YXg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhBAc3iQIA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8IaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NjYyNdoEAggB4AQB8ASlcCCIBQGYBQCgBf8RARQBwAUAyQWhvRwAAPA_0gUJCQkMwAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjUzMDO4BgDBBgAFNyjwP9AGqSXaBhYKEAUQHQFgEAAYAOAGAfIGhwEI2fM5EoABbFJQT0psb0Fz4ERBQWtDQlFFSXdhLWNCaERzZ000QkdQZUlyd0lnQnlnVVFJYWwzd1JJak56cEJGRHZMMWkzS1hFQQE9BQEQSGdBZ1EdEExJZ0JBSkFCQUpvQkFnZ0FxQUVBcy4gADhBLi6ABwGIBwCgBwG6Bw8B4EgYACAAMAA4kglAAMgHuIgG0gcNNQ0BvgjaBwYJJ2zgBwDqBwIIAPAH2vOVAooIAhAAlQgAAIA_mAgB&s=1f263cd8e5d4f6edbaea7a3a3f9366c9734ae325&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dnfzrbozjr%26e%3D1731193540923,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dnfzrbozjr%26e%3D1731193540923&

Requested by

Host: dpjgrnd6i7dk0.cloudfront.net
URL: https://dpjgrnd6i7dk0.cloudfront.net/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 17677914-dd28-4b71-95d5-deb19ad1fac8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 767F 0
836 B 47ms
47ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQlbv15bey79ZYGJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjt0ASAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFkWUpKLUFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFk0TmVBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBVzFMSkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhATGdHQ2cuLpoCmQEhQ3hvajk-YQI0SXV5bFFFZ0FDZ0FNWnEFb1xtZTBfT2dsR1VrRXhPalUyT0RWQTd5OUoRYgw4RDlSEQwMQUFCWh0MAGg5jQQ5cB0YAHgdDAg0QUkuaQL0gQE4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1Njg12gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFtiL6BQQIABAAkAYAmAYAogYPMTAyNjQjRlJBMTo2NjI5uAYAwQYAAAAAAADwP9AGqSXaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gaHAQjZ8zkSgAF1Uk0wTEZvQUFBQURBQWtDQlFFSXdhLWNCaERzZ000QkdQZUlyd0lnQnlnQVFJYWwzd1JJak56cEJGRHZMMWpsTTNFQUFBQSmcDEhnQWeVDkHLjU4sSm9CQWdnQXFBRUFzLiAAmEEuLoAHAYgHAKAHAboHDwgAEAAYACAAMAA4kglAAMgH7dAE0gcNCS6-AAjaBwYJJ2zgBwDqBwIIAPAH2vOVAooIAhAAlQgAAIA_mAgB&s=07774f07bef1bcfd76e348e0d8f4cd3a346edf73&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8690365381212449275&vd=ct~0|rr~0&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 630de6bb-c6be-469c-bb23-49320c7f57e4
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 177D 0
836 B 47ms
47ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQkLKysZm1rY08GJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXja2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFkb0pqOXdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFk1TU9BRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBVzZMSkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhQnhvTTh3OmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVMk9UQkE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC9IEBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTY5MNoEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTY4MLgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI2fM5EoABZlJNM0lWb0FBQUFEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFpd0xIRUFBQUEpnAxIZ0FnlQ5By41OLEpvQkFnZ0FxQUVBcy4gAJhBLi6ABwGIBwCgBwG6Bw8IABAAGAAgADAAOJIJQADIB9rZBdIHDQkuvgAI2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=89b4ab2138563e602b701a3e202eedd76b3fa46b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8690365381212449275&vd=ct~0|rr~0&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 9db5d08b-0e6d-43fd-9b64-555499c907ad
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5917 13 KB
5 KB 140ms
47ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 22659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 20:37:21 GMT
expires: Wed, 29 Nov 2023 20:37:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F023 783 B
1 KB 150ms
54ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47c2f59a968ceb9ca78459b70e957d32e92371066914cb33c4767a23455ba797

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qpeHUXmqOvrzcox5nb6tfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-qpeHUXmqOvrzcox5nb6tfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 02:55:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 24F6 0
747 B 47ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 47959561-f7e9-469b-9a96-60b967768092
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C981 0
747 B 51ms
50ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 32978351-cb9f-4b9b-99d0-df41ddf0432c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C70B 13 KB
5 KB 127ms
45ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 22659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 20:37:21 GMT
expires: Wed, 29 Nov 2023 20:37:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4B27 783 B
736 B 139ms
55ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f8b0e502861ff027dfd6e55813e7177da05e8f20eadbfcd7bf7401d5e4d58399

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Sum3ldKh0DGpdOgs79My6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Sum3ldKh0DGpdOgs79My6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 02:55:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame 2BA4 1 KB
843 B 47ms
45ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=9189975296556597488&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_AA33XXWYl_sgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAfidvUQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21_hmH8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDNA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMDM%3D%2Fbn%3D93324%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=9189975296556597488&_cb=589645780
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=589645780&apnauc=9189975296556597488&bidid=9189975296556597488&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?qbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_AA33XXWYl_sgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAfidvUQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21_hmH8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDNA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMDM=/bn=93324/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d4c2b6e5719585ff41149bb134b17c36cd68196409183835b4413801601e223

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=589645780&apnauc=9189975296556597488&bidid=9189975296556597488&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?qbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_AA33XXWYl_sgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAfidvUQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21_hmH8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDNA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMDM=/bn=93324/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 03:01:06 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv05.connextra.net

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame 5A35 4 KB
2 KB 50ms
50ms Script
application/x-javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=4330973731643758864&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPxCZLJaptRo8EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3STLOAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21BxoM8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2OTBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU2OTA%3D%2Fbn%3D93402%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=4330973731643758864&_cb=179262378
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=4330973731643758864&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPxCZLJaptRo8EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3STLOAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21BxoM8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2OTBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU2OTA%3D%2Fbn%3D93402%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=4330973731643758864&_cb=179262378
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame A685 1 KB
843 B 48ms
48ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2052072407904711172&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPwRyio77bHocsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyXxWwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21_RlD8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMjA%3D%2Fbn%3D93174%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=2052072407904711172&_cb=579218538
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=579218538&apnauc=2052072407904711172&bidid=2052072407904711172&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPwRyio77bHocsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyXxWwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21_RlD8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMjA=/bn=93174/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d4c2b6e5719585ff41149bb134b17c36cd68196409183835b4413801601e223

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=579218538&apnauc=2052072407904711172&bidid=2052072407904711172&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPwRyio77bHocsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyXxWwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21_RlD8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMjA=/bn=93174/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 03:01:06 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv05.connextra.net

