urlscan.io logo urlscan.io
SecurityTrails logo

www.profiwins.com.ua Open in urlscan Pro
185.233.37.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://profiwins.com.ua/
Effective URL: https://www.profiwins.com.ua/
Submission: On February 23 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 9 countries across 33 domains to perform 192 HTTP transactions. The main IP is 185.233.37.160, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is www.profiwins.com.ua.
TLS certificate: Issued by R3 on February 5th 2022. Valid for: 3 months.
This is the only time www.profiwins.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 21 185.233.37.160 200000 (UKRAINE-AS)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 62.149.0.220 15497 (COLOCALL ...)
3 7 2a02:6b8::1:119 208722 (YNDX)
3 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
3 6 2a00:1450:400... 15169 (GOOGLE)
21 136.243.84.74 24940 (HETZNER-AS)
10 95.217.59.106 24940 (HETZNER-AS)
17 51.68.138.57 16276 (OVH)
1 89.184.81.35 28907 (MIROHOST ...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 77.123.132.26 35680 (VOLIA)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 31.220.27.134 39572 (ADVANCEDH...)
1 34.120.139.69 15169 (GOOGLE)
1 2 91.207.59.213 48061 (UMA-TECH-AS)
1 37.18.16.21 205675 (HYBRID-AS)
1 217.65.2.150 3175 (CITYTELEC...)
4 4 46.4.121.26 24940 (HETZNER-AS)
2 2 116.202.49.54 24940 (HETZNER-AS)
2 2 195.201.243.71 24940 (HETZNER-AS)
4 4 96.46.183.20 7979 (SERVERS-COM)
2 2 144.76.118.233 24940 (HETZNER-AS)
4 77.123.132.42 35680 (VOLIA)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638:1::11 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.99 15169 (GOOGLE)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2600:9000:218... 16509 (AMAZON-02)
1 178.250.2.148 44788 (ASN-CRITE...)
6 178.250.0.139 44788 (ASN-CRITE...)
2 178.250.2.150 44788 (ASN-CRITE...)
192 40
21    185.233.37.160 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
PTR: vps-37972.vps-default-host.net
profiwins.com.ua
www.profiwins.com.ua
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com.ua
5    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    62.149.0.220 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: weather.in.ua
informer.weather.in.ua
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
3    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
18    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
6    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
21    136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de
go.rcvlink.com
recreativ.ru
st11.rcvlink.com
10    95.217.59.106 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: web3.mezhbank.kiev.ua
old.kurs.com.ua
17    51.68.138.57 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: vps-79ef5675.vps.ovh.net
a4p.adpartner.pro
1    89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua
c.hit.ua
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
24    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    77.123.132.26 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 26.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    34.120.139.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.139.120.34.bc.googleusercontent.com
dsp-trk.eskimi.com
2    91.207.59.213 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp8.sender.ltmse.com
px.adhigh.net
1    37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
1    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
4    46.4.121.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info
www.acint.net
2    116.202.49.54 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1397153.sapientru.net
ssp-rtb.sape.ru
2    195.201.243.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info
acint.net
4    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    144.76.118.233 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.233.118.76.144.clients.your-server.de
exchange.buzzoola.com
4    77.123.132.42 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 42.132.123.77.colo.static.dcvolia.com
img.adpartner.pro
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2182:e400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
6    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
Apex Domain
Subdomains		 Transfer
37 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
557 KB
22 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 53119
file.adpartner.pro — Cisco Umbrella Rank: 210433
img.adpartner.pro — Cisco Umbrella Rank: 272881
108 KB
21 profiwins.com.ua
profiwins.com.ua
www.profiwins.com.ua
132 KB
19 rcvlink.com
go.rcvlink.com — Cisco Umbrella Rank: 56289
st11.rcvlink.com — Cisco Umbrella Rank: 93991
140 KB
18 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
146 KB
15 criteo.net
static.criteo.net — Cisco Umbrella Rank: 638
pix.eu.criteo.net — Cisco Umbrella Rank: 7678
csm.eu.criteo.net — Cisco Umbrella Rank: 7893
32 KB
10 kurs.com.ua
old.kurs.com.ua — Cisco Umbrella Rank: 708601
10 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com
94 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 59
3 KB
6 acint.net
www.acint.net — Cisco Umbrella Rank: 33065
acint.net — Cisco Umbrella Rank: 26302
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
190 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 28275
2 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1448
3 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
ssl.google-analytics.com — Cisco Umbrella Rank: 236
57 KB
3 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12444
ads.eu.criteo.com — Cisco Umbrella Rank: 7942
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9904
52 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
www.google.de — Cisco Umbrella Rank: 6342
1 KB
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 22253
380 B
2 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 33846
1 KB
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 11262
728 B
2 recreativ.ru
recreativ.ru — Cisco Umbrella Rank: 59652
346 B
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2932
69 KB
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1447
461 B
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 39570
215 B
1 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 6079
238 B
1 eskimi.com
dsp-trk.eskimi.com — Cisco Umbrella Rank: 46507
256 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3359
242 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 6501
351 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 741
646 B
1 hit.ua
c.hit.ua — Cisco Umbrella Rank: 211141
544 B
1 weather.in.ua
informer.weather.in.ua
11 KB
1 google.com.ua
www.google.com.ua — Cisco Umbrella Rank: 15661
325 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
37 KB
192 33
Domain Requested by
24 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
19 www.profiwins.com.ua www.profiwins.com.ua
17 a4p.adpartner.pro www.profiwins.com.ua
a4p.adpartner.pro
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.profiwins.com.ua
13 pagead2.googlesyndication.com www.profiwins.com.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
11 go.rcvlink.com www.profiwins.com.ua
go.rcvlink.com
10 old.kurs.com.ua www.profiwins.com.ua
old.kurs.com.ua
8 st11.rcvlink.com www.profiwins.com.ua
7 static.criteo.net ads.eu.criteo.com
6 pix.eu.criteo.net ads.eu.criteo.com
6 www.google.com 3 redirects www.profiwins.com.ua
tpc.googlesyndication.com
5 www.googletagservices.com googleads.g.doubleclick.net
5 mc.yandex.com 2 redirects www.profiwins.com.ua
5 www.gstatic.com www.profiwins.com.ua
googleads.g.doubleclick.net
4 img.adpartner.pro www.profiwins.com.ua
4 ads.betweendigital.com 4 redirects
4 www.acint.net 4 redirects
4 fonts.googleapis.com googleads.g.doubleclick.net
www.profiwins.com.ua
3 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
a4p.adpartner.pro
2 csm.eu.criteo.net ads.eu.criteo.com
2 p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com
2 exchange.buzzoola.com 2 redirects
2 acint.net 2 redirects
2 ssp-rtb.sape.ru 2 redirects
2 px.adhigh.net 1 redirects www.profiwins.com.ua
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 recreativ.ru go.rcvlink.com
www.profiwins.com.ua
2 mc.yandex.ru 1 redirects www.profiwins.com.ua
2 profiwins.com.ua 2 redirects
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.nl.eu.criteo.com www.profiwins.com.ua
1 match.new-programmatic.com www.profiwins.com.ua
1 dm.hybrid.ai www.profiwins.com.ua
1 dsp-trk.eskimi.com www.profiwins.com.ua
1 s.uuidksinc.net www.profiwins.com.ua
1 t.trafmag.com www.profiwins.com.ua
1 file.adpartner.pro www.profiwins.com.ua
1 www.google.de www.profiwins.com.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ssl.google-analytics.com www.profiwins.com.ua
1 c.hit.ua www.profiwins.com.ua
1 informer.weather.in.ua www.profiwins.com.ua
1 www.google.com.ua 1 redirects
1 www.googletagmanager.com www.profiwins.com.ua
192 49

This site contains links to these domains. Also see Links.

Domain
weather.in.ua
a4p.adpartner.pro
adp.digital
hit.ua
Subject Issuer Validity Valid
profiwins.com.ua
R3		 2022-02-05 -
2022-05-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
weather.in.ua
R3		 2022-02-12 -
2022-05-13		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.rcvlink.com
Thawte RSA CA 2018		 2021-10-01 -
2022-10-01		 a year crt.sh
old.kurs.com.ua
R3		 2021-12-24 -
2022-03-24		 3 months crt.sh
adpartner.pro
R3		 2022-01-10 -
2022-04-10		 3 months crt.sh
*.hit.ua
R3		 2022-01-20 -
2022-04-20		 3 months crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2021-08-23 -
2022-09-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
uuidksinc.net
R3		 2022-01-14 -
2022-04-14		 3 months crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-04-12 -
2022-05-13		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
new-programmatic.com
R3		 2022-01-21 -
2022-04-21		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-06		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh

This page contains 32 frames:

Primary Page: https://www.profiwins.com.ua/
Frame ID: 8DC2A2A3FF78670DC633DB829CB9B83E
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20190131/zrt_lookup.html
Frame ID: 840A9F08E9129485F619D89BEB1B5EA9
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/main.js
Frame ID: D79C6962161595720E37DCE0A698750A
Requests: 4 HTTP requests in this frame

Frame: https://old.kurs.com.ua/informer/mini2/nbu/usd/uah/eur/uah/rub/uah?color=blue
Frame ID: 9841A8E3DBA2D684B23EEC78A72EF1C9
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Frame ID: 3D6ED49A949FA9FD2100215941EED617
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
Frame ID: BF2EF1B820FB1699F8110B4B21FAAF26
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Frame ID: 646CFC811F3795EBF27AB41D8A3B81F8
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06&session_pageview=1&session_id=4f048c4b-a8ec-4631-8525-124bd40744a5&site_visited=1&location=https%3A%2F%2Fwww.profiwins.com.ua%2F&referer=
Frame ID: 592340615CFC6E8ED3CDEB855ED68FA1
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=5348&unit_id=5348&shown=&session_pageview=1&session_id=4f048c4b-a8ec-4631-8525-124bd40744a5&site_visited=1&apuid=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06&width=258&screen_width=1600&reload_count=0&banner_num=1645647065425737730&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.profiwins.com.ua%2F
Frame ID: 070D7C7C1066094E7E0D7A27FACC23DA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&adk=3516679816&adf=3032109062&lmt=1645647064&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065503&bpp=1&bdt=486&idt=1&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600%2C258x600&nras=1&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=11
Frame ID: 2BE968B9DF4412C9E66F44F729533764
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/iframe.htm
Frame ID: DA8E58A435722179B69E113EEF6E7C8C
Requests: 7 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/iframe.htm
Frame ID: FBFB04D681349F9FA5280AB4EC681F64
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0987D814D7801134A77291932C59253D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3B381A036578E51B07B4CC59DB9623EE
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297866%2C%22cost%22%3A0.0000319305%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%221ba0152a-420d-4383-a662-30ffd71aa39f%22%7D%2C%7B%22ad_id%22%3A2337640%2C%22cost%22%3A0.0000204389%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225faae508-38e4-483c-b127-1d92d2239503%22%7D%2C%7B%22ad_id%22%3A2357740%2C%22cost%22%3A0.0000188954%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2239bdc4b9-588d-45e4-8c89-7d191c858c65%22%7D%2C%7B%22ad_id%22%3A2357767%2C%22cost%22%3A0.0000119241%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ab90383f-c8ea-4c6c-ba34-d5dadf64c3ab%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Frame ID: 090E5A6A208CAB115A1C16AC3FDFBCD6
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297866%2C%22cost%22%3A0.0000319305%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%221ba0152a-420d-4383-a662-30ffd71aa39f%22%7D%2C%7B%22ad_id%22%3A2337640%2C%22cost%22%3A0.0000204389%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225faae508-38e4-483c-b127-1d92d2239503%22%7D%2C%7B%22ad_id%22%3A2357740%2C%22cost%22%3A0.0000188954%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2239bdc4b9-588d-45e4-8c89-7d191c858c65%22%7D%2C%7B%22ad_id%22%3A2357767%2C%22cost%22%3A0.0000119241%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ab90383f-c8ea-4c6c-ba34-d5dadf64c3ab%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Frame ID: 80FFBC002A03AD288A5AE5F71E133D56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EE6BAFD3DE0592D846A6753DC8D92B22
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Frame ID: AE09BE8488DCD1407F904B747E675960
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D4161A33FFCA51B8BD8BC7A7C2040551
Requests: 2 HTTP requests in this frame

