vsim.ua Open in urlscan Pro
2606:4700:3035::ac43:d201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vsim.ua/
Effective URL:
https://vsim.ua/
Submission: On October 20 via api (October 20th 2022, 6:04:57 am UTC) from GB — Scanned from GB

Summary HTTP 257 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 69 IPs in 12 countries across 57 domains to perform 257 HTTP transactions. The main IP is 2606:4700:3035::ac43:d201, located in United States and belongs to CLOUDFLARENET, US. The main domain is vsim.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2022. Valid for: a year.

This is the only time vsim.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 65	2606:4700:303... 2606:4700:3035::ac43:d201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80f::200d	15169 (GOOGLE) (GOOGLE)
3	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
4	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::21	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
5	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	35.214.184.209 35.214.184.209	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	31.41.216.82 31.41.216.82	42655 (BESTHOSTI...) (BESTHOSTING-AS)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
12	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	185.172.90.252 185.172.90.252	49981 (WORLDSTREAM) (WORLDSTREAM)
2 7	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
3	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:ad6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.66.140.200 3.66.140.200	16509 (AMAZON-02) (AMAZON-02)
2	62.149.1.122 62.149.1.122	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:340... 2a02:26f0:3400::1702:d12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4 6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
1	108.177.15.157 108.177.15.157	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2	104.18.12.76 104.18.12.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
13	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 3	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4	14618 (AMAZON-AES) (AMAZON-AES)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2a05:d018:24:... 2a05:d018:24:b002:dfb2:efb5:ace7:6be2	16509 (AMAZON-02) (AMAZON-02)
3 4	52.31.4.32 52.31.4.32	16509 (AMAZON-02) (AMAZON-02)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	185.86.139.106 185.86.139.106	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	52.30.246.43 52.30.246.43	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	34.252.144.191 34.252.144.191	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.30.33.235 52.30.33.235	16509 (AMAZON-02) (AMAZON-02)
1	162.55.233.28 162.55.233.28	24940 (HETZNER-AS) (HETZNER-AS)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	13.32.99.36 13.32.99.36	16509 (AMAZON-02) (AMAZON-02)
1 1	3.82.86.176 3.82.86.176	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.115.196 52.95.115.196	16509 (AMAZON-02) (AMAZON-02)
1	23.3.108.242 23.3.108.242	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.19.104.95 52.19.104.95	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.120.72.4 3.120.72.4	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2a05:d018:d29... 2a05:d018:d29:3601:2eb1:fd74:c477:e429	16509 (AMAZON-02) (AMAZON-02)
257	69

65 2606:4700:3035::ac43:d201 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vsim.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7caf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.184.209 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 209.184.214.35.bc.googleusercontent.com

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.41.216.82 (Ukraine)

ASN42655 (BESTHOSTING-AS, UA)
PTR: dedic.dc.besthosting.ua

tracker_beam.20minut.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.90.252 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.140.200 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-140-200.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.1.122 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3400::1702:d12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (Glen Cove, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.248 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:dfb2:efb5:ace7:6be2 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.31.4.32 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-4-32.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.106 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.246.43 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-246-43.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.144.191 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-144-191.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.33.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-33-235.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.233.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.233.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-36.fra60.r.cloudfront.net