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame FBC3 4 KB
2 KB 46ms
46ms Script
application/x-javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=8835985374899178223&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP--KaSfiuZ96EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAYCiMsQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dxo89QiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3Nzk%3D%2Fbn%3D93375%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=8835985374899178223&_cb=1339246946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=8835985374899178223&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP--KaSfiuZ96EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAYCiMsQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dxo89QiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3Nzk%3D%2Fbn%3D93375%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=8835985374899178223&_cb=1339246946
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame FC35 4 KB
2 KB 46ms
45ms Script
application/x-javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=6389971887459229077&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP5VdvXyTva1YEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPiaFrQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Cxoj9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2ODVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU2ODU%3D%2Fbn%3D75885%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=6389971887459229077&_cb=1642315745
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=6389971887459229077&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP5VdvXyTva1YEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPiaFrQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Cxoj9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2ODVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU2ODU%3D%2Fbn%3D75885%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=6389971887459229077&_cb=1642315745
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame CB68 4 KB
2 KB 47ms
46ms Script
application/x-javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=1429007713963046450&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPzJ2D9Tx2tQTsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPycZOgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21CBpJ8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDhA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU0NDg%3D%2Fbn%3D93254%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=1429007713963046450&_cb=1213994199
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=1429007713963046450&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPzJ2D9Tx2tQTsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPycZOgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21CBpJ8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDhA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU0NDg%3D%2Fbn%3D93254%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=1429007713963046450&_cb=1213994199
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame 7998 4 KB
2 KB 46ms
45ms Script
application/x-javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=3512759897087487594&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP2ouI9eD1L8wEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAeyfnYwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dhr39AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODdA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3ODc%3D%2Fbn%3D77251%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=3512759897087487594&_cb=1916103205
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=3512759897087487594&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP2ouI9eD1L8wEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAeyfnYwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dhr39AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODdA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3ODc%3D%2Fbn%3D77251%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=3512759897087487594&_cb=1916103205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame 1D68 4 KB
2 KB 46ms
45ms Script
application/x-javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=6782563424760227056&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_DkY89_gSBesgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAhicqVwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dhr19AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1Nzk%3D%2Fbn%3D99263%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=6782563424760227056&_cb=1327386994
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=6782563424760227056&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_DkY89_gSBesgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAhicqVwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dhr19AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1Nzk%3D%2Fbn%3D99263%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=6782563424760227056&_cb=1327386994
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 8AFD 0
836 B 47ms
46ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQ75Wmu6K87s96GJD6ya6H16fCVSo2CfrnANKd570_EazRc4enSbY_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi_2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFXSUtVNXdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGMzT2VBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV1RMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRHhvODlROmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM056bEE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC9IEBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTc3OdoEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTY3NrgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI2fM5EoABZVJON0lGb0FBQUFEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFpc0xIRUFBQUEpnAxIZ0FnlQ5By41OLEpvQkFnZ0FxQUVBcy4gAJhBLi6ABwGIBwCgBwG6Bw8IABAAGAAgADAAOJIJQADIB7_ZBdIHDQkuvgAI2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=5b938a6531ac1bab4a2ecc834c1416450aab7ae8&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8690365381212449275&vd=ct~0|rr~0&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 04b4d369-86be-4cc6-afac-7f4e6ee2e943
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 7D4A 0
836 B 47ms
46ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQ6tyMub2Q9d8wGJD6ya6H16fCVSo2CfrnANKd570_EazRc4enSbY_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjD2wSAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFYNEthNndpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGM0Ti1BRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV2JMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRGhyMzlBOmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM09EZEE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC9IEBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTc4N9oEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTQ0NrgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI2fM5EoABa1JQbEpGb0FBQUFEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqR0tuRUFBQUEpnAxIZ0FnlQ5By41OLEpvQkFnZ0FxQUVBcy4gAJhBLi6ABwGIBwCgBwG6Bw8IABAAGAAgADAAOJIJQADIB8PbBNIHDQkuvgAI2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=81a6c650e85b8b91bd530a98ac53997a70d36f40&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8690365381212449275&vd=ct~0|rr~0&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: dda28763-c7bb-4edc-828f-17ab7e87eef1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 026A 0
836 B 47ms
46ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQsuy9oJ3etuoTGLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjG2AWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCEtSUpleVFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVME5EamdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGeUNxUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhQ0JwSjh3OmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEGhBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iPDJOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1NDQ42gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAIGoFPA_0gUJCQEKAQG42AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjUzMjG4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAWt4TkVKVm8hXOBEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqSktYRUEBPQUBEEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBIGAAgADAAOJIJQADIB8bYBdIHDTUNAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=a954cad40756c2ada5a531ddbb587c01fabd9871&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8690365381212449275&vd=ct~0|rr~0&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 3d11bbe1-0648-4c25-9d65-8e2b2537fe09
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 2043 0
836 B 47ms
46ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLFFvQXAUULAAADANYABQEIg4ybnAYQ8MmP-_yvoJBeGLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi_hwaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgL5DiFLcDMyUHdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwdXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pZMU56bmdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCcWdUUUJ3al9fX19fX18BBAw4QkVQAQgNAQh3RVkNCgUBCEFTRAUICQEIOEJLNiwAAHcJGAkBBEFUNlgAAFEyLAAERkkJJgkBBEFWNlgAAFc2LAAAZwkmCQEEQVc2WAAAYzYsAAA0CSYJAQxBWUFCCQoJAQhBWWc2EAAAWjogAABaOiAAAGE6IAAAYTogAABiOiAAAGI6IAAAYzogAABjOiAAAGQ6IAAAZDogAABlOiAAAGU6IAAAZjogAABmOiAACFlBQwn6CQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS5ZAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUp-gkBCEFZZzYQAABaOiAAAFo6IAAsYUFFXzd2cXlBYW9CMmgDBEd3OhAAADQ2EAAESEE6EAAASToQAABROhAAAFk6EAAAZzoQADqAAABIOoAAAEg6gAAMR0FCZgn0BQEId0dJOhAAAFE6EAAAWToQAJB5QkFrSXZ1b1JFTzdLb2cyNkJCa0k3UWdSdUI2RjYxRzRuajhapbUJAQBnASw8d1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQGQaUFXek01QUYyZk01bUFYVXJzV0ZBYWtGNkJONWtuVE43ai14QqHUWEtDVXgtZ193UVdabVpraEN4RGxQOGtGAUcgSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRGhyMTlBOn0HNEl1eWxRRWdBQ2dBTVpxBW8YbWUwX09nbN21FGxBN3k5ShFiDDhEOVIRDAxBQUJaHQwAaDmNBDlwHRgAeB0MDDRBSWs1ePDXOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo2NTc52gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ642AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjU2ODm4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAWhoUGVJbG8hXNhEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFpNUxIXSoQSGdBZ1EdEExJZ0JBSkFCQUpvQkFnZ0FxQUVBcy4gADhBLi6ABwGIBwCgBwG6Bw8B4EwYACAAMAA4kglAAMgHv4cG0gcNCRHBAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=184385ccf9ee89d38048222c36fe8da299eff652&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8690365381212449275&vd=ct~0|rr~0&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 4c40dfdd-20ee-43ab-8852-bc2222c125cd
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 584A 0
836 B 46ms
46ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLFFvQXAUULAAADANYABQEIg4ybnAYQ8IH8rve61sR_GLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXiM2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgL5DiFGSjJ0N2dpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwdXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVek1EUGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCcWdUUUJ3al9fX19fX18BBAw4QkVQAQgNAQh3RVkNCgUBCEFTRAUICQEIOEJLNiwAAHcJGAkBBEFUNlgAAFEyLAAERkkJJgkBBEFWNlgAAFc2LAAAZwkmCQEEQVc2WAAAYzYsAAA0CSYJAQxBWUFCCQoJAQhBWWc2EAAAWjogAABaOiAAAGE6IAAAYTogAABiOiAAAGI6IAAAYzogAABjOiAAAGQ6IAAAZDogAABlOiAAAGU6IAAAZjogAABmOiAACFlBQwn6CQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS5ZAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUp-gkBCEFZZzYQAABaOiAAAFo6IAAsYUFFXzd2cXlBYW9CMmgDBEd3OhAAADQ2EAAESEE6EAAASToQAABROhAAAFk6EAAAZzoQADqAAABIOoAAAEg6gAAMR0FCZgn0BQEId0dJOhAAAFE6EAAAWToQAJB5QkFrSXZ1b1JFTzdLb2cyNkJCa0k3UWdSdUI2RjYxRzRuajhapbUJAQBnASw8d1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQGQaUFXM0taQUYyZk01bUFYVXJzV0ZBYWtGNkJONWtuVE43ai14QqHUWEtDVXgtZ193UVdabVpraEN4RGxQOGtGAUcgSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhX2htSDhBOn0HNEl1eWxRRWdBQ2dBTVpxBW8YbWUwX09nbN21FE5BN3k5ShFiDDhEOVIRDAxBQUJaHQwAaDmNBDlwHRgAeB0MDDRBSWs1ePDXOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1MzAz2gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ642AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY2MTi4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAXJoTXZLbG8hXNhEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqYU0zXSoQSGdBZ1EdEExJZ0JBSkFCQUpvQkFnZ0FxQUVBcy4gADhBLi6ABwGIBwCgBwG6Bw8B4EwYACAAMAA4kglAAMgHjNkF0gcNCRHBAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=4b8801da6e8ab92718a62262feea2e90cba38bcd&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8690365381212449275&vd=ct~0|rr~0&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 3696e356-b7a4-450b-80b0-eaad1aa4be86
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8D42 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: bf867f11-11aa-41f7-aa02-15e3050b7f4f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame 2BA4 4 KB
2 KB 69ms
69ms Script
application/x-javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=9189975296556597488&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_AA33XXWYl_sgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAfidvUQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21_hmH8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDNA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMDM%3D%2Fbn%3D93324%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=9189975296556597488&_cb=589645780
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=9189975296556597488&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_AA33XXWYl_sgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAfidvUQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21_hmH8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDNA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMDM%3D%2Fbn%3D93324%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=9189975296556597488&_cb=589645780
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B952 0
747 B 52ms
51ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: ec2ae743-d7b9-466c-8a0b-0dd8c48b93b8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame A685 4 KB
2 KB 57ms
55ms Script
application/x-javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2052072407904711172&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPwRyio77bHocsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyXxWwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21_RlD8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMjA%3D%2Fbn%3D93174%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=2052072407904711172&_cb=579218538
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2052072407904711172&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPwRyio77bHocsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyXxWwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21_RlD8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMjA%3D%2Fbn%3D93174%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=2052072407904711172&_cb=579218538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame 2EEA 1 KB
843 B 52ms
52ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=7249360779036987053&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP60OJkM455pkEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yS9QgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21DRqx9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODZA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3ODY%3D%2Fbn%3D77257%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=7249360779036987053&_cb=8136238
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=8136238&apnauc=7249360779036987053&bidid=7249360779036987053&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP60OJkM455pkEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yS9QgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21DRqx9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODZA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU3ODY=/bn=77257/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d4c2b6e5719585ff41149bb134b17c36cd68196409183835b4413801601e223

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=8136238&apnauc=7249360779036987053&bidid=7249360779036987053&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP60OJkM455pkEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yS9QgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21DRqx9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODZA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU3ODY=/bn=77257/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 03:01:06 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv05.connextra.net

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame DB2E 1 KB
843 B 59ms
59ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2123882921547127053&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPw3ZVatDjHkdsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yTcRwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21BhrC8giV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY2MjVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY2MjU%3D%2Fbn%3D99384%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=2123882921547127053&_cb=838551019
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=838551019&apnauc=2123882921547127053&bidid=2123882921547127053&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPw3ZVatDjHkdsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yTcRwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21BhrC8giV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY2MjVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY2MjU=/bn=99384/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d4c2b6e5719585ff41149bb134b17c36cd68196409183835b4413801601e223

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_UK_300x600&_cb=838551019&apnauc=2123882921547127053&bidid=2123882921547127053&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?b3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPw3ZVatDjHkdsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yTcRwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21BhrC8giV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY2MjVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY2MjU=/bn=99384/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Wed, 30 Nov 2022 02:55:00 GMT
expires: Wed, 30 Nov 2022 03:01:06 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv05.connextra.net