Frame: https://p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: E7785A7F58C7609BF2461B8F4E366A80
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E64C5454F3A2661EB77F3A7467CB09CF
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 74A5918B0234BEACD49A30885992B3CD
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
Frame ID: 48FEB92C1B034DEE565C880617C1CF07
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
Frame ID: 8B791350245FB6064C2505B62653E34A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
Frame ID: 334734994793F456DBDB4143949A65B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E89EE4342BB642DC12819D92019071F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5B464F19E51617625830B4E0407ADA89
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297866%2C%22cost%22%3A0.0000319305%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%221ba0152a-420d-4383-a662-30ffd71aa39f%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Frame ID: CC5AC8BDF49BC62322AA760A0F4B764A
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2337640%2C%22cost%22%3A0.0000204389%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225faae508-38e4-483c-b127-1d92d2239503%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Frame ID: 3C1EFE018BBF5D5E55C2C718640C3B52
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2357740%2C%22cost%22%3A0.0000188954%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2239bdc4b9-588d-45e4-8c89-7d191c858c65%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Frame ID: 3885EE9E2BC3F6308CA9B3F8672C56C6
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2357767%2C%22cost%22%3A0.0000119241%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ab90383f-c8ea-4c6c-ba34-d5dadf64c3ab%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Frame ID: 4A9ED597C7EDF257AA2B4AA0095FA968
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297866%2C%22cost%22%3A0.0000319305%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%221ba0152a-420d-4383-a662-30ffd71aa39f%22%7D%2C%7B%22ad_id%22%3A2337640%2C%22cost%22%3A0.0000204389%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225faae508-38e4-483c-b127-1d92d2239503%22%7D%2C%7B%22ad_id%22%3A2357740%2C%22cost%22%3A0.0000188954%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2239bdc4b9-588d-45e4-8c89-7d191c858c65%22%7D%2C%7B%22ad_id%22%3A2357767%2C%22cost%22%3A0.0000119241%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ab90383f-c8ea-4c6c-ba34-d5dadf64c3ab%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Frame ID: A2521345A87E48490B21607A8321EAA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Сайт для предпринимателей и бухгалтеров-Профи Винс

Page URL History Show full URLs

  1. http://profiwins.com.ua/ HTTP 301
    https://profiwins.com.ua/ HTTP 301
    https://www.profiwins.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

192
Requests

94 %
HTTPS

47 %
IPv6

33
Domains

49
Subdomains

40
IPs

9
Countries

1646 kB
Transfer

3725 kB
Size

45
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://profiwins.com.ua/ HTTP 301
    https://profiwins.com.ua/ HTTP 301
    https://www.profiwins.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.google.com.ua/coop/cse/brand?form=cse-search-box&lang=ru HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 23
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9558.VjJLdGeOcezpLGh2cchk4Th_dl6RnvbJEI13G1GnXaVZgAXgPyipskSjzvr3RoOI.AYK97Jw9XuyVdvE_KiAsrfbpbbE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9558.DoQQgg5rzr9siuI4uE3Ix_Tv8iHcygRmfvnyYllPF8HEFPGmtxREomaIq1UY0fWc2t-Xyjm_e223sqzNCHCWwA%2C%2C.QxlcTLgsTQ0J0UZN6M0Na5o6TOc%2C
Request Chain 32
  • https://mc.yandex.com/watch/86305497?wmode=7&page-url=https%3A%2F%2Fwww.profiwins.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A447%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A105490490728%3Ahid%3A904615789%3Az%3A0%3Ai%3A20220223201105%3Aet%3A1645647065%3Ac%3A1%3Arn%3A785132990%3Arqn%3A1%3Au%3A1645647065850466643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1645647064752%3Ads%3A0%2C0%2C76%2C1%2C186%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1645647065%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BF%D1%80%D0%B8%D0%BD%D0%B8%D0%BC%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B8%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2-%D0%9F%D1%80%D0%BE%D1%84%D0%B8%20%D0%92%D0%B8%D0%BD%D1%81&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/86305497/1?wmode=7&page-url=https%3A%2F%2Fwww.profiwins.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A447%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A105490490728%3Ahid%3A904615789%3Az%3A0%3Ai%3A20220223201105%3Aet%3A1645647065%3Ac%3A1%3Arn%3A785132990%3Arqn%3A1%3Au%3A1645647065850466643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1645647064752%3Ads%3A0%2C0%2C76%2C1%2C186%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1645647065%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BF%D1%80%D0%B8%D0%BD%D0%B8%D0%BC%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B8%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2-%D0%9F%D1%80%D0%BE%D1%84%D0%B8%20%D0%92%D0%B8%D0%BD%D1%81&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 111
  • https://px.adhigh.net/p/cm/adpdigital HTTP 302
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
Request Chain 114
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007FDA9416623100023402E46B7A&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FDA94166259091E5E02550748
Request Chain 115
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007FDA9416622F00F2340214D86B&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FDA94166259091E5E02550748
Request Chain 116
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=d7692321-bc03-5336-ad1e-70d0cf08e40a
Request Chain 117
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=d7692321-bc03-5336-ad1e-70d0cf08e40a
Request Chain 118
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9ba302ec-472d-4b09-492a-50d4b922bb7a
Request Chain 119
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=2b755716-2b95-47f9-51a3-750d78d54f8d
Request Chain 153
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 161
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 173
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

192 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.profiwins.com.ua/
Redirect Chain
  • http://profiwins.com.ua/
  • https://profiwins.com.ua/
  • https://www.profiwins.com.ua/
63 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
b17794f7e2d84ecc6d0921d848a03b790270367edd6fdfefe349b7ed09bff87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:04 GMT
content-type
text/html; charset=UTF-8
content-length
14491
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
x-ua-compatible
IE=7
etag
702e5a9801d2f7a5456e3e1cf4c5c93f
expires
Mon, 1 Jan 2001 00:00:00 GMT
last-modified
Wed, 23 Feb 2022 20:11:04 GMT
cache-control
post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload

Redirect headers

server
nginx
date
Wed, 23 Feb 2022 20:11:04 GMT
content-type
text/html; charset=iso-8859-1
content-length
237
location
https://www.profiwins.com.ua/
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-12396079-1
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
45707af201f251ba031f89b6bb40773f815d172e5c8900000261ecbb67f33196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37327
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 19:47:47 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Feb 2022 20:11:05 GMT
jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
www.profiwins.com.ua/tmp/ 		70 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
5db288a1ccc37096a01cc7b1d8a81b50574bb6f1d05bb853576a777ab549b8d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
no-cache, max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Sat, 21 Feb 2032 20:11:05 GMT
mod_jflanguageselection.css
www.profiwins.com.ua/modules/mod_jflanguageselection/tmpl/ 		1 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.profiwins.com.ua/modules/mod_jflanguageselection/tmpl/mod_jflanguageselection.css
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
9e80ec93ffc593ad9342f90315d082d3ad96d79f9bbf34ea2cd58ba37961cb60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
last-modified
Sun, 14 Apr 2019 14:52:33 GMT
server
nginx
etag
W/"5cb34931-54d"
content-type
text/css
jsn_epic_pro_javascript_46193e38169423faa003aea2eb28240c.php
www.profiwins.com.ua/tmp/ 		151 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.profiwins.com.ua/tmp/jsn_epic_pro_javascript_46193e38169423faa003aea2eb28240c.php
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
230c0a0b99155abfa61700bd003207d30c53cb574cd6077a1a8c667b4b1d2c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Sat, 21 Feb 2032 20:11:05 GMT
logo.webp
www.profiwins.com.ua/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/images/logo.webp
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
f9ac49aa969036442a66c7c435fe4b532dc221fa3c67a9cf011f9e6657210760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Sun, 07 Apr 2019 13:31:08 GMT
server
nginx
etag
"7f6-585f0bb811f00"
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=5184000
accept-ranges
bytes
content-length
2038
expires
Sun, 24 Apr 2022 20:11:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2ff98349906c4dc77e21c35f9299c2a392e37ceb96ac0214a53bc12752289de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53814
x-xss-protection
0
server
cafe
etag
15818698615027665284
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 23 Feb 2022 20:11:05 GMT
uk.gif
www.profiwins.com.ua/components/com_joomfish/images/flags/ 		52 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/components/com_joomfish/images/flags/uk.gif
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
5babae44ccd4e4c30c25ddb3edfd489385f0ab4359bb817289f9e02cee741e60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Sun, 17 Sep 2017 11:39:28 GMT
server
nginx
accept-ranges
bytes
etag
"59be5ef0-34"
content-length
52
content-type
image/gif
ru.gif
www.profiwins.com.ua/components/com_joomfish/images/flags/ 		497 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/components/com_joomfish/images/flags/ru.gif
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
277e87f95679af1d6b02f1b782ccc7bc71103f807f1f22efd0b4af14539f4823

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 25 Mar 2019 14:45:44 GMT
server
nginx
accept-ranges
bytes
etag
"5c98e998-1f1"
content-length
497
content-type
image/gif
profi.webp
www.profiwins.com.ua/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/images/profi.webp
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
e98885f75480fc7d67e5dca66f81a6fef919fbb11c7881e9039e9e873d8e4400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 01 Apr 2019 13:06:54 GMT
server
nginx
etag
"9b3c-58577b1ca9780"
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=5184000
accept-ranges
bytes
content-length
39740
expires
Sun, 24 Apr 2022 20:11:05 GMT
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com.ua/coop/cse/brand?form=cse-search-box&lang=ru
  • https://www.gstatic.com/prose/brandjs.js
14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:58:24 GMT
x-content-type-options
nosniff
age
18761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13880
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 24 Feb 2022 14:58:24 GMT

Redirect headers

date
Wed, 23 Feb 2022 19:57:12 GMT
x-content-type-options
nosniff
server
sffe
age
833
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Wed, 23 Feb 2022 20:27:12 GMT
10414a.png
informer.weather.in.ua/ru/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://informer.weather.in.ua/ru/12/10414a.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.149.0.220 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
weather.in.ua
Software
Apache/2.4.37 (FreeBSD) mod_fcgid/2.3.9 OpenSSL/1.0.2q /
Resource Hash
8bda476dffd72bc6dfee0b1034fe8603ed761f43ec51328fab51a1323e415e0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 20:11:05 GMT
Last-Modified
Wed, 23 Feb 2022 20:11:05 GMT
Server
Apache/2.4.37 (FreeBSD) mod_fcgid/2.3.9 OpenSSL/1.0.2q
ETag
"6f7197-28c4-5d8b21f921940"
Content-Type
image/png
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10436
Expires
Wed, 23 Feb 2022 21:11:05 GMT
tag.js
mc.yandex.ru/metrika/ 		199 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
br
last-modified
Fri, 18 Feb 2022 11:36:57 GMT
etag
"620f5aa9-10fdc"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69596
expires
Wed, 23 Feb 2022 21:11:05 GMT
bg-master.jpg
www.profiwins.com.ua/templates/jsn_epic_pro/images/colors/blue/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/templates/jsn_epic_pro/images/colors/blue/bg-master.jpg
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
af0683b2d46cf9c455a8303ed7c20e777969e49150312bdb6b9a66b2ae8fe9fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Sat, 20 Apr 2019 17:58:49 GMT
server
nginx
accept-ranges
bytes
etag
"5cbb5dd9-d61"
content-length
3425
content-type
image/jpeg
bg-promo.jpg
www.profiwins.com.ua/templates/jsn_epic_pro/images/backgrounds/ 		446 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/templates/jsn_epic_pro/images/backgrounds/bg-promo.jpg
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
d8085a6ade30a8c9d30eca4703d41216c55590ab44a0c1c2b8c65e379aca6bf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Sat, 20 Jan 2018 11:50:56 GMT
server
nginx
accept-ranges
bytes
etag
"5a632d20-1be"
content-length
446
content-type
image/jpeg
icons-uni.png
www.profiwins.com.ua/templates/jsn_epic_pro/images/icons/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/templates/jsn_epic_pro/images/icons/icons-uni.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
698f880e0fc0f807680fd4fb53b443727f1f240c405517547c597f65b4676437

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Tue, 24 Oct 2017 11:00:40 GMT
server
nginx
accept-ranges
bytes
etag
"59ef1d58-292a"
content-length
10538
content-type
image/png
bg-mainmenu.png
www.profiwins.com.ua/templates/jsn_epic_pro/images/colors/blue/ 		77 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/templates/jsn_epic_pro/images/colors/blue/bg-mainmenu.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
ebb9ce92e156d2721526ee192c0b770c899f12563ec4f368bdfe67786fcec915

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Tue, 24 Oct 2017 11:00:40 GMT
server
nginx
accept-ranges
bytes
etag
"59ef1d58-4d"
content-length
77
content-type
image/png
icons-sitetools-text.png
www.profiwins.com.ua/templates/jsn_epic_pro/images/icons/ 		600 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/templates/jsn_epic_pro/images/icons/icons-sitetools-text.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
2eae4188de52da8f5ef0212a55bdd7fa8e64bccc019fc9701ae7f1644a9e1369

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 01 Apr 2019 14:13:25 GMT
server
nginx
accept-ranges
bytes
etag
"5ca21c85-258"
content-length
600
content-type
image/png
icons-sitetools-width.png
www.profiwins.com.ua/templates/jsn_epic_pro/images/icons/ 		207 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/templates/jsn_epic_pro/images/icons/icons-sitetools-width.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
e09604afd8d9512c4b13cc6580913eaa5c94f55800dcaa0cff36058eebf3d62d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Tue, 24 Oct 2017 11:00:40 GMT
server
nginx
accept-ranges
bytes
etag
"59ef1d58-cf"
content-length
207
content-type
image/png
icons-sitetools-color.png
www.profiwins.com.ua/templates/jsn_epic_pro/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/templates/jsn_epic_pro/images/icons/icons-sitetools-color.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
1e3fe6e5edda3ffe8d47a54c1c6c8e6468d4ec7549ebb03d11924b0fd64b4532