engine.widespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.82.86.176 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-86-176.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.115.196 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.3.108.242 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-108-242.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.104.95 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-104-95.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.72.4 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-72-4.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:2eb1:fd74:c477:e429 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	vsim.ua 1 redirects vsim.ua	1 MB
25	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	300 KB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147	339 KB
20	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 bid.g.doubleclick.net — Cisco Umbrella Rank: 444 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	230 KB
13	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1808 mwzeom.zeotap.com — Cisco Umbrella Rank: 1683	4 KB
11	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 519 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439 dsum.casalemedia.com — Cisco Umbrella Rank: 1311	9 KB
11	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 6415 ghb.adtelligent.com — Cisco Umbrella Rank: 6449 sync.adtelligent.com — Cisco Umbrella Rank: 4288	160 KB
10	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 482 rtb0.doubleverify.com — Cisco Umbrella Rank: 703 tps.doubleverify.com — Cisco Umbrella Rank: 502 tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9427	236 KB
10	google.com accounts.google.com — Cisco Umbrella Rank: 83 ampcid.google.com — Cisco Umbrella Rank: 2113 adservice.google.com — Cisco Umbrella Rank: 78 region1.analytics.google.com — Cisco Umbrella Rank: 5017 www.google.com — Cisco Umbrella Rank: 2	79 KB
8	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232 acdn.adnxs.com — Cisco Umbrella Rank: 618 secure.adnxs.com — Cisco Umbrella Rank: 438	23 KB
6	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470 ads.pubmatic.com — Cisco Umbrella Rank: 495 image6.pubmatic.com — Cisco Umbrella Rank: 671	12 KB
5	yahoo.com 1 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1155 cms.analytics.yahoo.com — Cisco Umbrella Rank: 871 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426	2 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205 s.amazon-adsystem.com — Cisco Umbrella Rank: 296	3 KB
4	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	4 KB
4	rubiconproject.com eus.rubiconproject.com — Cisco Umbrella Rank: 596 pixel.rubiconproject.com — Cisco Umbrella Rank: 347 token.rubiconproject.com — Cisco Umbrella Rank: 682	11 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	12 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	199 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 528 usermatch.krxd.net — Cisco Umbrella Rank: 1251	942 B
3	adform.net 2 redirects dmp.adform.net — Cisco Umbrella Rank: 4773 c1.adform.net — Cisco Umbrella Rank: 627	1 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 456	768 B
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5147 www.google.co.uk — Cisco Umbrella Rank: 3174	1 KB
3	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 21653 id.gravitec.net — Cisco Umbrella Rank: 138722	20 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 801	28 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 578	852 B
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 818	786 B
2	smartadserver.com 2 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1533	1 KB
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26875	681 B
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1303	752 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 608 cdn.indexww.com — Cisco Umbrella Rank: 1375	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	93 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 713	143 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 923	1 KB
2	loopme.me csync.loopme.me — Cisco Umbrella Rank: 890
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7365	1 KB
2	20minut.ua tracker_beam.20minut.ua	135 B
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 42708 api.gravitec.media — Cisco Umbrella Rank: 32702	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	124 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 2662	181 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 48203	214 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 539	145 B
1	widespace.com engine.widespace.com — Cisco Umbrella Rank: 81224	207 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 2027	359 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 987	356 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 474	532 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1500	596 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 7292	324 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 11610	411 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 697	162 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 471	617 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 8894	259 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6233	169 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1140	42 KB
0	leokross.com Failed leokross.com Failed
257	57