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 79C6 0
836 B 46ms
46ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQhOSp9Lifm70cGLKR1KadmZOpLyo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXj21wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCE3SUtadlFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVek1qRGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGeUNtUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhX1JsRDhBOmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEEJBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iPDJOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1MzIw2gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAIGoFPA_0gUJCQEKAQG42AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY2MTe4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAXJSTUFLbG8hXOBEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqWk0zRUEBPQUBEEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBIGAAgADAAOJIJQADIB_bXBdIHDTUNAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=42e9cb668d53caccc9a70820be575430b472226b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8690365381212449275&vd=ct~0|rr~0&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 613ee228-2a8c-4c9e-bd48-2d358b13a723
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 31CC 0
836 B 49ms
49ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQrZ2YmYTnuc1kGJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjJ2wSAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFYWUwyNlFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGM0TnVBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV2FMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRFJxeDlBOmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM09EWkE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC9IEBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTc4NtoEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NjYxObgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI2fM5EoABcnhOZUtsb0FBQUFEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqYk0zRUFBQUEpnAxIZ0FnlQ5By41OLEpvQkFnZ0FxQUVBcy4gAJhBLi6ABwGIBwCgBwG6Bw8IABAAGAAgADAAOJIJQADIB8nbBNIHDQkuvgAI2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=5f9d209f40780a0ad8fe3dce2878c517cd60afc4&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8690365381212449275&vd=ct~0|rr~0&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 274c2eec-66a4-48d4-aea7-451b1870c38a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame E382 0
836 B 47ms
46ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQjbLX2rqI47wdGLKR1KadmZOpLyo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi4iAaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFHSU8yM0FpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pZMk1qWGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGNFRPUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhQmhyQzhnOmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEFZBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iPDJOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo2NjI12gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAIGoFPA_0gUJCQEKAQG42AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjUzMDO4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAWxSUE9KbG8hXOBEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z1VRSWFsM3dSSWpOenBCRkR2TDFpM0tYRUEBPQUBEEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBIGAAgADAAOJIJQADIB7iIBtIHDTUNAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=18cc2c11f94228615e11113678a588ecbfee3256&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8690365381212449275&vd=ct~0|rr~0&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: 6fbe3c99-0dde-4e8b-9737-a19c3e075b3a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame 2EEA 4 KB
2 KB 46ms
45ms Script
application/x-javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=7249360779036987053&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP60OJkM455pkEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yS9QgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21DRqx9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODZA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3ODY%3D%2Fbn%3D77257%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=7249360779036987053&_cb=8136238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=7249360779036987053&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP60OJkM455pkEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yS9QgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21DRqx9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODZA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3ODY%3D%2Fbn%3D77257%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=7249360779036987053&_cb=8136238
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/ Frame 5A35 155 KB
156 KB 111ms
110ms Image
image/png 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=4330973731643758864&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPxCZLJaptRo8EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3STLOAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21BxoM8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2OTBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU2OTA%3D%2Fbn%3D93402%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=4330973731643758864&_cb=179262378
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7819f04e6ac36af9f11955899c4c6696bb54222dbacc89aad32307b113de5980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=4330973731643758864&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPxCZLJaptRo8EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3STLOAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21BxoM8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2OTBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU2OTA%3D%2Fbn%3D93402%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=4330973731643758864&_cb=179262378
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
last-modified: Wed, 16 Nov 2022 14:39:36 GMT
accept-ranges: bytes
etag: W/"159122-1668609576000"
content-length: 159122
content-type: image/png

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/ Frame FC35 155 KB
156 KB 76ms
76ms Image
image/png 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=6389971887459229077&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP5VdvXyTva1YEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPiaFrQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Cxoj9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2ODVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU2ODU%3D%2Fbn%3D75885%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=6389971887459229077&_cb=1642315745
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7819f04e6ac36af9f11955899c4c6696bb54222dbacc89aad32307b113de5980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=6389971887459229077&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP5VdvXyTva1YEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPiaFrQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Cxoj9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU2ODVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU2ODU%3D%2Fbn%3D75885%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=6389971887459229077&_cb=1642315745
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
last-modified: Wed, 16 Nov 2022 14:39:36 GMT
accept-ranges: bytes
etag: W/"159122-1668609576000"
content-length: 159122
content-type: image/png

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/ Frame 7998 155 KB
156 KB 198ms
198ms Image
image/png 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=3512759897087487594&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP2ouI9eD1L8wEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAeyfnYwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dhr39AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODdA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3ODc%3D%2Fbn%3D77251%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=3512759897087487594&_cb=1916103205
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7819f04e6ac36af9f11955899c4c6696bb54222dbacc89aad32307b113de5980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=3512759897087487594&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP2ouI9eD1L8wEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAeyfnYwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dhr39AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODdA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3ODc%3D%2Fbn%3D77251%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=3512759897087487594&_cb=1916103205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
last-modified: Wed, 16 Nov 2022 14:39:36 GMT
accept-ranges: bytes
etag: W/"159122-1668609576000"
content-length: 159122
content-type: image/png

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/ Frame FBC3 155 KB
156 KB 198ms
198ms Image
image/png 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=8835985374899178223&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP--KaSfiuZ96EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAYCiMsQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dxo89QiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3Nzk%3D%2Fbn%3D93375%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=8835985374899178223&_cb=1339246946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7819f04e6ac36af9f11955899c4c6696bb54222dbacc89aad32307b113de5980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=8835985374899178223&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F-ucA0p3nvT-s0XOHp0m2PwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP--KaSfiuZ96EH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAYCiMsQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dxo89QiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3Nzk%3D%2Fbn%3D93375%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=8835985374899178223&_cb=1339246946
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
last-modified: Wed, 16 Nov 2022 14:39:36 GMT
accept-ranges: bytes
etag: W/"159122-1668609576000"
content-length: 159122
content-type: image/png

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/ Frame CB68 155 KB
156 KB 198ms
198ms Image
image/png 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=1429007713963046450&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPzJ2D9Tx2tQTsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPycZOgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21CBpJ8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDhA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU0NDg%3D%2Fbn%3D93254%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=1429007713963046450&_cb=1213994199
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7819f04e6ac36af9f11955899c4c6696bb54222dbacc89aad32307b113de5980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=1429007713963046450&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPzJ2D9Tx2tQTsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPycZOgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21CBpJ8wiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDhA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU0NDg%3D%2Fbn%3D93254%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=1429007713963046450&_cb=1213994199
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
last-modified: Wed, 16 Nov 2022 14:39:36 GMT
accept-ranges: bytes
etag: W/"159122-1668609576000"
content-length: 159122
content-type: image/png

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/ Frame 1D68 155 KB
156 KB 141ms
140ms Image
image/png 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=6782563424760227056&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_DkY89_gSBesgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAhicqVwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dhr19AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1Nzk%3D%2Fbn%3D99263%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=6782563424760227056&_cb=1327386994
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7819f04e6ac36af9f11955899c4c6696bb54222dbacc89aad32307b113de5980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=6782563424760227056&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_DkY89_gSBesgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAhicqVwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21Dhr19AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NzlA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1Nzk%3D%2Fbn%3D99263%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=6782563424760227056&_cb=1327386994
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
last-modified: Wed, 16 Nov 2022 14:39:36 GMT
accept-ranges: bytes
etag: W/"159122-1668609576000"
content-length: 159122
content-type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F023 0
0 79ms
79ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=228924933139099&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4B27 0
0 111ms
111ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3793529583876169&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame DB2E 4 KB
2 KB 46ms
46ms Script
application/x-javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2123882921547127053&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPw3ZVatDjHkdsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yTcRwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21BhrC8giV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY2MjVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY2MjU%3D%2Fbn%3D99384%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=2123882921547127053&_cb=838551019
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2123882921547127053&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPw3ZVatDjHkdsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yTcRwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21BhrC8giV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY2MjVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY2MjU%3D%2Fbn%3D99384%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=2123882921547127053&_cb=838551019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/ Frame 2BA4 155 KB
156 KB 207ms
206ms Image
image/png 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=9189975296556597488&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_AA33XXWYl_sgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAfidvUQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21_hmH8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDNA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMDM%3D%2Fbn%3D93324%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=9189975296556597488&_cb=589645780
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7819f04e6ac36af9f11955899c4c6696bb54222dbacc89aad32307b113de5980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=9189975296556597488&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fqbom_36Psj_qgc0qfKqrPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP_AA33XXWYl_sgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAfidvUQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21_hmH8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDNA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMDM%3D%2Fbn%3D93324%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=9189975296556597488&_cb=589645780
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
last-modified: Wed, 16 Nov 2022 14:39:36 GMT
accept-ranges: bytes
etag: W/"159122-1668609576000"
content-length: 159122
content-type: image/png

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/ Frame A685 155 KB
156 KB 207ms
207ms Image
image/png 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2052072407904711172&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPwRyio77bHocsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyXxWwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21_RlD8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMjA%3D%2Fbn%3D93174%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=2052072407904711172&_cb=579218538
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7819f04e6ac36af9f11955899c4c6696bb54222dbacc89aad32307b113de5980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2052072407904711172&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPwRyio77bHocsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyXxWwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21_RlD8AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjBA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMjA%3D%2Fbn%3D93174%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=2052072407904711172&_cb=579218538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
last-modified: Wed, 16 Nov 2022 14:39:36 GMT
accept-ranges: bytes
etag: W/"159122-1668609576000"
content-length: 159122
content-type: image/png