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Tue, 24 Oct 2017 11:00:40 GMT
server
nginx
accept-ranges
bytes
etag
"59ef1d58-48a"
content-length
1162
content-type
image/png
bg-leftside.png
www.profiwins.com.ua/templates/jsn_epic_pro/images/backgrounds/ 		72 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/templates/jsn_epic_pro/images/backgrounds/bg-leftside.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
566222f3d947bc665c944ccb2052838d1f67eecd6dfc0086f7af32a5ba3c4e2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 01 Apr 2019 14:15:52 GMT
server
nginx
accept-ranges
bytes
etag
"5ca21d18-48"
content-length
72
content-type
image/png
bg-rightside.png
www.profiwins.com.ua/templates/jsn_epic_pro/images/backgrounds/ 		72 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/templates/jsn_epic_pro/images/backgrounds/bg-rightside.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
a2c7d56aab1e0e4e8fb43f633dc1a78b6d59b39746bb4b874931e2f0351650b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 01 Apr 2019 14:16:30 GMT
server
nginx
accept-ranges
bytes
etag
"5ca21d3e-48"
content-length
72
content-type
image/png
icons-base.png
www.profiwins.com.ua/templates/jsn_epic_pro/images/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/templates/jsn_epic_pro/images/icons/icons-base.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
76f12cfde84587f0d96b7ff3598f70a5f79eb15ed85ee502eb23b113060ebce5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Sat, 20 Apr 2019 19:18:12 GMT
server
nginx
accept-ranges
bytes
etag
"5cbb7074-d7f"
content-length
3455
content-type
image/png
icons-arrow.png
www.profiwins.com.ua/templates/jsn_epic_pro/images/icons/ 		195 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.profiwins.com.ua/templates/jsn_epic_pro/images/icons/icons-arrow.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.233.37.160 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-37972.vps-default-host.net
Software
nginx /
Resource Hash
231ae8b0f4c1cba4a93d3e240e95537ece2064c9d1299cdb1ede13a0a0c148e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/tmp/jsn_epic_pro_css_f3cd65abaf643c2f24618f5fd5842199.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 01 Apr 2019 14:15:10 GMT
server
nginx
accept-ranges
bytes
etag
"5ca21cee-c3"
content-length
195
content-type
image/png
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9558.VjJLdGeOcezpLGh2cchk4Th_dl6RnvbJEI13G1GnXaVZgAXgPyipskSjzvr3RoOI.AYK97Jw9XuyVdvE_KiAsrfbpbbE%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9558.DoQQgg5rzr9siuI4uE3Ix_Tv8iHcygRmfvnyYllPF8HEFPGmtxREomaIq1UY0fWc2t-Xyjm_e223sqzNCHCWwA%2C%2C.QxlcTLgsTQ0J0UZN6M0Na5o6TOc%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9558.DoQQgg5rzr9siuI4uE3Ix_Tv8iHcygRmfvnyYllPF8HEFPGmtxREomaIq1UY0fWc2t-Xyjm_e223sqzNCHCWwA%2C%2C.QxlcTLgsTQ0J0UZN6M0Na5o6TOc%2C
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9558.DoQQgg5rzr9siuI4uE3Ix_Tv8iHcygRmfvnyYllPF8HEFPGmtxREomaIq1UY0fWc2t-Xyjm_e223sqzNCHCWwA%2C%2C.QxlcTLgsTQ0J0UZN6M0Na5o6TOc%2C
date
Wed, 23 Feb 2022 20:11:05 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-12396079-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2172
date
Wed, 23 Feb 2022 19:34:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 23 Feb 2022 21:34:53 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 		290 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39dfbe5cd674c37ea792b5d7290024ca11389f7d0d1eff30882530c5770be70a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106770
x-xss-protection
0
server
cafe
etag
10234227230646123618
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 23 Feb 2022 20:11:05 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220217/r20190131/ Frame 840A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220217/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Tue, 22 Feb 2022 23:39:52 GMT
expires
Tue, 08 Mar 2022 23:39:52 GMT
cache-control
public, max-age=1209600
age
73873
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
branding.png
www.google.com/cse/static/images/1x/ru/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/ru/branding.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 06:32:13 GMT
x-content-type-options
nosniff
age
481132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1377
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 18 Feb 2023 06:32:13 GMT
main.js
go.rcvlink.com/static/ Frame D79C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/static/main.js
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
f2254ae098fc7b264add5ce32d49db8ab7579a75f8c91d8044e2219d1676be93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 22:06:27 GMT
server
nginx
etag
W/"61981fe3-1903"
content-type
application/javascript
cache-control
max-age=86400
expires
Thu, 24 Feb 2022 20:11:05 GMT
uah
old.kurs.com.ua/informer/mini2/nbu/usd/uah/eur/uah/rub/ Frame 9841 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://old.kurs.com.ua/informer/mini2/nbu/usd/uah/eur/uah/rub/uah?color=blue
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.217.59.106 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
web3.mezhbank.kiev.ua
Software
nginx /
Resource Hash
1e4a906d7e53b222018567c3b4ecc7b85c99fe9fdfe38542a8b1687717a28fac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:05 GMT
content-type
text/html; charset=UTF-8
content-encoding
gzip
vary
Accept-Encoding
jsunit
a4p.adpartner.pro/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=5348&ref=&0.9794643539435943
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
5790e178ba85fa2d90988268b53a3539196fdbe623c72375c41399b64f351462

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
hit
c.hit.ua/ 		279 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.hit.ua/hit?i=36936&g=0&x=4&s=1&c=1&t=0&w=1600&h=1200&d=24&0.013938890348685007&r=&u=https%3A//www.profiwins.com.ua/
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
c.hit.ua
Software
nginx/1.17.9 /
Resource Hash
df77a933ca5c8ae1c271d5c2d544ebaf9c949d29f3982db6b3273f0899069bec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
server
nginx/1.17.9
p3p
policyref="/w3c/p3p.xml", CP="UNI"
expires
0
1
mc.yandex.com/watch/86305497/
Redirect Chain
  • https://mc.yandex.com/watch/86305497?wmode=7&page-url=https%3A%2F%2Fwww.profiwins.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A447%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.com/watch/86305497/1?wmode=7&page-url=https%3A%2F%2Fwww.profiwins.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A447%3Afu%3A0%3Aen%3Autf...
331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/86305497/1?wmode=7&page-url=https%3A%2F%2Fwww.profiwins.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A447%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A105490490728%3Ahid%3A904615789%3Az%3A0%3Ai%3A20220223201105%3Aet%3A1645647065%3Ac%3A1%3Arn%3A785132990%3Arqn%3A1%3Au%3A1645647065850466643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1645647064752%3Ads%3A0%2C0%2C76%2C1%2C186%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1645647065%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BF%D1%80%D0%B8%D0%BD%D0%B8%D0%BC%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B8%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2-%D0%9F%D1%80%D0%BE%D1%84%D0%B8%20%D0%92%D0%B8%D0%BD%D1%81&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
d48d73407fbd6b22e2a22365aa1e58f6ec65c0ff17b9fb228c005b8a3bc03cb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 23-Feb-2022 20:11:05 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.profiwins.com.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Wed, 23-Feb-2022 20:11:05 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Wed, 23-Feb-2022 20:11:05 GMT
location
/watch/86305497/1?wmode=7&page-url=https%3A%2F%2Fwww.profiwins.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A447%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A105490490728%3Ahid%3A904615789%3Az%3A0%3Ai%3A20220223201105%3Aet%3A1645647065%3Ac%3A1%3Arn%3A785132990%3Arqn%3A1%3Au%3A1645647065850466643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1645647064752%3Ads%3A0%2C0%2C76%2C1%2C186%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1645647065%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BF%D1%80%D0%B8%D0%BD%D0%B8%D0%BC%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B8%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2-%D0%9F%D1%80%D0%BE%D1%84%D0%B8%20%D0%92%D0%B8%D0%BD%D1%81&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.profiwins.com.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 23-Feb-2022 20:11:05 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.profiwins.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3785
date
Wed, 23 Feb 2022 19:08:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 23 Feb 2022 21:08:00 GMT
1
recreativ.ru/cs/1/ Frame D79C 		34 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recreativ.ru/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
eeb2ecfb5307e9fe6846bc063342377f9d270afa95dcce178f3ecfaf7d2714b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b27
cache-control
private, max-age=315360000
expires
Sat, 21 Feb 2032 22:11:05 +0200
1
go.rcvlink.com/cs/1/ Frame D79C 		34 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
af1438f1ec8c196d59e38806b1d4de029488cc663c363b09789c8bf7a6ab9b9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b21
cache-control
private, max-age=315360000
expires
Sat, 21 Feb 2032 22:11:05 +0200
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1078848847&t=pageview&_s=1&dl=https%3A%2F%2Fwww.profiwins.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BF%D1%80%D0%B8%D0%BD%D0%B8%D0%BC%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B8%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2-%D0%9F%D1%80%D0%BE%D1%84%D0%B8%20%D0%92%D0%B8%D0%BD%D1%81&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1388262684&gjid=1186169473&cid=2001542824.1645647065&tid=UA-12396079-1&_gid=277418627.1645647065&_r=1&gtm=2ou2g0&z=974357064
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.profiwins.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.profiwins.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		220 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.profiwins.com.ua&callback=_gfp_s_&client=ca-pub-4655477630891812
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a31f4b39785a332932a800708d7ed022d83b9c305793ee3a2ed9804ccccba7ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.profiwins.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.profiwins.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3D6E 		76 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9915f53ab8194cf5bc033ca46214c6354b439a8500352f1215b572ab78bcb7c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 23 Feb 2022 20:11:05 GMT
server
cafe
content-length
22534
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 23 Feb 2022 20:11:05 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BF2E 		73 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0acb9e79744f523e8fe8c2c64cfacdc4276d740084ed36fc8088ed3b033de533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 23 Feb 2022 20:11:05 GMT
server
cafe
content-length
29425
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 23 Feb 2022 20:11:05 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 646C 		73 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
381154cfcfbe019a0cd5bd8e473aadaf497dd16e41b4a0a0ab684dd1c0c71cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 23 Feb 2022 20:11:05 GMT
server
cafe
content-length
29426
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 23 Feb 2022 20:11:05 GMT
cache-control
private
1
go.rcvlink.com/cs/1/ Frame D79C 		34 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
eeb2ecfb5307e9fe6846bc063342377f9d270afa95dcce178f3ecfaf7d2714b6

Request headers

Cache-Control
max-age=0
Referer
https://www.profiwins.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-cache
t5TY6tXduG762h0

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
https://www.profiwins.com.ua
hn
b15
cache-control
private, max-age=315360000
access-control-allow-credentials
true
expires
Sat, 21 Feb 2032 22:11:05 +0200
1
go.rcvlink.com/cs/1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,x-cache
Origin
https://www.profiwins.com.ua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:05 GMT
hn
b21
access-control-allow-origin
*
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-headers
Cache-Control, x-cache
access-control-max-age
86400
tt
a4p.adpartner.pro/ Frame 5923 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06&session_pageview=1&session_id=4f048c4b-a8ec-4631-8525-124bd40744a5&site_visited=1&location=https%3A%2F%2Fwww.profiwins.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=5348&ref=&0.9794643539435943
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:05 GMT
cache-control
no-store no-transform
ls
a4p.adpartner.pro/jsunit/ Frame 070D 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=5348&unit_id=5348&shown=&session_pageview=1&session_id=4f048c4b-a8ec-4631-8525-124bd40744a5&site_visited=1&apuid=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06&width=258&screen_width=1600&reload_count=0&banner_num=1645647065425737730&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.profiwins.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=5348&ref=&0.9794643539435943
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
2c4d792dd2af77b821e6c6bec6b9bb04114521c4d2e2ac30cf46f543b253bd31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:05 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
reset.css
old.kurs.com.ua/static/css/ Frame 9841 		951 B
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://old.kurs.com.ua/static/css/reset.css
Requested by
Host: old.kurs.com.ua
URL: https://old.kurs.com.ua/informer/mini2/nbu/usd/uah/eur/uah/rub/uah?color=blue
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.217.59.106 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
web3.mezhbank.kiev.ua
Software
nginx /
Resource Hash
3f9d6c6839e19acae9e99369997aec9d2e94fb11020fe5f4090c41b80ad9d53c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://old.kurs.com.ua/informer/mini2/nbu/usd/uah/eur/uah/rub/uah?color=blue
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 17:36:00 GMT
server
nginx
etag
W/"5b1eb300-3b7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Wed, 02 Mar 2022 20:11:05 GMT
style.css
old.kurs.com.ua/static/css/informer/2/ Frame 9841 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://old.kurs.com.ua/static/css/informer/2/style.css
Requested by
Host: old.kurs.com.ua
URL: https://old.kurs.com.ua/informer/mini2/nbu/usd/uah/eur/uah/rub/uah?color=blue
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.217.59.106 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
web3.mezhbank.kiev.ua
Software
nginx /
Resource Hash
56aec9d85e0accc7291ac7571037934e566b05f223fffa5bd160e16bfd390639