	Domain	Requested by
65	vsim.ua	1 redirects vsim.ua
25	s0.2mdn.net	vsim.ua s0.2mdn.net
12	mwzeom.zeotap.com	spl.zeotap.com
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com tpc.googlesyndication.com bid.g.doubleclick.net s0.2mdn.net www.googletagservices.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
7	securepubads.g.doubleclick.net	vsim.ua securepubads.g.doubleclick.net www.googletagservices.com
6	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net spl.zeotap.com
6	ib.adnxs.com	1 redirects player.adtelligent.com googleads.g.doubleclick.net spl.zeotap.com acdn.adnxs.com
5	cdn.doubleverify.com	ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com cdn.doubleverify.com vsim.ua
5	ghb.adtelligent.com	player.adtelligent.com
4	dpm.demdex.net	3 redirects ssum-sec.casalemedia.com
4	www.facebook.com	connect.facebook.net
4	player.adtelligent.com	vsim.ua player.adtelligent.com
4	connect.facebook.net	vsim.ua connect.facebook.net
3	pixel.tapad.com	2 redirects spl.zeotap.com
3	www.google.com	tpc.googlesyndication.com ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3	c2shb.ssp.yahoo.com	player.adtelligent.com
3	accounts.google.com	vsim.ua accounts.google.com
3	unpkg.com	2 redirects vsim.ua
2	tpsc-eu3.doubleverify.com	cdn.doubleverify.com
2	c1.adform.net	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	x.bidswitch.net	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects spl.zeotap.com
2	sync-tm.everesttech.net	2 redirects
2	beacon.krxd.net	spl.zeotap.com
2	bcp.crwdcntrl.net	2 redirects
2	sync.smartadserver.com	2 redirects
2	idsync.frontend.weborama.fr	2 redirects
2	sync.tidaltv.com	2 redirects
2	image6.pubmatic.com	spl.zeotap.com ads.pubmatic.com
2	match.adsrvr.org	spl.zeotap.com ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	eus.rubiconproject.com	player.adtelligent.com eus.rubiconproject.com
2	ads.pubmatic.com	player.adtelligent.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	googleads4.g.doubleclick.net	vsim.ua
2	tps.doubleverify.com	cdn.doubleverify.com
2	www.googletagservices.com	ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com vsim.ua
2	static.xx.fbcdn.net	www.facebook.com
2	sync.adtelligent.com	player.adtelligent.com
2	rtb.mfadsrvr.com	2 redirects
2	csync.loopme.me	player.adtelligent.com
2	hbopenbid.pubmatic.com	player.adtelligent.com
2	pbjs.e-planning.net	1 redirects
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	tracker_beam.20minut.ua	vsim.ua
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	www.googletagmanager.com	vsim.ua www.googletagmanager.com
2	www.google-analytics.com	vsim.ua www.google-analytics.com
2	cdn.gravitec.net	vsim.ua cdn.gravitec.net
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	secure.adnxs.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	pixel.rubiconproject.com	spl.zeotap.com
1	obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	engine.widespace.com	spl.zeotap.com
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	acdn.adnxs.com	player.adtelligent.com
1	spl.zeotap.com	player.adtelligent.com
1	js-sec.indexww.com	player.adtelligent.com
1	id5-sync.com	player.adtelligent.com
1	bid.g.doubleclick.net	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	a4p.adpartner.pro	1 redirects
1	www.google.co.uk
1	region1.analytics.google.com	www.googletagmanager.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	htlb.casalemedia.com	player.adtelligent.com
1	api.gravitec.media	cdn.gravitec.media
1	ampcid.google.com	www.google-analytics.com
1	cdn.gravitec.media	cdn.gravitec.net
1	id.gravitec.net	cdn.gravitec.net
1	www.googleoptimize.com	vsim.ua
0	leokross.com Failed	vsim.ua
257	93

This site contains links to these domains. Also see Links.

Domain
vn.20minut.ua
zt.20minut.ua
te.20minut.ua
kazatin.com
invite.viber.com
t.me
www.facebook.com
news.google.com
www.instagram.com
www.youtube.com
www.besthosting.ua
ua.depositphotos.com
www.eeas.europa.eu
www.irf.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-09` - `2023-06-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-29` - `2022-10-27`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
player.adtelligent.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
cdn.gravitec.media R3	`2022-09-22` - `2022-12-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
api.gravitec.media R3	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.20minut.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-18` - `2022-10-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
www.google.co.uk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-09-26` - `2022-12-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
widespace.com Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh

This page contains 28 frames:

Primary Page: https://vsim.ua/
Frame ID: FA46FC1511AD8F2EE850485CF6520AD0
Requests: 108 HTTP requests in this frame

Frame: https://vsim.ua/site_login/iframe
Frame ID: F14AD9A3D48A886DAD18C5A50E28258B
Requests: 4 HTTP requests in this frame

Frame: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666238400
Frame ID: 85F33E82E67B39C54FC9052D16D7DD9C
Requests: 6 HTTP requests in this frame

Frame: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=75cf8ee7dd83dd84
Frame ID: 7C0807F0C33B32D4594C5952F108A53A
Requests: 6 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 1AC88D28D114E0D758BE82497447FA4D
Requests: 1 HTTP requests in this frame