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame C70B 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 21:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 21:10:10 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5917 36 KB
16 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 21:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 21:10:10 GMT

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/ Frame 2EEA 155 KB
156 KB 125ms
125ms Image
image/png 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=7249360779036987053&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP60OJkM455pkEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yS9QgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21DRqx9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODZA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3ODY%3D%2Fbn%3D77257%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=7249360779036987053&_cb=8136238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7819f04e6ac36af9f11955899c4c6696bb54222dbacc89aad32307b113de5980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=7249360779036987053&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTP60OJkM455pkEH3SdbiehFUDxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yS9QgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21DRqx9AiV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU3ODZA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU3ODY%3D%2Fbn%3D77257%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=7249360779036987053&_cb=8136238
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
last-modified: Wed, 16 Nov 2022 14:39:36 GMT
accept-ranges: bytes
etag: W/"159122-1668609576000"
content-length: 159122
content-type: image/png

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/ Frame DB2E 155 KB
156 KB 133ms
132ms Image
image/png 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/UK_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2123882921547127053&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPw3ZVatDjHkdsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yTcRwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21BhrC8giV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY2MjVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY2MjU%3D%2Fbn%3D99384%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=2123882921547127053&_cb=838551019
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7819f04e6ac36af9f11955899c4c6696bb54222dbacc89aad32307b113de5980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_UK_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2123882921547127053&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fb3RvRYlXtj8yccCQtqawPwAAAADXo8A_ZOKA5WJ2zT_AlezYCMTTPw3ZVatDjHkdsgjV1MlMUi8DxoZjAAAAAArsSwEYKAAAmBwAAAIAAAAlubsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA_yTcRwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21BhrC8giV4IIaEKXy7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY2MjVA7y9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY2MjU%3D%2Fbn%3D99384%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_UK_300x600&bidid=2123882921547127053&_cb=838551019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
last-modified: Wed, 16 Nov 2022 14:39:36 GMT
accept-ranges: bytes
etag: W/"159122-1668609576000"
content-length: 159122
content-type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C70B 0
10 B 45ms
44ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ImldVQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5917 0
10 B 44ms
44ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oaz4mw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9377 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:00 GMT
AN-X-Request-Uuid: b8dd53d0-10ed-48fb-9b9b-26027a74bedd
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD7F 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: cc222c93-d7df-47a2-b4b6-39a4cd2e5ea1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A903 0
747 B 49ms
49ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: a59e54e7-53b4-4e1c-a077-86ec85907a4d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E164 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: 00259cf2-717f-4b22-9f5c-b031703aec20
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5127 0
747 B 47ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: b8199d02-381e-4a30-a2f0-8f80622e1660
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F507 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: f9a1bbe2-77cf-4539-bcf0-7465f9f706e9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 24F6 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: cc929fc0-a2bb-4d3d-bf97-72771d212418
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C981 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: 28c50770-42d0-46aa-bd97-774f69a686ae
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 81ms
80ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3793529583876169&bg=!g4ClgMTNAAbvMpMzzzI7ACkAdvg8Ws58624zUMx4hIxGfKeCCa0ztMC8w4dwafVCMqE5qMqVjx1xhQIAAACgUgAAAARoAQeZAqeZ7LADz3Fnba-ut8_h2s7hT3gcXYwVhlbW9HxOKI5YJTv46NUVglYMzkwr22OeMME23MjOpywgujfEeQtARy-xCDE2y_ByP1BEAVqpxXU3fvLFzExv1W54CV0TUZFnHE5IeR2KgaSJTx7J-t5beI4VZ5SujGKVtAVk4GAtxZN6B-x6yb0xfzocrkG7y90V0MyEJxLS0REg9Hj4DsUawW3L26CrLFwsW1DDD5nhx9z1_2HO_wiEU53xNSLh-Fd_fwb1DZbkGoEjjHJ455UDYQbWjE2iY0qsQ3eXnH9Clht4qnv4Cb-Ha4cRCs7mP3YKogodEprVuvNu06NzBmESbjEaTUQtmNjN3evZUIqjsXn1Bmf98TyPjBttivvPZIHqbBanez1OoF85MEed7OnBz_KiY0N5hNB2Ssev_SJZSVYiXwxZniz3kImDEtwmeosl6ABt71K3RWjHGvLBVV9ZW11s-LiCnNOlBYRQAafglcl_Fih_GjbcF1J0zKyuMJsLCj9s4zrVzqDsd1IgrrvxLm89jpkg-3s81LGjKR24TuKgoMez0SnuUBphXRZ3NAZiaRTGsVw0ET2Z9nC1gN27OM10Mx9nO1Qd4fxffny92MvG1lhXeXyG3Uv628r57xJxczGSRaCxXDWQMRbvfD9WMQUyRnc7631d01i-d8av-pgKO8plPx34SIwZo-noK4VmTQ3t373QOkF_S_IGdrRfJVE2AWvbW5xWqESiLfPsV2ti2Jtu5BM8WWvHHTjiWAXH9Qp6Gyt4w57YmsaW35SncVZhwmFks_t2o8S__5_ys4tmgVdQFcpr8RzLU9NISsWAAwH-wTqBpRCVCNGX7-65LpREnQBqu-jEaM4Ehc5i--35-vwnpw2gc8xnyIQc8-ZHhWaV_obEWYWN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 767F 0
836 B 47ms
46ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQlbv15bey79ZYGJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjt0ASAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFkWUpKLUFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFk0TmVBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBVzFMSkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhATGdHQ2cuLpoCmQEhQ3hvajk-YQI0SXV5bFFFZ0FDZ0FNWnEFb1xtZTBfT2dsR1VrRXhPalUyT0RWQTd5OUoRYgw4RDlSEQwMQUFCWh0MAGg5jQQ5cB0YAHgdDAg0QUkuaQL0gQE4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1Njg12gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFtiL6BQQIABAAkAYAmAYAogYPMTAyNjQjRlJBMTo2NjI5uAYAwQYAAAAAAADwP9AGqSXaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gaHAQjZ8zkSgAF1Uk0wTEZvQUFBQURBQWtDQlFFSXdhLWNCaERzZ000QkdQZUlyd0lnQnlnQVFJYWwzd1JJak56cEJGRHZMMWpsTTNFQUFBQSmcDEhnQWeVDkHLjU4sSm9CQWdnQXFBRUFzLiAAmEEuLoAHAYgHAKAHAboHDwgAEAAYACAAMAA4kglAAMgH7dAE0gcNCS6-AAjaBwYJJ2zgBwDqBwIIAPAH2vOVAooIAhAAlQgAAIA_mAgB&s=07774f07bef1bcfd76e348e0d8f4cd3a346edf73&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=8690365381212449275&vd=ct~0|rr~6&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: 7bda69dd-104c-4976-9cda-3bcb73f7e7eb
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9D9C 0
0 109ms
109ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=228924933139099&bg=!cXKlcjbNAAbvMpMzzzI7ACkAdvg8Wk6cxQZ8l6E4MpFpKMOK4VLBmy4XWVL4ZXpyJXXxQDxa9MFiGwIAAACTUgAAAANoAQcKAFVKRzYNGEDacRR9bkErAhUozPwAoU8OISAciR-z_ganKAIRolEUNYcDidWBcnBgIerce3ONLxAZdxFSoCvmIG9tqTdTLiNwPPPqm5sCFl-cbomhvUObmQLGteoYMkE5tNoFsQvkRQvTsaqLa-GbmZMrFaNQBGDot50bmmVWvEaWwGuvGvKuTh-My8IaGo_qpufg15S5Ge1bylqH2JGpyeyNmaaSJqiPAPhhCcmgbz6KkjcPEUrad_3Wgku47-46sHF_QB8ExYW5SVepXfhGk_riwndQC2aV9qKq8ZHxVLKRv3AQz9hwl4GNZNMs7SlyMoPsaSvf0qiwGY12mLQXG-kDBdY2KJHv2fZMhkGOZymFcjxsYwwP3mZ-slu0zE7VWdQaRA-qc3UyW20HrrZa6iz3kv85uM4e79m6MxPZaOwYIorbD1AcjyoaCXQh-lh5H2WeCN9VBYtM6xYxvLqfSEDLYU85h0KYLBFAHJP6aPwwWMXTi8ZvQciHW4W1IhZUAmtx1b7WM9PvBV2QC4_yEPF4FW17j3nVLP49BLft6pglAOTtGoPMJPCv14Cr278z97IdXcxPjMMvmlCyn0DgovcUDexU-Clp4uvwfjbxQlAhctvgUpD5s4vytJxAWUY5StZw8vj9vT47egX_TG3XTboQHC4CK2TAHAzsyjRDwh_eefi1oUn4wUeRMy5tCIE5RxjCkNgBF_zXDvDeu1jqdnzZia4HUKbFxRiBXBNMJpYOMrahXRbJ5DN0zkbzWyNA6vhjQ6rwKupoozboI5uAIwExoTsbwBe8peOwBOn4K1YeC_WCGFRHtzXzUlAE099_VRpINyz9BTqtvxr0XWU8ghdYyoMAwOZLEitDSoZTKl10yq7NObMHEuBHO1RJPVUK_roVESGId_euUXzfYpkAZnEEbQGA5_jW8-K7mGc0gr_OkFfeu11DOZ9jbgsOOThKLyutcK_WrN31aJd6609dpPfYjcXRvEtuy2Nc9H28ENjDYtn6YJeYSH_zamxACCz4ikfLff8EpQQHMI73U0Ck5We7DmOopDPnFXijOoRUL7k
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8D42 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: 18cad637-64c1-4046-814c-b48a49ae65e7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B952 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: 0043e3c9-8384-4264-b5c2-eccfb0b904be
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 177D 0
836 B 46ms
46ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQkLKysZm1rY08GJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXja2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFkb0pqOXdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFk1TU9BRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBVzZMSkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhQnhvTTh3OmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVMk9UQkE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC9IEBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTY5MNoEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTY4MLgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI2fM5EoABZlJNM0lWb0FBQUFEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFpd0xIRUFBQUEpnAxIZ0FnlQ5By41OLEpvQkFnZ0FxQUVBcy4gAJhBLi6ABwGIBwCgBwG6Bw8IABAAGAAgADAAOJIJQADIB9rZBdIHDQkuvgAI2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=89b4ab2138563e602b701a3e202eedd76b3fa46b&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=8690365381212449275&vd=ct~0|rr~6&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: 3337bd59-3b3a-4a1a-b3ed-f6198469a0af
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 7D4A 0
836 B 47ms
47ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQ6tyMub2Q9d8wGJD6ya6H16fCVSo2CfrnANKd570_EazRc4enSbY_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjD2wSAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFYNEthNndpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGM0Ti1BRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV2JMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRGhyMzlBOmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM09EZEE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC9IEBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTc4N9oEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTQ0NrgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI2fM5EoABa1JQbEpGb0FBQUFEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqR0tuRUFBQUEpnAxIZ0FnlQ5By41OLEpvQkFnZ0FxQUVBcy4gAJhBLi6ABwGIBwCgBwG6Bw8IABAAGAAgADAAOJIJQADIB8PbBNIHDQkuvgAI2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=81a6c650e85b8b91bd530a98ac53997a70d36f40&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=8690365381212449275&vd=ct~0|rr~6&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: 777c0515-d39b-4226-af91-6f4b8d90feb9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 584A 0
836 B 49ms
49ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLFFvQXAUULAAADANYABQEIg4ybnAYQ8IH8rve61sR_GLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXiM2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgL5DiFGSjJ0N2dpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwdXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVek1EUGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCcWdUUUJ3al9fX19fX18BBAw4QkVQAQgNAQh3RVkNCgUBCEFTRAUICQEIOEJLNiwAAHcJGAkBBEFUNlgAAFEyLAAERkkJJgkBBEFWNlgAAFc2LAAAZwkmCQEEQVc2WAAAYzYsAAA0CSYJAQxBWUFCCQoJAQhBWWc2EAAAWjogAABaOiAAAGE6IAAAYTogAABiOiAAAGI6IAAAYzogAABjOiAAAGQ6IAAAZDogAABlOiAAAGU6IAAAZjogAABmOiAACFlBQwn6CQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS5ZAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUp-gkBCEFZZzYQAABaOiAAAFo6IAAsYUFFXzd2cXlBYW9CMmgDBEd3OhAAADQ2EAAESEE6EAAASToQAABROhAAAFk6EAAAZzoQADqAAABIOoAAAEg6gAAMR0FCZgn0BQEId0dJOhAAAFE6EAAAWToQAJB5QkFrSXZ1b1JFTzdLb2cyNkJCa0k3UWdSdUI2RjYxRzRuajhapbUJAQBnASw8d1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQGQaUFXM0taQUYyZk01bUFYVXJzV0ZBYWtGNkJONWtuVE43ai14QqHUWEtDVXgtZ193UVdabVpraEN4RGxQOGtGAUcgSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhX2htSDhBOn0HNEl1eWxRRWdBQ2dBTVpxBW8YbWUwX09nbN21FE5BN3k5ShFiDDhEOVIRDAxBQUJaHQwAaDmNBDlwHRgAeB0MDDRBSWs1ePDXOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1MzAz2gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ642AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY2MTi4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAXJoTXZLbG8hXNhEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqYU0zXSoQSGdBZ1EdEExJZ0JBSkFCQUpvQkFnZ0FxQUVBcy4gADhBLi6ABwGIBwCgBwG6Bw8B4EwYACAAMAA4kglAAMgHjNkF0gcNCRHBAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=4b8801da6e8ab92718a62262feea2e90cba38bcd&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=0.94&sid=8690365381212449275&vd=ct~0|rr~5&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: d7e9f6de-87fb-45f5-bdd2-83118f78aeaf
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 8AFD 0
836 B 53ms
53ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQ75Wmu6K87s96GJD6ya6H16fCVSo2CfrnANKd570_EazRc4enSbY_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi_2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFXSUtVNXdpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGMzT2VBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV1RMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRHhvODlROmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM056bEE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC9IEBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTc3OdoEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTY3NrgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI2fM5EoABZVJON0lGb0FBQUFEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFpc0xIRUFBQUEpnAxIZ0FnlQ5By41OLEpvQkFnZ0FxQUVBcy4gAJhBLi6ABwGIBwCgBwG6Bw8IABAAGAAgADAAOJIJQADIB7_ZBdIHDQkuvgAI2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=5b938a6531ac1bab4a2ecc834c1416450aab7ae8&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=0.8&sid=8690365381212449275&vd=ct~0|rr~5&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: 6641dfeb-34bf-47a9-8130-19b2437570ee
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 026A 0
836 B 50ms
50ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQsuy9oJ3etuoTGLKR1KadmZOpLyo2Cam6Jv9-j7I_EeqBzSp8qqs_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjG2AWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCEtSUpleVFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pVME5EamdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGeUNxUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhQ0JwSjh3OmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEGhBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iPDJOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo1NDQ42gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAIGoFPA_0gUJCQEKAQG42AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjUzMjG4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAWt4TkVKVm8hXOBEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqSktYRUEBPQUBEEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBIGAAgADAAOJIJQADIB8bYBdIHDTUNAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=a954cad40756c2ada5a531ddbb587c01fabd9871&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=0.67&sid=8690365381212449275&vd=ct~0|rr~5&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: 2fa11753-f7c5-486e-8e43-8e75e539bd56
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 31CC 0
836 B 48ms
47ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQrZ2YmYTnuc1kGJD6ya6H16fCVSo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXjJ2wSAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFYWUwyNlFpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnU0dnQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQjd4cDViQUhFMHpfQkFlOGFlV3dCeE5NX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJTXzJ3UDFBYnI2SmotWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SXYtTEhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVGM0TnVBRDd5LUFCS1dqMVFtSUJPcWwxUW1RQkFHWUJBR3lCQWtJdnVvUkVPN0tvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHwTGlBV2FMWkFGMmZNNW1BWFVyc1dGQWFrRjZCTjVrblRON2oteEJRQUFBS0NVeC1nX3dRV1ptWmtoQ3hEbFA4a0ZBQUFBSU9TdTd6X1JCASgNAQgyUVUNCvBGRHdQLUFGcFBFQjhBV0t2NnNKLUFYMzhaOERnZ1lEVlZORWlBWUVrQVlCbUFZQW9RYWFtWm1abVpudFA2Z0dCTElHSkFrQUENTgRBQh3PBEJrERYIQUFDHRhETGdHQ2cuLpoCmQEhRFJxeDlBOmECNEl1eWxRRWdBQ2dBTVpxBW9cbWUwX09nbEdVa0V4T2pVM09EWkE3eTlKEWIMOEQ5UhEMDEFBQlodDABoOY0EOXAdGAB4HQwINEFJLmkC9IEBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwMKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTc4NtoEAggB4AQB8ASl8u69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NjYxObgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI2fM5EoABcnhOZUtsb0FBQUFEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z0FRSWFsM3dSSWpOenBCRkR2TDFqYk0zRUFBQUEpnAxIZ0FnlQ5By41OLEpvQkFnZ0FxQUVBcy4gAJhBLi6ABwGIBwCgBwG6Bw8IABAAGAAgADAAOJIJQADIB8nbBNIHDQkuvgAI2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=5f9d209f40780a0ad8fe3dce2878c517cd60afc4&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=8690365381212449275&vd=ct~0|rr~6&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: c4833bc1-5733-455f-aa42-6181aad23314
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame E382 0
836 B 54ms
53ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKpDPQXASkGAAADANYABQEIg4ybnAYQjbLX2rqI47wdGLKR1KadmZOpLyo2CW90b0WJV7Y_ETJxwJC2prA_GQAAAADXo8A_IWTigOVids0_KcCV7NgIxNM_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlCl8u69AViLspUBYABo_uCwAXi4iAaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE2LCAwKTt1ZignZycsIDE5NTg2OTU0LCAwKTt1ZigncycsIDI4MDA1NzY4NCwgMCk7dWYoJ3InLCAzOTgxNzg1OTcFVfCLkgLdBCFHSU8yM0FpVjRJSWFFS1h5N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJndWdOb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRcW9BUXF3QVFDNUFlOGFlV3dCeE5NX3dRSHZHbmxzQWNUVFA4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUcwdjlzRDlRRzYtaVlfbUFJQW9BSUJ0UUkFJAB2DQjwkHdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTF9peHlZUUN4Z0NMUUFBQUFDNkF3bEdVa0V4T2pZMk1qWGdBLTh2Z0FTbG85VUppQVRxcGRVSmtBUUJtQVFCc2dRSkNMN3FFUkR1eXFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBQUEFnlhBQUlMN3FFY0VFdUI2RjYxRzRual9KQg0cAQEUMkFRQThRBYkJAfBASWdGNFRPUUJkbnpPWmdGMUs3RmhRR3BCZWdUZVpKMHplNF9zUVVBQUFDZ2xNZm9QOEVGbVptWklRc1E1VF9KQlEB0xxEa3J1OF8wUQEoDQEITmtGDQrIQThEX2dCYVR4QWZBRmlyLXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wAWI4bVo3VC1vQmdTeUJpUUpBGQEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhQmhyQzhnOmECOEl1eWxRRWdBQ2dBTVpxWgVvFGUwX09nbD2ZEFZBN3k5FXkIOEQ5HXkAQh15BEJoOW0EOXAZhQRCeB0MDDRBSWs1iPDJOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTAwqAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDjczMjAjRlJBMTo2NjI12gQCCAHgBAHwBKXy7r0BiAUBmAUAoAX___________8BwAUAyQUAAIGoFPA_0gUJCQEKAQG42AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjUzMDO4BgDBBgABMywA8D_QBqkl2gYWChAFEB0BYBAAGADgBgHyBocBCNnzORKAAWxSUE9KbG8hXOBEQUFrQ0JRRUl3YS1jQmhEc2dNNEJHUGVJcndJZ0J5Z1VRSWFsM3dSSWpOenBCRkR2TDFpM0tYRUEBPQUBEEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAA4QS4ugAcBiAcAoAcBugcPAeBIGAAgADAAOJIJQADIB7iIBtIHDTUNAb4I2gcGCSds4AcA6gcCCADwB9rzlQKKCAIQAJUIAACAP5gIAQ..&s=18cc2c11f94228615e11113678a588ecbfee3256&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=0.53&sid=8690365381212449275&vd=ct~0|rr~5&sv=230&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/230/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:01 GMT
AN-X-Request-Uuid: e532ba45-375f-43f4-ae61-a54c765164e5
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 9D9C 88 KB
29 KB 118ms
39ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Dec 2022 02:55:02 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E409 15 KB
6 KB 221ms
40ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 02:55:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 922281
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 9D9C 89 KB
29 KB 122ms
44ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:55:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Dec 2022 02:55:02 GMT