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://old.kurs.com.ua/informer/mini2/nbu/usd/uah/eur/uah/rub/uah?color=blue
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 17:35:59 GMT
server
nginx
etag
W/"5b1eb2ff-2d37"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Wed, 02 Mar 2022 20:11:05 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Fri, 18 Feb 2022 11:36:57 GMT
etag
"620f5aa9-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 23 Feb 2022 21:11:05 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2BE9 		199 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&adk=3516679816&adf=3032109062&lmt=1645647064&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065503&bpp=1&bdt=486&idt=1&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600%2C258x600&nras=1&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
871a77da18d79c4a261e293ab299e82a6bd2093eefe6c26b7848a591ab9c9b0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 23 Feb 2022 20:11:05 GMT
server
cafe
content-length
52800
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 23 Feb 2022 20:11:05 GMT
cache-control
private
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12396079-1&cid=2001542824.1645647065&jid=1388262684&gjid=1186169473&_gid=277418627.1645647065&_u=YEBAAUAAAAAAAC~&z=1719968996
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.profiwins.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 23 Feb 2022 20:11:05 GMT
content-type
text/plain
access-control-allow-origin
https://www.profiwins.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
tr_b.png
old.kurs.com.ua/static/css/informer/2/images/ Frame 9841 		197 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://old.kurs.com.ua/static/css/informer/2/images/tr_b.png
Requested by
Host: old.kurs.com.ua
URL: https://old.kurs.com.ua/static/css/informer/2/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.217.59.106 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
web3.mezhbank.kiev.ua
Software
nginx /
Resource Hash
556fcb4c726032950762d15b3d120984e85cef58e1eb8f0f729578000f0d50ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://old.kurs.com.ua/static/css/informer/2/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 11 Jun 2018 17:35:59 GMT
server
nginx
etag
"5b1eb2ff-c5"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
197
expires
Wed, 02 Mar 2022 20:11:05 GMT
tl_b.png
old.kurs.com.ua/static/css/informer/2/images/ Frame 9841 		192 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://old.kurs.com.ua/static/css/informer/2/images/tl_b.png
Requested by
Host: old.kurs.com.ua
URL: https://old.kurs.com.ua/static/css/informer/2/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.217.59.106 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
web3.mezhbank.kiev.ua
Software
nginx /
Resource Hash
ebeab9818600d399c684ec87bb394d64ec54289519d28758ae30bbeef81f137f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://old.kurs.com.ua/static/css/informer/2/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 11 Jun 2018 17:35:59 GMT
server
nginx
etag
"5b1eb2ff-c0"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
192
expires
Wed, 02 Mar 2022 20:11:05 GMT
t_bg_b.png
old.kurs.com.ua/static/css/informer/2/images/ Frame 9841 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://old.kurs.com.ua/static/css/informer/2/images/t_bg_b.png
Requested by
Host: old.kurs.com.ua
URL: https://old.kurs.com.ua/static/css/informer/2/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.217.59.106 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
web3.mezhbank.kiev.ua
Software
nginx /
Resource Hash
1fc1af1d0188475b6d647fa760d7b0b4adf2722981c6fd425f345480ead4b5d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://old.kurs.com.ua/static/css/informer/2/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 11 Jun 2018 17:35:59 GMT
server
nginx
etag
"5b1eb2ff-432"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1074
expires
Wed, 02 Mar 2022 20:11:05 GMT
logo_blue_mini.png
old.kurs.com.ua/static/css/informer/2/images/ Frame 9841 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://old.kurs.com.ua/static/css/informer/2/images/logo_blue_mini.png
Requested by
Host: old.kurs.com.ua
URL: https://old.kurs.com.ua/static/css/informer/2/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.217.59.106 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
web3.mezhbank.kiev.ua
Software
nginx /
Resource Hash
6c4f4dc111cc379a51c7f4b5604c8e1bf3d4010050aa077de6bdb0d5d5750b0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://old.kurs.com.ua/static/css/informer/2/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 11 Jun 2018 17:35:59 GMT
server
nginx
etag
"5b1eb2ff-73b"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1851
expires
Wed, 02 Mar 2022 20:11:05 GMT
br_b.png
old.kurs.com.ua/static/css/informer/2/images/ Frame 9841 		172 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://old.kurs.com.ua/static/css/informer/2/images/br_b.png
Requested by
Host: old.kurs.com.ua
URL: https://old.kurs.com.ua/static/css/informer/2/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.217.59.106 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
web3.mezhbank.kiev.ua
Software
nginx /
Resource Hash
2e43e9cb16b2037f7a183b4c4b7f6b330b20c32f30799f5c02160ee38bd786b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://old.kurs.com.ua/static/css/informer/2/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 11 Jun 2018 17:35:59 GMT
server
nginx
etag
"5b1eb2ff-ac"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
172
expires
Wed, 02 Mar 2022 20:11:05 GMT
bl_b.png
old.kurs.com.ua/static/css/informer/2/images/ Frame 9841 		185 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://old.kurs.com.ua/static/css/informer/2/images/bl_b.png
Requested by
Host: old.kurs.com.ua
URL: https://old.kurs.com.ua/static/css/informer/2/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.217.59.106 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
web3.mezhbank.kiev.ua
Software
nginx /
Resource Hash
5205a9a62dace0577f56bb4d3e770415c953cef726db543f423b99c606577fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://old.kurs.com.ua/static/css/informer/2/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 11 Jun 2018 17:35:59 GMT
server
nginx
etag
"5b1eb2ff-b9"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
185
expires
Wed, 02 Mar 2022 20:11:05 GMT
b_bg_b.png
old.kurs.com.ua/static/css/informer/2/images/ Frame 9841 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://old.kurs.com.ua/static/css/informer/2/images/b_bg_b.png
Requested by
Host: old.kurs.com.ua
URL: https://old.kurs.com.ua/static/css/informer/2/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.217.59.106 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
web3.mezhbank.kiev.ua
Software
nginx /
Resource Hash
8241de3d9228ded3595b20d95bc7e1916446e834bcf0e941ef5fef2c8a44c495

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://old.kurs.com.ua/static/css/informer/2/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 11 Jun 2018 17:35:59 GMT
server
nginx
etag
"5b1eb2ff-436"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1078
expires
Wed, 02 Mar 2022 20:11:05 GMT
iframe.htm
go.rcvlink.com/static/ Frame DA8E 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/static/iframe.htm
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
84f32b111182553f0d4f2550050b9989e56d8ced91aff3d8409664089053a209

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:05 GMT
content-type
text/html
last-modified
Fri, 04 Feb 2022 14:58:20 GMT
etag
W/"61fd3f0c-4415"
expires
Thu, 24 Feb 2022 20:11:05 GMT
cache-control
max-age=86400
content-encoding
gzip
iframe.htm
go.rcvlink.com/static/ Frame FBFB 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/static/iframe.htm
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
84f32b111182553f0d4f2550050b9989e56d8ced91aff3d8409664089053a209

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:05 GMT
content-type
text/html
last-modified
Fri, 04 Feb 2022 14:58:20 GMT
etag
W/"61fd3f0c-4415"
expires
Thu, 24 Feb 2022 20:11:05 GMT
cache-control
max-age=86400
content-encoding
gzip
analytics.js
www.google-analytics.com/ Frame 070D 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=5348&unit_id=5348&shown=&session_pageview=1&session_id=4f048c4b-a8ec-4631-8525-124bd40744a5&site_visited=1&apuid=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06&width=258&screen_width=1600&reload_count=0&banner_num=1645647065425737730&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.profiwins.com.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2172
date
Wed, 23 Feb 2022 19:34:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 23 Feb 2022 21:34:53 GMT
jsunit
a4p.adpartner.pro/ Frame 070D 		29 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1645647065425737730&id=5348&is_in_viewport=1&ref=&reload_count=0&session_id=4f048c4b-a8ec-4631-8525-124bd40744a5&session_pageview=1&shown=&site_visited=1&unit_id=5348
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=5348&unit_id=5348&shown=&session_pageview=1&session_id=4f048c4b-a8ec-4631-8525-124bd40744a5&site_visited=1&apuid=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06&width=258&screen_width=1600&reload_count=0&banner_num=1645647065425737730&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.profiwins.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
984cdf6e8d862ac22b4a762fb6ebe83cf716b617fa0d582b61709702a673df32

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=5348&unit_id=5348&shown=&session_pageview=1&session_id=4f048c4b-a8ec-4631-8525-124bd40744a5&site_visited=1&apuid=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06&width=258&screen_width=1600&reload_count=0&banner_num=1645647065425737730&is_in_viewport=1&ref=&location=https%3A%2F%2Fwww.profiwins.com.ua%2F
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Wed, 23 Feb 2022 20:11:05 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
go.rcvlink.com/bdto/041bf14566/ Frame DA8E 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/bdto/041bf14566/?cache=t5TY6tXduG762h0&ver=220204-1658&w=258&h=0&vw=1600&ms=239.0&ref=https%3A%2F%2Fwww.profiwins.com.ua%2F
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
0b186e395705e5c1c8608d2df82f9b08fb11376742d6b42bd8e5f95948840452

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 20:11:05 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
*
hn
b25
cache-control
no-cache, no-store, no-transform, must-revalidate
content-type
application/json
expires
Wed, 23 Feb 2022 22:11:05 +0200
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12396079-1&cid=2001542824.1645647065&jid=1388262684&_u=YEBAAUAAAAAAAC~&z=544788480
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12396079-1&cid=2001542824.1645647065&jid=1388262684&_u=YEBAAUAAAAAAAC~&z=544788480
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7f4015c1c353e9d0354186ea45a77ac7
st11.rcvlink.com/2/200/ Frame DA8E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/200/7f4015c1c353e9d0354186ea45a77ac7
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
60fe3d31fa37d2b79b59e2047eee2698289c35bd367607991f5b3ba9d4e7401c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Fri, 17 Dec 2021 13:26:52 GMT
server
nginx
etag
"61bc901c-14240"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
10782
expires
Tue, 24 May 2022 20:11:05 GMT
f0fc7b4556c5d2719f6f58782500f3d5
st11.rcvlink.com/2/200/ Frame DA8E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/200/f0fc7b4556c5d2719f6f58782500f3d5
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
5f186e86c635c4a8ee31077c86173a93e715f0a9a349d7648a6b6787fe1e7958

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Sat, 25 Dec 2021 07:28:19 GMT
server
nginx
etag
"61c6c813-1640f"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
9962
expires
Tue, 24 May 2022 20:11:05 GMT
618bb368d4ca2b981a0e5ecf1a7a581d
st11.rcvlink.com/2/200/ Frame DA8E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/200/618bb368d4ca2b981a0e5ecf1a7a581d
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
5210ee69b0d0dcf7a214037989417e23562015204a11d90b6c2e42d66355aff0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Fri, 17 Dec 2021 13:33:09 GMT
server
nginx
etag
"61bc9195-ab7c"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
5750
expires
Tue, 24 May 2022 20:11:05 GMT
4171746c1c98b40ab31f8d6a55dfe17e
st11.rcvlink.com/2/200/ Frame DA8E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/200/4171746c1c98b40ab31f8d6a55dfe17e
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
8607b324d0f42802a3b8aa147f86c932c1e75f41e25289b131316ca81c364348

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Fri, 14 May 2021 14:45:02 GMT
server
nginx
etag
"609e8cee-dbdd"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
8122
expires
Tue, 24 May 2022 20:11:05 GMT
logo160.png
go.rcvlink.com/img/ Frame DA8E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/img/logo160.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 21 Jan 2019 15:07:51 GMT
server
nginx
etag
"5c45e047-1869"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6249
expires
Wed, 02 Mar 2022 20:11:05 GMT
/
go.rcvlink.com/bdto/da1b31db09/ Frame FBFB 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/bdto/da1b31db09/?cache=t5TY6tXduG762h0&ver=220204-1658&w=258&h=0&vw=1600&ms=254.39&ref=https%3A%2F%2Fwww.profiwins.com.ua%2F
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e6f8ae688529415390181f20a1e78385851c6f14d2ebd8719c81060e18aff4c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 20:11:05 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
*
hn
b24
cache-control
no-cache, no-store, no-transform, must-revalidate
content-type
application/json
expires
Wed, 23 Feb 2022 22:11:05 +0200
618bb368d4ca2b981a0e5ecf1a7a581d
st11.rcvlink.com/2/304/ Frame FBFB 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/618bb368d4ca2b981a0e5ecf1a7a581d
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e779e1a1547af5542eb2652cd73472e359f8b309baa94965eb3f17e3d777d00d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Fri, 17 Dec 2021 13:33:09 GMT
server
nginx
etag
"61bc9195-ab7c"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
10418
expires
Tue, 24 May 2022 20:11:05 GMT
f0fc7b4556c5d2719f6f58782500f3d5
st11.rcvlink.com/2/304/ Frame FBFB 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/f0fc7b4556c5d2719f6f58782500f3d5
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
275f05aaddf8c1856878e9167885f23b6b9aac25db8b96e4bf4abf5a0aaa4346

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Sat, 25 Dec 2021 07:28:19 GMT
server
nginx
etag
"61c6c813-1640f"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
19368
expires
Tue, 24 May 2022 20:11:05 GMT
6c21f5deac4180f145f70da00e1e62e1
st11.rcvlink.com/2/304/ Frame FBFB 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/6c21f5deac4180f145f70da00e1e62e1
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
80241b6a40d6f17068b1a18b7121fc130a37115d6e208a5c0dce126d4fa37aac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Fri, 14 May 2021 14:43:49 GMT
server
nginx
etag
"609e8ca5-11e16"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
19480
expires
Tue, 24 May 2022 20:11:05 GMT
7f4015c1c353e9d0354186ea45a77ac7
st11.rcvlink.com/2/304/ Frame FBFB 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/7f4015c1c353e9d0354186ea45a77ac7
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
8aa817ef6f16f4b37aaadb892254b3685baac97247db0b04e259d4f77c9a7866

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Fri, 17 Dec 2021 13:26:52 GMT
server
nginx
etag
"61bc901c-14240"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
21056
expires
Tue, 24 May 2022 20:11:05 GMT
logo160.png
go.rcvlink.com/img/ Frame FBFB 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/img/logo160.png
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Mon, 21 Jan 2019 15:07:51 GMT
server
nginx
etag
"5c45e047-1869"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6249
expires
Wed, 02 Mar 2022 20:11:05 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 		150 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c2e1f896640826f6c1c409217903c7200a528231eb0981021f7d62081b9bc01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54549
x-xss-protection
0
server
cafe
etag
8646758914224833580
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Feb 2022 20:11:05 GMT
css
fonts.googleapis.com/ Frame 3D6E 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 19:12:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 23 Feb 2022 20:11:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Feb 2022 20:11:06 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 3D6E 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:07:00 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/ Frame 3D6E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:07:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 3D6E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:08:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D6E 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Feb 2022 20:11:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 3D6E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:06:15 GMT
638238a1c081a92848b457a11fb7df3a.js
www.gstatic.com/mysidia/ Frame 3D6E 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 00:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11768
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 01:11:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 24 May 2022 00:57:37 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3D6E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTWqV2ZQWYue8H6WT1fAP1YWHsA2pytTLaPWfndHCD8jwze6rCRABIImfoBlgleKQgqAHoAHZmb_TAcgBAakCVFXcSO_7sj6oAwGqBO0BT9AD0QdeU29v8Aax9Ihz4ibZYmlDuyvomqKmx-y39NGgB68JuCY0fjklph0N_faMU7opUZ7g4aicQXoJuKvpwRAJ_DkNOyVhDxnvWeD_Nx_S0R1tbYjTM2zmWmlZGECYFWuFOSWq16vGxx9YqvBJILCzKBRlpfS5igtxmppokngx-8tTaLtyXCZaSfm1OIFyeCt-W-vCuKTYr6x0sVNVkJjPyBvyNgydtX6bHfOAgvLetUAb2t0lmX9zE_hKPrwsnWHRJt0rMScglLn5TGu93ctk2HeE5fMSfA8a-7GRF59XoD2fAJMjp0v-EOgzwASI0Knt-QOSBQQIBBgBkgUECAUYBIAHj-bArAKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCw_gPSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDY1NTQ3NzYzMDg5MTgxMhgA&sigh=Q7FtOGt8iZY&uach_m=[UACH]&cid=CAQSGwCNIrLMsAsZ9MKkq98dACp1kGD0xfIhL7a32BgB&template_id=5001
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 23 Feb 2022 20:11:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Feb 2022 20:11:05 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/5968225778439813525/ Frame 3D6E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5968225778439813525/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
761122ebb67d86de414f4b09f509f7c4612b6673dedfe6a956fa4eed895bfe74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 19:20:47 GMT
x-content-type-options
nosniff
age
262219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2534
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 20:13:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 20 Feb 2023 19:20:47 GMT
3168921189222110028
tpc.googlesyndication.com/daca_images/simgad/ Frame 646C 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3168921189222110028
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2be4a627e6055354414e5f9da1474454aa6e3a5e231a789b169a23efce1857a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:01:46 GMT
x-content-type-options
nosniff
age
162560
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85198
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 15:57:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 21 Feb 2023 23:01:46 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/ Frame 646C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:07:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 646C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:08:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 646C 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Feb 2022 20:11:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 646C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:06:15 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 646C 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6e5969f81d359480c859d669acbb28b5cbf4d8885c14d2700af859220edfdd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11802
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11757
x-xss-protection
0
server
cafe
etag
16992248388390577427
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 16:54:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 646C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CuLHw2ZQWYqKWIJ23nsEPtvq54A2pytTLaPvHrdXMD8jwze6rCRABIImfoBlgleKQgqAHoAHZmb_TAcgBAqkCVFXcSO_7sj6oAwHIA8kEqgTTAU_QtaKvjgMXECorYmkI7QwH1o7O0JoHsLpoL9wXH0k50dVInBbREOQLAKwak44Qu3tKa9p-0XkNgWpnNlzpekX0Jt57hF5hsJUgN-QLstL716KhZ9O1TS3KsNNs_AbXbFcj_9u7vkQ2F4vXd90_8r41_Xe628-KJbiNjOnasQPxUfEq3clmoxhuuwfTeIyqql22ycC8ChjkX6MzroSV0KeCekDRINwqFYm3HyyfZ4wDFf0DcBmMginjOOl-1GxsnzHmWGGa64fT5xPul0FKjUmrjMnABIjQqe35A5IFBAgEGAGSBQQIBRgEoAYCgAeP5sCsAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELKKBNIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00NjU1NDc3NjMwODkxODEyGAA&sigh=d90eEUd3dO4&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 23 Feb 2022 20:11:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Feb 2022 20:11:06 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.profiwins.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.profiwins.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/ Frame 0987 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Wed, 23 Feb 2022 00:24:09 GMT
expires
Wed, 09 Mar 2022 00:24:09 GMT
cache-control
public, max-age=1209600
age
71216
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/ Frame 3B38 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Wed, 23 Feb 2022 00:24:09 GMT
expires
Wed, 09 Mar 2022 00:24:09 GMT
cache-control
public, max-age=1209600
age
71216
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
3168921189222110028
tpc.googlesyndication.com/daca_images/simgad/ Frame BF2E 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3168921189222110028
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2be4a627e6055354414e5f9da1474454aa6e3a5e231a789b169a23efce1857a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 23:01:46 GMT
x-content-type-options
nosniff
age
162560
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85198
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 15:57:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 21 Feb 2023 23:01:46 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/ Frame BF2E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:07:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame BF2E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:08:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF2E 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Feb 2022 20:11:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame BF2E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:06:15 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame BF2E 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6e5969f81d359480c859d669acbb28b5cbf4d8885c14d2700af859220edfdd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:54:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11802
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11757
x-xss-protection
0
server
cafe
etag
16992248388390577427
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 16:54:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BF2E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3VzL2ZQWYsT5H4_OnsEPia-dwA-pytTLaPvHrdXMD8jwze6rCRABIImfoBlgleKQgqAHoAHZmb_TAcgBAqkCqhA2B4P_sj6oAwHIA8kEqgTxAU_QZnlU6Si4h-WiARQqvJsuGd5FlhOxsKctyyTeaS_xiSr4Fs-sIxD7id8wWPge0wXDrdcUcRC9umJAw7kmmytdiP4Pk2m9ntAcvxR1eo8LygUE-zs63ijjt_5lrdDap30kjbR6gvZEQvrzSjJZBngDwVCejVlU5l6UN4aiFobUDNqOCJ1hZb-O2TNrwWPeyIR919qiF1deH5_VVY4wYYFEfji5VpNgV8UJTyOrbB_gzcDAGz_0jh464Mt98s4bD_hpG85ekzVQu5i02i3ubSUBHyZJB6R-Wy_MzigtNqBY4MAWHwyvknNMuhLZ2l4BPLHABIjQqe35A5IFBAgEGAGSBQQIBRgEoAYCgAeP5sCsAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKn0LdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00NjU1NDc3NjMwODkxODEyGAA&sigh=hpiqTXXZEJ0&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 23 Feb 2022 20:11:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Feb 2022 20:11:06 GMT
css
fonts.googleapis.com/ 		2 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1ea27fdcd7685662aafddcb85508914ec4dbeecfb6525a81e1e7976f385419b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 19:21:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 23 Feb 2022 20:11:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Feb 2022 20:11:06 GMT
logo_left.gif
file.adpartner.pro/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/logo_left.gif
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Thu, 24 Jan 2019 09:25:42 GMT
server
nginx
etag
"5c498496-a79"
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
2681
1px-matching-adpartner.gif
t.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 20:11:06 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
uid=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06
s.uuidksinc.net/match/798/ 		74 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/798/uid=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06
recreativ.ru/mtch/31/ 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recreativ.ru/mtch/31/9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

hn
b29
date
Wed, 23 Feb 2022 20:11:06 GMT
server
nginx
content-type
image/gif
pix
dsp-trk.eskimi.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/
Redirect Chain
  • https://px.adhigh.net/p/cm/adpdigital
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
49 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Server
91.207.59.213 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp8.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:06 GMT
server
nginx
x-backend-id
f8-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:05 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f8-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:06 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
123
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=adpartner&id=9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Feb 2022 20:10:51 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007FDA9416623100023402E46B7A&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FDA94166259091E5E02550748
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FDA94166259091E5E02550748
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Wed, 23 Feb 2022 20:11:06 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Wed, 23 Feb 2022 20:11:06 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FDA94166259091E5E02550748
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007FDA9416622F00F2340214D86B&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FDA94166259091E5E02550748
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FDA94166259091E5E02550748
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Wed, 23 Feb 2022 20:11:06 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Wed, 23 Feb 2022 20:11:06 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FDA94166259091E5E02550748
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=d7692321-bc03-5336-ad1e-70d0cf08e40a
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=d7692321-bc03-5336-ad1e-70d0cf08e40a
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Wed, 23 Feb 2022 20:11:06 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=d7692321-bc03-5336-ad1e-70d0cf08e40a
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=d7692321-bc03-5336-ad1e-70d0cf08e40a
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=d7692321-bc03-5336-ad1e-70d0cf08e40a
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Wed, 23 Feb 2022 20:11:06 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=d7692321-bc03-5336-ad1e-70d0cf08e40a
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9ba302ec-472d-4b09-492a-50d4b922bb7a
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9ba302ec-472d-4b09-492a-50d4b922bb7a
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Wed, 23 Feb 2022 20:11:06 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=9ba302ec-472d-4b09-492a-50d4b922bb7a
date
Wed, 23 Feb 2022 20:11:06 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=2b755716-2b95-47f9-51a3-750d78d54f8d
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=2b755716-2b95-47f9-51a3-750d78d54f8d
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Wed, 23 Feb 2022 20:11:06 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=2b755716-2b95-47f9-51a3-750d78d54f8d
date
Wed, 23 Feb 2022 20:11:06 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
if
a4p.adpartner.pro/tracker/ Frame 090E 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297866%2C%22cost%22%3A0.0000319305%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%221ba0152a-420d-4383-a662-30ffd71aa39f%22%7D%2C%7B%22ad_id%22%3A2337640%2C%22cost%22%3A0.0000204389%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225faae508-38e4-483c-b127-1d92d2239503%22%7D%2C%7B%22ad_id%22%3A2357740%2C%22cost%22%3A0.0000188954%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2239bdc4b9-588d-45e4-8c89-7d191c858c65%22%7D%2C%7B%22ad_id%22%3A2357767%2C%22cost%22%3A0.0000119241%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ab90383f-c8ea-4c6c-ba34-d5dadf64c3ab%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:06 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 80FF 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297866%2C%22cost%22%3A0.0000319305%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%221ba0152a-420d-4383-a662-30ffd71aa39f%22%7D%2C%7B%22ad_id%22%3A2337640%2C%22cost%22%3A0.0000204389%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225faae508-38e4-483c-b127-1d92d2239503%22%7D%2C%7B%22ad_id%22%3A2357740%2C%22cost%22%3A0.0000188954%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2239bdc4b9-588d-45e4-8c89-7d191c858c65%22%7D%2C%7B%22ad_id%22%3A2357767%2C%22cost%22%3A0.0000119241%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ab90383f-c8ea-4c6c-ba34-d5dadf64c3ab%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:06 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
2297866.webp
img.adpartner.pro/2297/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/2297/2297866.webp
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
3ac82b08ddc02c832fd4e7d6d3e598151a76a634234bb2434452802cefed6ae3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Wed, 29 Dec 2021 08:55:34 GMT
server
nginx
etag
"61cc2286-6106"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
24838
2337640.webp
img.adpartner.pro/2337/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/2337/2337640.webp
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
699823c7ce25fbcd0e6f13ec2f94385b0de6da0e4bcca7d646032b751bf32068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Wed, 12 Jan 2022 14:33:03 GMT
server
nginx
etag
"61dee69f-4aae"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
19118
2357740.webp
img.adpartner.pro/2357/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/2357/2357740.webp
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
25d5de999eef075239cd8f558b0ce9d38e361113adabb32d2a3bcd35de0d71a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Tue, 08 Feb 2022 13:29:02 GMT
server
nginx
etag
"6202701e-39ca"
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
14794
2357767.jpeg
img.adpartner.pro/2357/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.adpartner.pro/2357/2357767.jpeg
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
9d0d54472cf4f89577deac2fc9282413bceacee276efe979ee4fa4f1bea51e86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Tue, 08 Feb 2022 13:41:15 GMT
server
nginx
etag
"620272fb-7c6d"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
31853
s
googleads.g.doubleclick.net/pagead/drt/ Frame EE6B 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Wed, 23 Feb 2022 20:03:13 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
473
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 0987 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 19:22:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 23 Feb 2022 20:11:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Feb 2022 20:11:06 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0987 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:48:19 GMT
x-content-type-options
nosniff
age
4967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 23 Feb 2023 18:48:19 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0987 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 17:36:13 GMT
x-content-type-options
nosniff
age
9293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 23 Feb 2023 17:36:13 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/elements/html/ Frame 0987 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19d68d8c9b0afec111ca934d319c454fe9d57234d8915b2d837e36d54410ddf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8146
x-xss-protection
0
server
cafe
etag
10717154116364420598
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:00:04 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3B38 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C0uCC2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoExwFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MM-M5YNkPR5gvQ2D34aoXmCKuGpxkO2gE2mmnh5ewbcMPMu3sFIdgAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NjU1NDc3NjMwODkxODEyGAA&sigh=vA24jDOEZr8&uach_m=[UACH]&cid=CAQSGwCNIrLM-xfPLyCQWRsFfuDhZahiAYLEn7UjCxgB
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 23 Feb 2022 20:11:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 3B38 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UOb8EMz6RO0HfJ2DYgICAAAARaehcQUE5jMQ2ZQWYmSDfO0b0k4jN2HZABI&wp=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
server
Kestrel
server-processing-duration-in-ticks
240990
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame AE09 		160 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
290ddde8fc96d7dbed3db22b458c83b4614de1d7e95d1f8d6f638e0212d0a94e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=_34hC4CC_NFM69dFbSmfdQBx2ZSZUUuxCReUdkunhPmPF4q8M-IHZhILyTp-dX-suIL1F9gcROYSO6FpaV8gClvY8wESySEKa1-4sCfqBGrEN2QOiRN6Nmcp42rvlvSoV9Vx2uhcMkICZz1LZTvtAbbk4k_UaZ2LiY6pIwhKEHsW9DEPX5pPsYj15wo_SAQzJgYkbZxuJBdfrINMnbwr3bWHLtmyr3guYh83RJ3erJJc2Vq3gLS4WMqFphv8ICCXvzn_Xw"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
99815119
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 3B38 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:08:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B38 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Feb 2022 20:11:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 3B38 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:06:15 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.profiwins.com.ua
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 19:30:27 GMT
x-content-type-options
nosniff
age
2439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:13:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 19:30:27 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.profiwins.com.ua
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 20:11:49 GMT
x-content-type-options
nosniff
age
604757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9692
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:13:53 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 20:11:49 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D416 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Wed, 23 Feb 2022 20:03:13 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
473
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redir.html
p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame E778 		247 B
961 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
a84b935b932f52562d3502e803ffff4e99505f0b18e49b92bd980358166f5dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-lHp6O2o0FieAsk6E6tIOZg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
204
date
Wed, 23 Feb 2022 20:11:06 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 3D6E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70ed5c15cab95a795522ccabefc794429ad1b6fb82a53aff0b78d92ed2c8b998