GET
H2 200 /
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 9D9C 95 B
223 B 172ms
54ms Image
image/png 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Ffriends.in.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/png
date: Wed, 30 Nov 2022 02:55:02 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

sid Show response
mug.criteo.com/ Frame E409
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=friends.in.ua&sn=ChromeSyncframe&so=0&topUrl=friends.in.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=b_ccHnxkcFpWbDZQK1dDcmZ3a0RGNTJqV0ZTc2I3WjFGNW9oU3Z1d28yLzhMdDJoWkVWLzNETkROSE50bFpGN3IxNllOTFdEQ3ZXeGF2eHQvcSs0U3kxZXczcFFXazdIMHBMUHZybXk0N0RhS0FtckYySGFra3pMeFIweW...

425 B
649 B

202ms
42ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=b_ccHnxkcFpWbDZQK1dDcmZ3a0RGNTJqV0ZTc2I3WjFGNW9oU3Z1d28yLzhMdDJoWkVWLzNETkROSE50bFpGN3IxNllOTFdEQ3ZXeGF2eHQvcSs0U3kxZXczcFFXazdIMHBMUHZybXk0N0RhS0FtckYySGFra3pMeFIweWs0MkZ5K2hKTVZHT2ZWWGlrYUNxNTgxT25MOXpDcTZYbXozWXJIU1I1KzR2bVU3Wkt5WXFpc2RuNmh0OWtPUlFIYnFhV21vUlJqck5MRC9tcC9vUUJVNzdxYUd1amxsT0pHeTRJYy9zYnZjOFNjRSt5MnB4aG1jYnVuaEtHQ3UrRUg5ckU5NFB4NEozMDVpTkhMV2h0WjZsSUMxU2VXdz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

55d2f55d355fdba31ff7235004e983ae7bc6125fad1f1a4cb22d7fcdf24db143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:55:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2596476
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 02:55:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=b_ccHnxkcFpWbDZQK1dDcmZ3a0RGNTJqV0ZTc2I3WjFGNW9oU3Z1d28yLzhMdDJoWkVWLzNETkROSE50bFpGN3IxNllOTFdEQ3ZXeGF2eHQvcSs0U3kxZXczcFFXazdIMHBMUHZybXk0N0RhS0FtckYySGFra3pMeFIweWs0MkZ5K2hKTVZHT2ZWWGlrYUNxNTgxT25MOXpDcTZYbXozWXJIU1I1KzR2bVU3Wkt5WXFpc2RuNmh0OWtPUlFIYnFhV21vUlJqck5MRC9tcC9vUUJVNzdxYUd1amxsT0pHeTRJYy9zYnZjOFNjRSt5MnB4aG1jYnVuaEtHQ3UrRUg5ckU5NFB4NEozMDVpTkhMV2h0WjZsSUMxU2VXdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 472063
content-length: 0
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FAD0 52 KB
17 KB 34ms
33ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459558
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600021-LCY
X-Timer: S1669776903.802475,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2F86 52 KB
17 KB 33ms
33ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459181
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600055-LCY
X-Timer: S1669776903.808869,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FAD0 0
747 B 47ms
47ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:02 GMT
AN-X-Request-Uuid: e9bad022-7853-4f3b-8110-e0ef158d34a8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 17EB 52 KB
17 KB 33ms
33ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459182
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600055-LCY
X-Timer: S1669776903.891683,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BF02 52 KB
17 KB 33ms
32ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459560
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600021-LCY
X-Timer: S1669776903.893172,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2F86 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:02 GMT
AN-X-Request-Uuid: dfade148-1055-4546-9921-ace6d9a63144
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E077 52 KB
17 KB 33ms
32ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459208
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600025-LCY
X-Timer: S1669776903.901350,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7571 52 KB
17 KB 33ms
33ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 458258
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600032-LCY
X-Timer: S1669776903.906021,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BF02 0
747 B 48ms
48ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:02 GMT
AN-X-Request-Uuid: 7b5edf7c-9036-4d8a-9dc9-5a7d0767331e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 17EB 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:02 GMT
AN-X-Request-Uuid: 2ff491f6-4a13-4bde-8526-1c8630fc7619
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E077 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:02 GMT
AN-X-Request-Uuid: 962508ea-d93b-4782-aea6-9faa4a05ad8c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7571 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:02 GMT
AN-X-Request-Uuid: 675ba437-92e6-45dc-b637-3f5f7cfbde28
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6951 52 KB
17 KB 33ms
32ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 458259
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600032-LCY
X-Timer: S1669776903.987683,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7F3C 52 KB
17 KB 33ms
32ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:03 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459209
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600025-LCY
X-Timer: S1669776903.001272,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 93A4 52 KB
17 KB 33ms
32ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:03 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459561
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600021-LCY
X-Timer: S1669776903.007719,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DC81 52 KB
17 KB 33ms
32ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 30 Nov 2022 02:55:03 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 31, 459183
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600055-LCY
X-Timer: S1669776903.015574,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6951 0
747 B 46ms
45ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:03 GMT
AN-X-Request-Uuid: 4a8a84b4-1b12-4e22-915b-c4a923b51f3e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7F3C 0
747 B 67ms
67ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:03 GMT
AN-X-Request-Uuid: 358a7c04-2efa-4407-a470-acbf0c3ee2c8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 93A4 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:03 GMT
AN-X-Request-Uuid: f61a94db-4d1b-4780-bbd4-30c4d10996b3
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DC81 0
747 B 47ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:03 GMT
AN-X-Request-Uuid: 8c2a4f5d-18c0-45ab-883f-ec0371ace148
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FAD0 0
747 B 48ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:03 GMT
AN-X-Request-Uuid: 38523019-7ed0-4c59-84ba-3628c8d298a5
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2F86 0
747 B 47ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:03 GMT
AN-X-Request-Uuid: e0cd0503-d988-4cc8-9161-901ce966f824
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BF02 0
747 B 47ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:03 GMT
AN-X-Request-Uuid: 7275b651-d4c0-46a1-8c7e-748cdfcc25b7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 17EB 0
747 B 53ms
53ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:03 GMT
AN-X-Request-Uuid: eed4d482-8c27-40fd-9833-327e4e7f864b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E077 0
747 B 48ms
47ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:03 GMT
AN-X-Request-Uuid: 7bf49441-5c07-4f38-b08d-bf169fc58b44
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7571 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:03 GMT
AN-X-Request-Uuid: ef825500-68c4-46ae-967a-844022e67a2f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6951 0
747 B 47ms
45ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:04 GMT
AN-X-Request-Uuid: 046f54fe-e721-4027-a1fa-c6fdad3a6656
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7F3C 0
747 B 47ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:04 GMT
AN-X-Request-Uuid: b0cd103a-891f-49ba-8387-004d221d2396
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 93A4 0
747 B 47ms
47ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:04 GMT
AN-X-Request-Uuid: 8619866b-9863-4440-a0c2-604637842d4f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DC81 0
747 B 46ms
46ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 02:55:04 GMT
AN-X-Request-Uuid: 3cd47b5b-06c1-4841-a4b7-a4da17fbf3b6
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: test.takedwn.ws
URL: https://test.takedwn.ws/ping