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 3D6E 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 18:14:29 GMT
x-content-type-options
nosniff
age
93397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 18:14:29 GMT
truncated
/ Frame 646C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abbea3843b759d72d5a8a5753994d3101a1f2aa7dfb8043642cb4adeb0ddf842

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame E64C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Wed, 23 Feb 2022 20:03:13 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
473
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BF2E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71c31f22a45e5df6592584593fca45c5daa0aee4733f1a235dccdd5a055eb64a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame AE09 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Feb 2023 20:11:06 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame AE09 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Feb 2023 20:11:06 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame AE09 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 18 Feb 2023 20:11:06 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame AE09 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sat, 18 Feb 2023 20:11:06 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame AE09 		0
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1645647066
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:e400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:06 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
d2iw57otmrNdzNyriHdQ8856X3FvXvuI7IuMBMaKExaLf6MTOL2ODw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame AE09 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=xN1VpPEQXosB4o_DSZQa_qdMyZ5AsFULUrZchq_hNq504mi8Qw3zEQpzMfP8Rjap9ZcZFuKTSrqlTLpMbpEvjEzX043gjd-WndAOy9e91cEEC7NNKFfLOnSRrIDHKr4xoONAxHbKp0ixUb35Z_fVtn_53mKNF0EUxcKyFytCBVtrS58N6GishnC3Wtblp2UEUTA4BF0tKg-FzROOlx8iYTHdu6c1rhrmoJgKNbIh6-L-TgVgp9nEV_yvrlm0tfK_l-rvG8rewp1Vp5XZ7T0vT6R61DsPQKHrUBs3lt6iAf-SumDPphp9cEigs0te_YTleymvwazOC0kZ0fSmo14t5q0Q-3YbcyjeKj8rNsjcXbMd-OkUHKly-9h71ROEcMGNa4VJHisJWnMOGxofP71ohvPQAwwfkVBAk-0n281qhvektapjOHoF7-xIniwduF0lUmn6YQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:06 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1732595
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 3B38 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8838b8a9d309c2057abb4b39416b228a142887cd83f50e43baeb7db6c8ff5d5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame EE6B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=90&slotname=6109899084&adk=4206405240&adf=338573601&pi=t.ma~as.6109899084&w=650&lmt=1645647064&psa=0&format=650x90&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065276&bpp=4&bdt=258&idt=138&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=5982617843526&frm=20&pv=2&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mwSuUMFagX&p=https%3A//www.profiwins.com.ua&dtd=154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 23 Feb 2022 20:11:06 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 23 Feb 2022 20:11:06 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 23 Feb 2022 20:11:06 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 74A5 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 19:16:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 23 Feb 2022 20:11:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Feb 2022 20:11:06 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 74A5 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:07:00 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/ Frame 74A5 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
1930320615972901081
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:07:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 74A5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:08:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 74A5 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Feb 2022 20:11:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame 74A5 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Mar 2022 20:06:15 GMT
638238a1c081a92848b457a11fb7df3a.js
www.gstatic.com/mysidia/ Frame 74A5 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 00:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11768
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 01:11:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 24 May 2022 00:57:37 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D416
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 23 Feb 2022 20:11:06 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 23 Feb 2022 20:11:06 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 23 Feb 2022 20:11:06 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe.html
p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame E778 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
a6f729440d33c833903f60605d7015a4be446435bdb98a01c221c0b6225e21ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-dYuHps4U3ikT0jd8isDTag' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
1861
date
Wed, 23 Feb 2022 20:11:06 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
animejs.js
static.criteo.net/animejs/ Frame AE09 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Feb 2023 20:11:06 GMT
img
pix.eu.criteo.net/img/ Frame AE09 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F05c244b8e1cf40f39dbba9559c8c38e9_blue.png&v=3&w=196&s=6u29o9rWE__TQ89APeLmnB9V
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29526976
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Tue, 31 Jan 2023 14:07:23 GMT
img
pix.eu.criteo.net/img/ Frame AE09 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoGAZPROM-Germania-GmbH-52483DE-2105121024.gif%3Feb%3D1&v=3&w=800&s=SOJOaiF1kWjs1KW90mFZydta&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ea0eed38a90bad9211dfdcf373b95ee95f092c28ddec4a6f9f26cbd72ab14cac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1519390
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6408
expires
Sun, 13 Mar 2022 10:14:16 GMT
img
pix.eu.criteo.net/img/ Frame AE09 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBDO_Deutsche_Warentreuhand_AG_6335DE.gif%3Feb%3D1&v=3&w=800&s=-2-rGbpcqfa9I5N3c3q7WGkP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
45baad9bcdad8bbaf6bd06d168fa96b3d8f8e807409058166ee3cc1ae7eff97b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=590058
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1848
expires
Wed, 02 Mar 2022 16:05:25 GMT
img
pix.eu.criteo.net/img/ Frame AE09 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FV%2FlogoVogt-Medical-Vertrieb-GmbH-84462DE.gif%3Feb%3D1&v=3&w=800&s=SoYk7_-aATzvP9ZsmzxyJVEK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
025d47e5f33d8f6867a73d3f1915f57c263947e145365e8cd25a9a762cd6f5d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=832761
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1174
expires
Sat, 05 Mar 2022 11:30:28 GMT
img
pix.eu.criteo.net/img/ Frame AE09 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoContinental-AG-3975DE.gif%3Feb%3D1&v=3&w=800&s=vUmwA-yQVjpisjZCprGLe439&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e070c65fa6115515c6dd68f600a8bbc9ff1271d9d8b235c48723942efc67c3e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1680584
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1274
expires
Tue, 15 Mar 2022 07:00:51 GMT
img
pix.eu.criteo.net/img/ Frame AE09 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoMalag-Soltau-GmbH-202821DE.gif%3Feb%3D1&v=3&w=800&s=rzhimeR9XiBimlyWktuYuBoB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
59da68d309d0d84ad1120a3edde2b2908b03a0e79cd54871d7f32d8d430018aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:05 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1004077
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1032
expires
Mon, 07 Mar 2022 11:05:44 GMT
all
csm.eu.criteo.net/ Frame AE09 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=_34hC4CC_NFM69dFbSmfdQBx2ZSZUUuxCReUdkunhPmPF4q8M-IHZhILyTp-dX-suIL1F9gcROYSO6FpaV8gClvY8wESySEKa1-4sCfqBGrEN2QOiRN6Nmcp42rvlvSoV9Vx2uhcMkICZz1LZTvtAbbk4k_UaZ2LiY6pIwhKEHsW9DEPX5pPsYj15wo_SAQzJgYkbZxuJBdfrINMnbwr3bWHLtmyr3guYh83RJ3erJJc2Vq3gLS4WMqFphv8ICCXvzn_Xw&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 23 Feb 2022 20:11:05 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AE09 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Feb 2023 20:11:06 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame AE09 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Feb 2023 20:11:06 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E64C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 23 Feb 2022 20:11:06 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 23 Feb 2022 20:11:06 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 23 Feb 2022 20:11:06 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
pagead2.googlesyndication.com/bg/ Frame 48FE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=8453769442&adk=1644860456&adf=3550057451&pi=t.ma~as.8453769442&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065318&bpp=2&bdt=301&idt=130&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8uFfP41xLX&p=https%3A//www.profiwins.com.ua&dtd=133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
260271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13646
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 19:53:15 GMT
Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
pagead2.googlesyndication.com/bg/ Frame 8B79 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
Requested by
Host: www.profiwins.com.ua
URL: https://www.profiwins.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
260271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13646
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 19:53:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220217&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e86d1877335f15be23d059dea574a173006cd83a0a2937500faba23b84a749c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9972
x-xss-protection
0
Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
pagead2.googlesyndication.com/bg/ Frame 3347 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4655477630891812&output=html&h=600&slotname=5500303043&adk=994483892&adf=1899669380&pi=t.ma~as.5500303043&w=258&fwrn=4&fwrnh=100&lmt=1645647064&rafmt=1&psa=0&format=258x600&url=https%3A%2F%2Fwww.profiwins.com.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645647065344&bpp=1&bdt=327&idt=114&shv=r20220217&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=650x90%2C258x600&correlator=5982617843526&frm=20&pv=1&ga_vid=2001542824.1645647065&ga_sid=1645647065&ga_hid=1078848847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1327&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31061690%2C44756894%2C44756897&oid=2&pvsid=636810467679743&pem=844&tmod=1919575987&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hJoJ1Wl41s&p=https%3A//www.profiwins.com.ua&dtd=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
260271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13646
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 19:53:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4655477630891812&plah=www.profiwins.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Feb 2022 20:11:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E89 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 23 Feb 2022 16:42:55 GMT
expires
Thu, 23 Feb 2023 16:42:55 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
12491
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5B46 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8d823457037d75107a6fe59eaeb359a21028ffb3bdc916f912cea1e4d1939dbf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QDIqxQk+0sw3RrUJYKROjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 23 Feb 2022 20:11:06 GMT
date
Wed, 23 Feb 2022 20:11:06 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-QDIqxQk+0sw3RrUJYKROjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
pagead2.googlesyndication.com/bg/ Frame 1E89 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
260271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13646
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 19:53:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5B46 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220217&jk=636810467679743&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 1E89 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220217&jk=636810467679743&bg=!zc6lzorNAAbf-5Dq3_s7ACkAdvg8WlRCiN_U6PZp30ZV-X2thGmIC0lyyHiMApIf61DQowwjvwABSQIAAABTUgAAAAJoAQcKADbKRqQ3LO1azCky7smeDY0M_v20GSf8f4p7Oqdc-cJWiQ6z-PmAlgUicmKjIyeww-OqUUXxaxWZAraBHlvMnTvOdIsbVsX1URPamB2l48JoVht-s7wK3IGtX6YoUXBza4wFSbZtqjXRWq6hTLN2ds-8DuXSMy6Xmri9DwRU7rOPBV40ASFBkxb9i9gVgM1ANzPpIeii_i4f7abqMKKXM8U2rONo96lK6NogTQSGcNp6XCbkVKy_tx5JEZckSazqSJlciMKhGlTbSx4grxIISr3qd-FOJmXzfezUzCVMlJzzvxmXl-Z3m4-oM2TIOahlTJhX9VXz8up6I9NR0RhNBJ6xKHMEZPCSSgOt-PnHyzASOfixC5Y6pR1qyq5wuYghL9Ur1b0CVs9dPiNN8pKI1k_hiRFQwnzRKfHzkBETClALSN4xkbqCSrJ3bu1yzgstIxnfYjnoe9dP1mJQVXH7u0M6RZQqfqz6cY6_unDqOoOb0y9_ScN2gYKlHrZZHFXsEt2o-67wBqzWa3TwpZoKSdDbz2RRwIAYuxD_Zc38Tp3IvReUZVqb0Hz4jhKVxe4YHN1wRLfuCgH_F78nR2EWd4_rPxcuwRC7mUaX1rOsUvdryqPS_agxN7iDx-fKogRcQBQDOIFd1oHaTB2O8X4MvTWbcbU8U_geF8UCgQbreo68Un60_rVmtsjEGlM2em4JBSrzvJad5o-pAfgPS4NX08H-1iO6vhQpzXIzyshj31Lz7VYVXgljLevwwvW0P7bjWeoous5drUISkQAoVTUnyBSUBMvW2XPXtfZo5fDHodsocZmhdjGf4Th3lc8qg24DCSdtSYMmU6zyxrN67ZPPQUZLtVmadlrkEAm2tXjH-m0v9gn1-GdDE8fyTCXKa2hhBxHKX_jlWY81z2ms2vyRwonSXB8qMbIFSCfwxekkqKEOH_4fQe-IHf6JEQ0cikWw55oXUqrmH4gln8ZYQvl1W-KFaubdHB6CGpyiz5peokBk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.profiwins.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BF2E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufLdb717g_MyTMxN7QdTwkRUTT6ppwmtOApA889as_TIUs097G27KGwCTT_Vo_1qg9h6XAubXenZ7roej4pYWo5tME6UHMXH16kb6kxbv0CCYqhqccOA&sai=AMfl-YTtIM7wmhT-k0YyVzoQg3iZILsTif12NU7a8sMjM-JLT0u_o0Zpm1A6aYFbQagcf0zBicawrfz0c364&sig=Cg0ArKJSzOcg66Y-sX7gEAE&id=lidar2&mcvt=1000&p=0,0,516,258&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1644860456&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645647065452&rpt=778&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3D6E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlBwF1XRqJh1seXTtZ8smOgA_fnQ2Ov9mshXnQM6idI82qprGU2G7RczepsuRqCgTy6AzENYD2K1PZHiWvVImcpKbjs4DpqhCOhCWTJbgxJUCBnydvaQ&sai=AMfl-YThH0KUoTAZwYTXGCIbFuE3hqbOCYQO-1NrcV0Xi-rnq86LXMFTSJI3kHCEMECrFJYkPXrpQ5ujmztP&sig=Cg0ArKJSzF6UoQ9MqCXUEAE&cid=CAQSGwCNIrLMsAsZ9MKkq98dACp1kGD0xfIhL7a32BgB&id=lidar2&mcvt=1000&p=0,0,90,650&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4206405240&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645647065431&rpt=861&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3B38 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthsh4wh4Ftwrglndjyu29_d4tXHuTLO5yZb_wb_hBUxUsbkA85ydmNzgGjL3gvPmsJpjjZB40uskZ-TrXcR9vd&sig=Cg0ArKJSzCb5VI15OsY2EAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=93,776,1001,1105,1128&tos=93,683,225,104,23&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3516679811&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645647065984&rpt=271&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 20:11:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame AE09 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=_34hC4CC_NFM69dFbSmfdQBx2ZSZUUuxCReUdkunhPmPF4q8M-IHZhILyTp-dX-suIL1F9gcROYSO6FpaV8gClvY8wESySEKa1-4sCfqBGrEN2QOiRN6Nmcp42rvlvSoV9Vx2uhcMkICZz1LZTvtAbbk4k_UaZ2LiY6pIwhKEHsW9DEPX5pPsYj15wo_SAQzJgYkbZxuJBdfrINMnbwr3bWHLtmyr3guYh83RJ3erJJc2Vq3gLS4WMqFphv8ICCXvzn_Xw&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhaU2QAIa7cIFWSOAA8A6JNWF_lr8n9LrBFuQQ&u=%7CLzbOsL1ULh%2F95dqtg4Jr1fLI2PyT%2BO2fxuVW9TpBq6Q%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0f5oHb8eTIlvrwXFcKwNuGDXVe82amuNW1kq0MMC2FILVNW901QkWW6aDfMBPBFsh5cR-JBaRUpGI8fHOXiKP5_sEbM0RL27N-gMa2hRHAm_MCtioH8ailXRlXhHeyxWNBAXD9iLL5aXLDeev_8O5tIUxQyZL999WtkSUpzUW3xQeDUOFg0BHIb50NgM0v-CWTCfPkEMJuajiRXkywDdrjvQi5znbO-5AHumCOE0239W3In4h-zra0vOG-m6aR1WHn55cs1sLQLMu12UfaJ8fATKoy_Wjc5i66Qc-VebUOdzIO8EEjrdH2-sIl_KHEyFrJwGagDTgBILSlMX0eXw4dNrLu1la3nFJS0fmDYZkku42v8BipZTchI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKAiq2ZQWYrfXIY7J1fAP6IG8kALJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2NTU0Nzc2MzA4OTE4MTKgAdW20uoDyAEJqQKqEDYHg_-yPqgDAaoEygFP0OOvyzokeitaogCRexSGQ4_zyvhUzIxP2sJ5IiEKi-OajKM5ISu8KGxDbGF0VPj3Mq-8mJnNhJY6MFF6IY8HXWfiYz20XAw5UvygTkTdnEbLLciqqOV4V8QzfHw5tB-ck0zNqn9YTEzxs9je7Ym5OzS7rwYGbdvtS_WyDmN-naDOOIFyHINYzHZ-D8nLIUPT8xvBKaGWYhnvNYitnEv_MI2OxBHjsoJzApGXfFaV-JiDrGDHmsO4kd1uo7isfqkgJE4dNEGih1Z6gAbUoIrLpJuoo2ygBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1b8q4DhNxswWMe0kNUO7ZGj80dcA%26client%3Dca-pub-4655477630891812%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 23 Feb 2022 20:11:06 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
/
go.rcvlink.com/bv/cgPjIZjDolBx-65PNXwtwOEHmTGeB0o5gz7DjSqLJoN95itKxKleIaWghVB2sBCgh31X21RprPdebaFMjuv4mPgASc8WTryBSEmsU7xMzt-qvHNjGQPmmZ6ipRKvaU1rc8P43A_nFZz6oAjHhzAwm2xnWJcN-aJZxGdiQh2_aL7V9S6GWlm... Frame FBFB 		43 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/bv/cgPjIZjDolBx-65PNXwtwOEHmTGeB0o5gz7DjSqLJoN95itKxKleIaWghVB2sBCgh31X21RprPdebaFMjuv4mPgASc8WTryBSEmsU7xMzt-qvHNjGQPmmZ6ipRKvaU1rc8P43A_nFZz6oAjHhzAwm2xnWJcN-aJZxGdiQh2_aL7V9S6GWlm7HxGI8SVm54KeXr6PiS1ccyHZlLzmZh_HvQ/?c=215-64-5-1900-1900&ver=220204-1658&io=1&m=W1sxMDAwLDEwMDAsImJpbXAiLCIiXSxbMTAwMCwxMDAwLCJ0aW1wIiwicmFBbzlCVnBhT1QyZkJHclhkdnMwRU5iWXN1TFVhVVNEX2g0alpJdUNfVTlYZ0dDM3ZNSU5Ndm9kbC1xY0VIenZDN3h1RXEtT0VReFRlRFNfeVpZeXd6cVlyM1VQSWpFNUxNemUxMCJdXQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