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
friends.in.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: gsnkr7f4l75vngukdv52vfhf73
franecki.net/	1970-01-20 09:59:12	Name: CM_redirector Value: 248ee93da
.friends.in.ua/	1970-01-20 17:25:36	Name: _ga Value: GA1.3.1614074609.1669776898
.friends.in.ua/	1970-01-20 07:51:03	Name: _gid Value: GA1.3.117404177.1669776898
.friends.in.ua/	1970-01-20 07:49:36	Name: _gat Value: 1
.friends.in.ua/	1970-01-20 07:49:36	Name: _gat_gtag_UA_60815340_5 Value: 1
friends.in.ua/	1970-01-20 07:59:41	Name: hideModal Value: true
franecki.net/	1970-01-20 09:59:12	Name: ADWUID Value: 42a0872bef3364e3484ecd91a6996b1e
.franecki.net/	1970-01-20 09:59:12	Name: ADWUID Value: 42a0872bef3364e3484ecd91a6996b1e
franecki.net/	1970-01-20 16:35:12	Name: CPOOL Value: 3
franecki.net/	1970-01-20 16:35:12	Name: BNR_109268 Value: 1669863298%7C1%7C1669776898
.friends.in.ua/	1970-01-20 17:11:12	Name: __gpi Value: UID=00000b8a460e3b0e:T=1669776898:RT=1669776898:S=ALNI_MbHsyl9zaw7emxfPI0RCK4H3CvRRg
.aidata.io/	1970-01-20 17:25:36	Name: __upin Value: 0cDhY2VAVZjp2AKGee2ovQ
.aidata.io/	1970-01-20 17:25:36	Name: __upints Value: 1669776898
.friends.in.ua/	1970-01-20 07:49:36	Name: _gat_gtag_UA_57015589_1 Value: 1
.friends.in.ua/	1970-01-20 16:35:12	Name: _ym_uid Value: 1669776899835718396
.friends.in.ua/	1970-01-20 16:35:12	Name: _ym_d Value: 1669776899
x01.aidata.io/	1970-01-20 07:53:56	Name: livin Value: 1
.yandex.ru/	1970-01-20 16:35:12	Name: yandexuid Value: 7585241321669776899
.yandex.ru/	1970-01-20 16:35:12	Name: yuidss Value: 7585241321669776899
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 687346981669776899
.yandex.ru/	1970-01-20 17:25:36	Name: i Value: tMX4pMwQ89hplGIvJAdkgkJ65Klp7s5UyedOnuAUU+tQw3rzidBbRh0uVSr2T8AVWs6ITeTteAQ9+HUqiQti6VAxQ9E=
.yandex.ru/	1970-01-20 16:35:12	Name: ymex Value: 1701312899.yrts.1669776899#1701312899.yrtsi.1669776899
.friends.in.ua/	1970-01-20 07:50:48	Name: _ym_isad Value: 2
.adnxs.com/	1970-01-20 09:59:12	Name: icu Value: ChgIx6J5EAoYAiACKAIwg4ybnAY4AkACSAIQg4ybnAYYAQ..
.doubleclick.net/	1970-01-20 17:11:12	Name: IDE Value: AHWqTUlnECzB_PrwR5NPYPO6i_WUBCN6WxAzuSlmgkJO1kFKKtlD6Vh733Y7DyH9Lms
.friends.in.ua/	1970-01-20 17:11:12	Name: __gads Value: ID=7d146bf171127471-2215cab500d80079:T=1669776898:S=ALNI_MbYLFymXo0mAINJ_p9qCMRxJZFcPw
.connextra.com/	1970-01-20 16:35:12	Name: CxtId Value: fd9f273d-40ef-45a0-9532-6523b5a8a27a
.adnxs.com/	1970-01-20 09:59:12	Name: uuid2 Value: 3409872297615755442
.connextra.com/	1970-01-20 16:35:12	Name: FIFA Value: A%7Cpostimpression%7C1%7C202211300255%7C7%7CDDM_APN_SB_BRA_UK_300x600%7CDDM_SB_BRA_UK_FifaWorldCupNov2022_300x600%7C%7C%7Cszx10RpQT9OeCvxCrJX6jA
.criteo.com/	1970-01-20 17:11:12	Name: uid Value: 3a23eff4-8869-4cae-8b4a-6589f07de881
.friends.in.ua/	1970-01-20 17:11:12	Name: cto_bundle Value: 5gjZPF9FWlZXalpzOUpMb0klMkY1MDhTbEM3TnpxeXNIQm1mTFBQenUzYiUyRmtQNmxYd2RRODlBazZPTUtaUXhWaUFnbXlpS29HUkRjdGIxSk05ZkoyMmkwdGF2a0ZaYktnRllRWUxYcDNYV25PdlFGelhwUlBEN0hGVVA5QVZGdVFDYnFzMWRUZGYlMkJyRGcwU1h4NXZjakEzZEIxTGclM0QlM0Q