hn
b24
date
Wed, 23 Feb 2022 20:11:07 GMT
cache-control
no-store
server
nginx
content-type
image/gif
if
a4p.adpartner.pro/tracker/ Frame CC5A 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297866%2C%22cost%22%3A0.0000319305%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%221ba0152a-420d-4383-a662-30ffd71aa39f%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:08 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 3C1E 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2337640%2C%22cost%22%3A0.0000204389%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225faae508-38e4-483c-b127-1d92d2239503%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:08 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 3885 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2357740%2C%22cost%22%3A0.0000188954%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2239bdc4b9-588d-45e4-8c89-7d191c858c65%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:08 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 4A9E 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22ad_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2357767%2C%22cost%22%3A0.0000119241%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ab90383f-c8ea-4c6c-ba34-d5dadf64c3ab%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:08 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame A252 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%229f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06%22%2C%22event%22%3A%22unit_iab_show%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297866%2C%22cost%22%3A0.0000319305%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%221ba0152a-420d-4383-a662-30ffd71aa39f%22%7D%2C%7B%22ad_id%22%3A2337640%2C%22cost%22%3A0.0000204389%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225faae508-38e4-483c-b127-1d92d2239503%22%7D%2C%7B%22ad_id%22%3A2357740%2C%22cost%22%3A0.0000188954%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2239bdc4b9-588d-45e4-8c89-7d191c858c65%22%7D%2C%7B%22ad_id%22%3A2357767%2C%22cost%22%3A0.0000119241%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ab90383f-c8ea-4c6c-ba34-d5dadf64c3ab%22%7D%5D%2C%22unit_id%22%3A5348%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fwww.profiwins.com.ua%252F%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.138.57 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-79ef5675.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 23 Feb 2022 20:11:08 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?Fl3I7g

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 function| structuredClone function| gtag object| dataLayer function| ym object| MooTools function| Native function| Hash function| $A function| $arguments function| $chk function| $clear function| $defined function| $each function| $empty function| $extend function| $H function| $lambda function| $merge function| $mixin function| $pick function| $random function| $splat function| $time function| $try function| $type function| $unlink object| Browser function| $exec function| $uid function| Class function| Chain function| Events function| Options function| IFrame function| Elements object| Selectors function| Cookie function| Swiff function| Fx function| Accordion function| SmoothScroll function| Drag function| Slider function| Sortables function| Color function| $RGB function| $HSB function| $HEX function| Group function| Scroller object| Asset function| Abstract function| XHR function| Ajax object| Json function| $E function| $ES function| JCaption object| SqueezeBox object| subnav function| MooMenu object| JSNUtils object| JSNTemplate number| uid object| $family function| $ function| $$ function| getDocument function| getWindow function| addListener function| removeListener function| retrieve function| store function| eliminate function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Tips function| oldA function| onDomReady boolean| ie boolean| ie6 boolean| ie7 boolean| gecko boolean| webkit boolean| webkit419 boolean| webkit420 boolean| opera object| templateParams object| _templateParams object| adsbygoogle object| now object| days object| months string| date function| fourdigits string| today object| Ya object| yaCounter86305497 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| head object| script object| Cd string| Cr string| Cp string| gaJsHost object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| loadedBanners string| scr object| div object| x number| len undefined| newScript function| getApuID object| APC object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID object| shownAds5348 object| initRtb1645647065425737730 object| result string| key string| apuid boolean| initVisitTime object| logVisitTime number| sessionPageview object| sessionData object| _gat object| _gaq number| j number| duration function| animComp object| google_llp object| banner5348_1645647065425737730 object| banner1645647065425737730 object| GoogleGcLKhOms object| google_image_requests