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8b7a89116670f110d5a2c37ac178b291.safeframe.googlesyndication.com
acdn.adnxs-simple.com
acdn.adnxs.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
aurabom.ru
bidder.criteo.com
cdn.adnxs.com
connect.facebook.net
counter.yadro.ru
dpjgrnd6i7dk0.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
franecki.net
friends.in.ua
googleads.g.doubleclick.net
gum.criteo.com
hb.adpone.com
i.clean.gg
ib.adnxs.com
kodir2.github.io
mc.yandex.ru
mug.criteo.com
mxtads.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-eu.creativecdn.com
prg.smartadserver.com
securepubads.g.doubleclick.net
shb.richaudience.com
sholke.com
ssl.connextra.com
static.criteo.net
stats.myangular.life
sync.richaudience.com
test.takedwn.ws
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.megastock.ru
x01.aidata.io
test.takedwn.ws
13.225.78.128
138.201.51.138
151.101.129.108
151.101.65.108
162.55.236.224
178.250.2.146
185.184.8.90
185.86.137.114
212.118.48.164
213.196.39.165
23.35.236.188
23.88.17.186
2600:9000:21f3:aa00:c:aa3e:9800:21
2606:4700:20::681a:b19
2606:50c0:8002::153
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a02:2638:1::13
2a02:2638::24
2a02:2638::3
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
34.95.69.49
37.252.172.123
88.212.201.198
89.108.119.28
89.149.200.234
91.228.155.126
91.240.20.7
96.16.144.106
00ac6ba4c7cd386ce2f692f45e7718b866bb00af4a14be2efab8e49a90b3df01
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01f460e02afed4fa122618a31212b246ecb7004961851dce17a42500dc4e0442
02a58acbc441082afffc279ae739aa8359c1e3b39ec18621647611b1e93809a4
0312e1f30bf4a79a90bead6d2cd681c2049e8a51d9e4a55249f21b2300da09c5
0462c90aa69c24ecb90cfb59024b71fb99c89c911432d5ad21c7cbf18ef7ea6e
0914444836fae2f430d7c42f27b07a536508197a35aa9e4c8294bc5f7978d08b
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0bb75f6e07ec4d6d4e3ae2039822690b7d71e52c0208b63e5f34529d975db744
0c24d5868a3003ccf924ab3d528967219e03d6c93d46da648dc7e15b7d0b005d
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
164331299d8714c825f8579119570c0281762fd67567e32cfa7e95cfa0516a22
18e79a16c33cdd8d59eddd81ef793fcc0159611cb33c6fd490154dcce43239c9
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19a504af35c5c86859ecc31d7c9851dfc96dfe7828484998fdfd544d45fe6add
19bcad5c32c05a87eeecac5ae6a3398dc2b3d2a0409a32f32c4824b4a0ca9459
1cdfec4471965cdc07a0a4fff3c5d65c624d201dd2d30772d1fa40adff2d9e4e
1e7e6b59a5b05255178c9b9acfc303fe2c35a16534e61076c8bfe37a16ec8e51
2007223b097e96995a0c050af1ad3cd83a7d88e9591842e19f54fc45560e2f65
23cc189bf16bb0dc8d64b35e80ce28684de1efc8464b328e9c3eed33bcda7a76
2685c986f11c6c0917f2d4533d69c7a6dde27cf89fe27480697da378e7d48dc3
2dbe4b69a88e5e505a117e1f210cfdd14aa6659c2792f30d27adc137f1dee48b
2e0ee9b507f7af5cce2c5c4eab46d1e66b160987010579d59b5ebf6801bd47ea
371bd1007ecc50fdb3474537fd2a65516483e547bd0a552e0c51770c5c4e5952
3757cd87759d7906875743128d3356103096ab3bdf1af298f205a666ca5d71f0
3968deba6550cabb10d3cd70508aac9c62e774f4f9f3759ec31b2572eb8aecf9
39980b315eb62a1631c5f4016ab4b3e6cf632996def0434b91cec6077ec9bb64
39cc97d615dab3f651c597e8f1969b7d115cd100e9cc2dd2c80f82436a290aaa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef4992026593e0ea951ba520ff9eca88a7ea12712aca5daba6c181031ac6ab4
425d14466d34dbb0acaa9cac644d5508c96124e36c0f233b365dff87a6e37874
44c1b74d0cfa63c14cb4e9f6665867ef7d0ed66484634b33aeb2062d7e4590f1
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46967c5357950663d5b99cea4a1646982f8cc90467f8d2fcd5d7c5e38d0f96dd
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
47c2f59a968ceb9ca78459b70e957d32e92371066914cb33c4767a23455ba797
480e671f35917348ea232ffe01e2d759469f630f3b4045689e60d2edf69b63e0
486cf8923081a57175e52763b3ecaf24fa6c3c2338770f3ae07064e5161865d9
4a41bcf1649d5434f11a8c1fe30b0894a9eaf3d0e8dccd70607ddb95f201213a
4d59164ddcbfdc18c8c76ad2a4c548e57b276b967091c4a118910a536bd26baf
4f8c566f2cc5e60ddec29774fddf017646b0d814eb25c6132d89c5c7cebd4cc3
506964f58b17716402ad40ec3fcab7535bafa18b92324ba99fc8b40eb830d3c4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d2f55d355fdba31ff7235004e983ae7bc6125fad1f1a4cb22d7fcdf24db143
57747d0c58d8a960164c63f821b3132b813318f97d34fe74ed61ff679158ede4
57d306987ff520c8bb4148ea6a43ddb53878cc755fb340eca2a7961d70fc1f76
5ce0bbe89a521f471b2e1dcac3dfde2fa5532200acc9d5d3c8a450f363a2c54e
5db1fee4b5703808c48078a76768b155b421b210c0761cd6a5d223f4d99f1eaa
5f1a3a89f85d7d8fea248137111c5030e521d9efa3da80f95eaa2bf8ac3b6836
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65a38a7dbd02da8b2fd475f8a87f3aaae42d897ff8935eca89148edf9ed30eea
683dbc7ea360c52b4b65738f5f04f0e907532223b16509e8acfaa33f9c731ca5
6845b6896e74c6be8da223ccf09aa5556c1bb53bd3b947c1f91408e8df31871f
6b5f93fcba0cae2cf7d63478302e219b922d252bca9925061e733d5494da52ac
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c298c7796b872b6caa387178a0089923ed809b663bc5584601ec7c2182eb2bc
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
71fad0359873c92b0d4db09e6ffa666e73e888bb6e0fe00c1022099fa07164bd
7306089c702f08b3cd35431f6b71ae089ab6b0a51a259884ede0f4905e570eaa
76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499
7696327f0ec96becc9acfad250c264600a943253bb28dd0b6adc33b438b7d6e9
77b923d6fd76d50e9728f2786c10de9ab04d7853b863244de8f4f9ab612f8bd3
7819f04e6ac36af9f11955899c4c6696bb54222dbacc89aad32307b113de5980
7cba56d1cb925da4ad5fedcfdebe49cb432b8b30f22eda462027915c3e90e3fd
7d4c2b6e5719585ff41149bb134b17c36cd68196409183835b4413801601e223
7d6306f01990b9dc08895d2b76f65d87ffd3aabd006aaac41f14dadcb94cf7e8
8078f97416dbfbb2b24d6a2ae82d6130ace453db0199a80746dfac32ac1040b8
825190bc39f5380a2a05980aa17f0503dceaa0704081a20b97f43afb180ca5ed
833bf0ec37d8a8c48ee876d0eb3d4c140fa7436d272d693097f005606f288e66
855cf138941573cf3dd1daf6ea12a15122e115c9145d809c8e3556f73668e254
8641702971c5ef86d5a8f5b5103671c55f309b9b440e400a15f1b384c589830e
892cb57a1eeb3e07a75462120d3b8429f2cf28d1f57aba1d7933395a9043bb7b
8b297024f28bf7c02f796c5c55280dd53fd0047fa2e52c9d8c315c6128edb295
8d4b9d561703235b44c824408370d4405e2c2c7ba7da310af7f40fc094da283e
8fbef915c39b670da441a27a7ac28cfbd480a921ee6ec1ec0d325aec3d074914
921d3b2cb28357d57e850b0b57621f3c7b6b0caeaa880c8d7887ceb29fa5d65f
925840568650a020870e2fe1eb5a3a17d945631e6b15e8a5f04865488b7591f8
933b957669bcb1f3782b29e4e15b7fd5345b9e4dc2525ee6b5ba92e4dab41759
93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298
94d7aa346974c2fb89458181777b05db520c81fefd53220dd124f064b08e6866
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9820b7d1347a7ea25f9ce3892d6e4a63e97c1445e841b8aa9f9dd03c3d6e1594
993397e159aa28663a5108b893117b27dee2a97ec2e2657d5f290fc7c5f9659c
99931e991971efe66806d488c78658151b87b00438fc26d0076faf8f14dc26fe
9a210f208afe7d94673898071f42e05c6040ae0d98aff80c0dd2770a18da62d7
9a49365a0972e0978e6bb697a7f2f6916fcc47c6482b994b69e16122589964f8
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e6eb1a3edcc3d9621d752e31cc8a1a0c2a058b585ec3d4690b2d50099d3e38a
9f057ca51443737ce794f152c46c08706aeb1ec687322e7e0c37d2ea8077d3c5
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a472ce20c2c4ab1907fedde9d44b4f0d09e295d22603d26bc392233ba4a4448a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a53f4b8e4d6114dcbdec6e365995be3a70e3ce2c1a4780bf36d100edd95d51e6
a57acc7776143c4260462075f7ee06df650c3ea5969900f63f1246b0fb76cff4
aa9668a986f6ac03e7cd406457803eaa97fba3c44d9721578f457454d8f4505d
ab8b6924619317a40378b8e6300d982eed7212151048bc43bd2f3706ca428621
ae667f9c3a748739ea15139d817849bca484b29d00bdbdb3c5c6c318a87951b2
b13d57d407073f40099a1262fb0cde00ea2743758bd99ad550d85f06b1038e07
b27dac1362a907e10e84987c6e2ba5f5fbb716f095bd646f85de1d1927750b3c
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b3609bec7e3cd2bbb02ca11cfa728ba14c5612daf63155709419b29fe561a629
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b910e0e5a876c0f9825c6716a7c58a89d7ad45bc4a6b05a9bdceacf91e2dce62
b9132ab54c6e1bc9d6c1fd6b66b93c77894cda13b87cc8fdb3fabb1d4222ee0e
ba6ad3d5f2e4f812f189159634422ef4595e1efecc67ac79f5bd484fba3e3a46
ba9d86bcf9efa737f000eb3e2fa4770769dfbc9654c65bc57f7f9e0af1c576d0
c24bbcb3112da75415103f764163f3d510440abe4f3916e601ae6c1fa894eb4f
c2899b0932bdf27ca8d24ffefabe2892045f7dd8bcb3d45ba2c81f683578f308
c6002842e5f7cd5d7898ccd55452049240e2014e283191fb63770bfe3ec49973
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca706f7070b55f04ad7e61bcd28ddf780ca341464cd42a329400101f0b01e423
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1
cee490fdb12f5a7b47e3c3cb6c07082dbb80d36bac565762799456fde264424d
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d7442d19163e678e160c7bde9d23d0c1fa1a23e3b374f81b199940516e36bfa2
d80f2ce34e7dd96170db904343a279d46172e2eddc2a4884213ecd33e5daedea
d83c8c684c71b22436e90b2de30f4346a6691d1a40e93a19285864ee5725108a
d9f7eb7abd8c938bdd86975d382911f93580a1a4622b2b816fb920f93e9a66ee
da2b4f5e267926226cf9b7b35aa7c01bd089d257b703b5d54a74d94e10483c05
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
dfa6ebdd1bea800606406332dfae9b378fdf886a52a8c4caa877712bd5c4f40e
e25b1807f6285a992305a2a993e7894c56c8864b20d7627f8956c454a8a84824
e27100bec2e2c92a30bbb640f069a6d7b0206fc6b63ce2e541acae1ac1cc215b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ad1ed9aa315cd986650033dfe816eab16e05758464729b1cba116a820c52a6
e9d04b52142cb63af955d167a62bc412e280b01a17648994aa4b838e0c979c52
ec7c7704dff96cefde09d463320858879f5d02567828c3e3c1480527cd23f012
ed4a6bfc2ee3e531be78b7330cbdbf23b564fa5144975bca472d60c3b03212b3
f0890052c64e6ebeb30ce1522f4b4255ec1e28acd020f57ed371134d4cf06801
f4d6fa15792bf2316634e30547b58982f70779af811f4f4612d78d4af4525a3d
f60dae7119e9a426e1d780c4975d6bcc5a86ee60638a8bd0588324ed29905438
f800e06dd0a06d26695ce311bdd13904916ae3e280481842cb5ffec4ddccc9a5
f83aba329a813f09369e5835393cf80f17235983b5933dcd51b8a8f3d95aac73
f8b0e502861ff027dfd6e55813e7177da05e8f20eadbfcd7bf7401d5e4d58399
f97b9b76fe7e193698abc5ca9c47dffdb6f8bb920fe7c2edc090135706930d7e
fadf13b347ecb07287970409fcacd0a9fb8001f04c2f9c817f6dff3c04d98487

friends.in.ua Open in urlscan Pro 91.240.20.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

384 Requests

99 %HTTPS

52 %IPv6

33 Domains

44 Subdomains

42 IPs

6 Countries

7301 kBTransfer

15232 kBSize

32 Cookies

0 Outgoing links

Page URL History

Redirected requests

384 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

friends.in.ua Open in urlscan Pro
91.240.20.7 Public Scan

Screenshot
Live screenshot

Full Image

384
Requests

99 %
HTTPS

52 %
IPv6

33
Domains

44
Subdomains

42
IPs

6
Countries

7301 kB
Transfer

15232 kB
Size

32
Cookies

384 HTTP transactions
1 data transactions