45 Cookies

Domain/Path Name / Value
www.profiwins.com.ua/ Name: a5b91646b0ec4224ba61289ba2119c9f
Value: m209imv45psscp6rmmuro4ilo0
.profiwins.com.ua/ Name: _ym_uid
Value: 1645647065850466643
.profiwins.com.ua/ Name: _ym_d
Value: 1645647065
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1362065365fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1512379468fake
www.profiwins.com.ua/ Name: b
Value: b
.yandex.com/ Name: yandexuid
Value: 8750968091645647065
.yandex.com/ Name: yuidss
Value: 8750968091645647065
mc.yandex.com/ Name: yabs-sid
Value: 1297931891645647065
.yandex.com/ Name: i
Value: PBy3Tp35MIWjeeNTCE4FNO6OMxM2Xkj5NSQf4bPml15PUgsHCBF1obEnuLTACHym6UnabiiTr9LIir34tVnane5bT6U=
.yandex.com/ Name: ymex
Value: 1677183065.yrts.1645647065#1677183065.yrtsi.1645647065
.profiwins.com.ua/ Name: _ga
Value: GA1.3.2001542824.1645647065
.profiwins.com.ua/ Name: _gid
Value: GA1.3.277418627.1645647065
.profiwins.com.ua/ Name: _gat_gtag_UA_12396079_1
Value: 1
.profiwins.com.ua/ Name: _ym_visorc
Value: w
www.profiwins.com.ua/ Name: lapuid
Value: 9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06
www.profiwins.com.ua/ Name: session_id
Value: 4f048c4b-a8ec-4631-8525-124bd40744a5
www.profiwins.com.ua/ Name: session_pageview
Value: 1645647065.1
www.profiwins.com.ua/ Name: site_visited
Value: 1645733465.1
.hit.ua/ Name: uid
Value: 505313624.1645647065.94517406
a4p.adpartner.pro/ Name: www.profiwins.com.ua_ref
Value:
.profiwins.com.ua/ Name: _ym_isad
Value: 2
a4p.adpartner.pro/ Name: apuid
Value: 9f7dca6a-b33d-4ebd-a3b5-b2ddb3c78c06
a4p.adpartner.pro/ Name: apudmg
Value: 1
.profiwins.com.ua/ Name: __gads
Value: ID=257026e7acd83952-22473e564acd0082:T=1645647065:RT=1645647065:S=ALNI_MZwID_2dNlhEXLdNsM92GcI1IH4JA
.go.rcvlink.com/ Name: cache
Value: t5TY6tXduG762h0
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWIWlNpeHglZSAdVAvtYTR9x+qiadRzatO3Url0Zsae7
.uuidksinc.net/ Name: jcsuuid
Value: ENAHbTC8ETT0H67YOh2T
.eskimi.com/ Name: __eConsent
Value: 1
.acint.net/ Name: cSyncDp14v3
Value: 1645647066
.doubleclick.net/ Name: IDE
Value: AHWqTUnM6Wpl_aKPxfljC54WKHpHTVOt-Xr1X-wCgN0mwijQNaY0M2voTahlqH51L1s
a4p.adpartner.pro/ Name: buyeruid_63
Value: 9ba302ec-472d-4b09-492a-50d4b922bb7a
a4p.adpartner.pro/ Name: buyeruid_64
Value: 2b755716-2b95-47f9-51a3-750d78d54f8d
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWIWlNo0AgAxemvkAqhg6wlRV28dIz1bFP0zHOVA/o53
.adhigh.net/ Name: gi_u
Value: 5STfYhMfUHK.AikABlF_KDV0IA
a4p.adpartner.pro/ Name: buyeruid_53
Value: 0100007FDA94166259091E5E02550748
a4p.adpartner.pro/ Name: buyeruid_55
Value: 0100007FDA94166259091E5E02550748
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: d7692321-bc03-5336-ad1e-70d0cf08e40a
.betweendigital.com/ Name: ut
Value: YhaU2gAF0Ehgsg9Q9nERUf9zRP1865xCCbWNKQ==
a4p.adpartner.pro/ Name: buyeruid_47
Value: d7692321-bc03-5336-ad1e-70d0cf08e40a
a4p.adpartner.pro/ Name: buyeruid_57
Value: d7692321-bc03-5336-ad1e-70d0cf08e40a
.doubleclick.net/ Name: DSID
Value: NO_DATA

3 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9558.DoQQgg5rzr9siuI4uE3Ix_Tv8iHcygRmfvnyYllPF8HEFPGmtxREomaIq1UY0fWc2t-Xyjm_e223sqzNCHCWwA%2C%2C.QxlcTLgsTQ0J0UZN6M0Na5o6TOc%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://www.profiwins.com.ua/(Line 210)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.profiwins.com.ua/(Line 210)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
acint.net
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
c.hit.ua
cat.nl.eu.criteo.com
csm.eu.criteo.net
dm.hybrid.ai
dsp-trk.eskimi.com
exchange.buzzoola.com
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
go.rcvlink.com
googleads.g.doubleclick.net
img.adpartner.pro
informer.weather.in.ua
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
old.kurs.com.ua
p4-hev4mh7nbjrta-uvbeusw34niurhq3-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
profiwins.com.ua
px.adhigh.net
recreativ.ru
rtb.nl.eu.criteo.com
s.uuidksinc.net
secure-gl.imrworldwide.com
ssl.google-analytics.com
ssp-rtb.sape.ru
st11.rcvlink.com
static.criteo.net
stats.g.doubleclick.net
t.trafmag.com
tpc.googlesyndication.com
www.acint.net
www.google-analytics.com
www.google.com
www.google.com.ua
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.profiwins.com.ua
tpc.googlesyndication.com
116.202.49.54
136.243.84.74
142.250.181.226
142.250.186.99
144.76.118.233
178.250.0.139
178.250.2.148
178.250.2.150
185.233.37.160
193.200.65.5
195.201.243.71
217.65.2.150
2600:9000:2182:e400:1e:a43d:b640:93a1
2a00:1450:4001:803::2003
2a00:1450:4001:808::2003
2a00:1450:4001:808::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:400c:c08::9c
2a02:2638:1::11
2a02:2638:1::2
2a02:2638:1::3
2a02:6b8::1:119
31.220.27.134
34.120.139.69
37.18.16.21
46.4.121.26
51.68.138.57
62.149.0.220
77.123.132.26
77.123.132.42
89.184.81.35
91.207.59.213
95.217.59.106
96.46.183.20
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
025d47e5f33d8f6867a73d3f1915f57c263947e145365e8cd25a9a762cd6f5d6
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0acb9e79744f523e8fe8c2c64cfacdc4276d740084ed36fc8088ed3b033de533
0b186e395705e5c1c8608d2df82f9b08fb11376742d6b42bd8e5f95948840452
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d68d8c9b0afec111ca934d319c454fe9d57234d8915b2d837e36d54410ddf7
1e3fe6e5edda3ffe8d47a54c1c6c8e6468d4ec7549ebb03d11924b0fd64b4532
1e4a906d7e53b222018567c3b4ecc7b85c99fe9fdfe38542a8b1687717a28fac
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
1fc1af1d0188475b6d647fa760d7b0b4adf2722981c6fd425f345480ead4b5d9
230c0a0b99155abfa61700bd003207d30c53cb574cd6077a1a8c667b4b1d2c4b
231ae8b0f4c1cba4a93d3e240e95537ece2064c9d1299cdb1ede13a0a0c148e6
25d5de999eef075239cd8f558b0ce9d38e361113adabb32d2a3bcd35de0d71a8
275f05aaddf8c1856878e9167885f23b6b9aac25db8b96e4bf4abf5a0aaa4346
277e87f95679af1d6b02f1b782ccc7bc71103f807f1f22efd0b4af14539f4823
290ddde8fc96d7dbed3db22b458c83b4614de1d7e95d1f8d6f638e0212d0a94e
2be4a627e6055354414e5f9da1474454aa6e3a5e231a789b169a23efce1857a8
2c4d792dd2af77b821e6c6bec6b9bb04114521c4d2e2ac30cf46f543b253bd31
2e43e9cb16b2037f7a183b4c4b7f6b330b20c32f30799f5c02160ee38bd786b1
2eae4188de52da8f5ef0212a55bdd7fa8e64bccc019fc9701ae7f1644a9e1369
381154cfcfbe019a0cd5bd8e473aadaf497dd16e41b4a0a0ab684dd1c0c71cd1
39dfbe5cd674c37ea792b5d7290024ca11389f7d0d1eff30882530c5770be70a
3ac82b08ddc02c832fd4e7d6d3e598151a76a634234bb2434452802cefed6ae3
3e86d1877335f15be23d059dea574a173006cd83a0a2937500faba23b84a749c
3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427
3f9d6c6839e19acae9e99369997aec9d2e94fb11020fe5f4090c41b80ad9d53c
45707af201f251ba031f89b6bb40773f815d172e5c8900000261ecbb67f33196
45baad9bcdad8bbaf6bd06d168fa96b3d8f8e807409058166ee3cc1ae7eff97b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5205a9a62dace0577f56bb4d3e770415c953cef726db543f423b99c606577fcf
5210ee69b0d0dcf7a214037989417e23562015204a11d90b6c2e42d66355aff0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556fcb4c726032950762d15b3d120984e85cef58e1eb8f0f729578000f0d50ed
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566222f3d947bc665c944ccb2052838d1f67eecd6dfc0086f7af32a5ba3c4e2e
56aec9d85e0accc7291ac7571037934e566b05f223fffa5bd160e16bfd390639
5790e178ba85fa2d90988268b53a3539196fdbe623c72375c41399b64f351462
59da68d309d0d84ad1120a3edde2b2908b03a0e79cd54871d7f32d8d430018aa
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5babae44ccd4e4c30c25ddb3edfd489385f0ab4359bb817289f9e02cee741e60
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5db288a1ccc37096a01cc7b1d8a81b50574bb6f1d05bb853576a777ab549b8d0
5f186e86c635c4a8ee31077c86173a93e715f0a9a349d7648a6b6787fe1e7958
60fe3d31fa37d2b79b59e2047eee2698289c35bd367607991f5b3ba9d4e7401c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
698f880e0fc0f807680fd4fb53b443727f1f240c405517547c597f65b4676437
699823c7ce25fbcd0e6f13ec2f94385b0de6da0e4bcca7d646032b751bf32068
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6c2e1f896640826f6c1c409217903c7200a528231eb0981021f7d62081b9bc01
6c4f4dc111cc379a51c7f4b5604c8e1bf3d4010050aa077de6bdb0d5d5750b0d
70ed5c15cab95a795522ccabefc794429ad1b6fb82a53aff0b78d92ed2c8b998
71c31f22a45e5df6592584593fca45c5daa0aee4733f1a235dccdd5a055eb64a
761122ebb67d86de414f4b09f509f7c4612b6673dedfe6a956fa4eed895bfe74
76f12cfde84587f0d96b7ff3598f70a5f79eb15ed85ee502eb23b113060ebce5
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
80241b6a40d6f17068b1a18b7121fc130a37115d6e208a5c0dce126d4fa37aac
8241de3d9228ded3595b20d95bc7e1916446e834bcf0e941ef5fef2c8a44c495
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f32b111182553f0d4f2550050b9989e56d8ced91aff3d8409664089053a209
8607b324d0f42802a3b8aa147f86c932c1e75f41e25289b131316ca81c364348
871a77da18d79c4a261e293ab299e82a6bd2093eefe6c26b7848a591ab9c9b0b
8838b8a9d309c2057abb4b39416b228a142887cd83f50e43baeb7db6c8ff5d5d
8aa817ef6f16f4b37aaadb892254b3685baac97247db0b04e259d4f77c9a7866
8bda476dffd72bc6dfee0b1034fe8603ed761f43ec51328fab51a1323e415e0b
8d823457037d75107a6fe59eaeb359a21028ffb3bdc916f912cea1e4d1939dbf
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
984cdf6e8d862ac22b4a762fb6ebe83cf716b617fa0d582b61709702a673df32
9915f53ab8194cf5bc033ca46214c6354b439a8500352f1215b572ab78bcb7c0
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f
9d0d54472cf4f89577deac2fc9282413bceacee276efe979ee4fa4f1bea51e86
9e80ec93ffc593ad9342f90315d082d3ad96d79f9bbf34ea2cd58ba37961cb60
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c7d56aab1e0e4e8fb43f633dc1a78b6d59b39746bb4b874931e2f0351650b8
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a31f4b39785a332932a800708d7ed022d83b9c305793ee3a2ed9804ccccba7ca
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a6e5969f81d359480c859d669acbb28b5cbf4d8885c14d2700af859220edfdd1
a6f729440d33c833903f60605d7015a4be446435bdb98a01c221c0b6225e21ac
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84b935b932f52562d3502e803ffff4e99505f0b18e49b92bd980358166f5dda
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abbea3843b759d72d5a8a5753994d3101a1f2aa7dfb8043642cb4adeb0ddf842
af0683b2d46cf9c455a8303ed7c20e777969e49150312bdb6b9a66b2ae8fe9fa
af1438f1ec8c196d59e38806b1d4de029488cc663c363b09789c8bf7a6ab9b9a
b17794f7e2d84ecc6d0921d848a03b790270367edd6fdfefe349b7ed09bff87c
b2ff98349906c4dc77e21c35f9299c2a392e37ceb96ac0214a53bc12752289de
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d48d73407fbd6b22e2a22365aa1e58f6ec65c0ff17b9fb228c005b8a3bc03cb3
d8085a6ade30a8c9d30eca4703d41216c55590ab44a0c1c2b8c65e379aca6bf3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df77a933ca5c8ae1c271d5c2d544ebaf9c949d29f3982db6b3273f0899069bec
e070c65fa6115515c6dd68f600a8bbc9ff1271d9d8b235c48723942efc67c3e0
e09604afd8d9512c4b13cc6580913eaa5c94f55800dcaa0cff36058eebf3d62d
e1ea27fdcd7685662aafddcb85508914ec4dbeecfb6525a81e1e7976f385419b
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f8ae688529415390181f20a1e78385851c6f14d2ebd8719c81060e18aff4c7
e779e1a1547af5542eb2652cd73472e359f8b309baa94965eb3f17e3d777d00d
e98885f75480fc7d67e5dca66f81a6fef919fbb11c7881e9039e9e873d8e4400
ea0eed38a90bad9211dfdcf373b95ee95f092c28ddec4a6f9f26cbd72ab14cac
ebb9ce92e156d2721526ee192c0b770c899f12563ec4f368bdfe67786fcec915
ebeab9818600d399c684ec87bb394d64ec54289519d28758ae30bbeef81f137f
eeb2ecfb5307e9fe6846bc063342377f9d270afa95dcce178f3ecfaf7d2714b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2254ae098fc7b264add5ce32d49db8ab7579a75f8c91d8044e2219d1676be93
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f9ac49aa969036442a66c7c435fe4b532dc221fa3c67a9cf011f9e6657210760