Frame: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 21D14F182A722C1CEDD04DF8BD0063AF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 607BA993286EB5EE8F9DEB9153BAA888
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df152c9bf687e784%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff19183ed7decf6%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250
Frame ID: 8DDEA4E7A5B7E7EB85577A297F707866
Requests: 3 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Frame ID: 20198B46D19ECD8F2C107423307FE6D1
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=9718ac7f-5b36-4315-ba55-9703dc9538f6
Frame ID: 1E35E53F84380AC3E55F3291C6E065FF
Requests: 1 HTTP requests in this frame

Frame: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5C93CD4E13375DD92D18A0BBCCF36C09
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F9AD33B3A28CAEE78AABB54E834481AF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B547EA4992525624200A8104194ABBD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhjotv7NATAB&v=APEucNW4snG_4EeK7YdMwYejfXsOF2_dg-syX1lHzmAc8xsD-sqhpnVtYGn9sNjba6jWdJylk92CdyIDT_WYNNsl4W50BNN6SHlDfpJu1UaQAuz7x_MiXUa772P5BKZr944h_G7q9W4sTbWLnBOWjZsQ-2DZYxPqmL4eo05etOHuuYQ_7r4Pwgc
Frame ID: A67CC9EDBFC0A0A1179D15FAD823C2FE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D41AFD41645B632B16E8723E82BBC78E
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPSkr8DJngwMNHcVWDLfjexue90_aUutZD5L6UiUGlkBsuVEgIU5hVxb5JOKF_PCnuG53p4mXACBAXAv7Y5oC07Irb9J4IGEa6jAPOW5Kkf9wOGTY1p1rs-4GoBhaWWjnBLGGTLysMIh3GIynX7Hes0LDRFcgmCqomeNJ_4qeMYHmbkCyOmtauXCC767j_C-EYuWUkWDsJCVZWqERsubDxDV15y7l-NNJ0V2p-amPsMdqPg80Cc2H3x-ruiG-qlRdmIK1txffRApYqdisEOF5oH1Am9w2f0wQBZ9BlwDobxagKle1rjIwog8vvOmbyHi9I&sai=AMfl-YS30dRuq1RNwBHII4aSSrvUKMpvgtD9XEIUJRKzNvDIKAQ112PlSc_0GaRCtqQQAjiT83AtD274m1lt9gnSFdHAaKS32kMLFPngb9KXQ8_S6RXwa5vQGO2Ik3zT8CwDhQ&sig=Cg0ArKJSzBN5Q6Uljt3vEAE&uach_m=[UACH]&adurl=
Frame ID: C03CC3D2E12A9E716F90454D1E8DD47D
Requests: 8 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: 1043C71945C14065E8CF180A6E22E5A0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
Frame ID: E4FC20F4ED097D8B0CF8201545E1CCF0
Requests: 26 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: 575D995521EA92E6E92C3DE655196B83
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: BBBA6FB0E278DD363429742BB5D12F25
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9E0BC161003856266D81D8A7606FBA27
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Frame ID: 51ADA347A1D72D53ADD8AF14E77E0D37
Requests: 2 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 736078906FDEDBD53502BB57735C46DD
Requests: 30 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Frame ID: 633D5CCA53122740E01CE2D4D14334AE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Frame ID: AF0F83084D5A8493BF0B35DE2E58F920
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: BA9770E400702513A061A1E7434B53A7
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 25896DB801B65281D04C6C6B04BD15E4
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4312C71DD2740E3F31D7C1DB44CEDF5F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Всім - Новини Хмельницького

Page URL History Show full URLs

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

257
Requests

88 %
HTTPS

39 %
IPv6

57
Domains

93
Subdomains

69
IPs

12
Countries

3376 kB
Transfer

9418 kB
Size

65
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://vn.20minut.ua/
Title: Вінниця

Search URL Search Domain Scan URL

URL: https://zt.20minut.ua/
Title: Житомир

Search URL Search Domain Scan URL

URL: https://te.20minut.ua/
Title: Тернопіль

Search URL Search Domain Scan URL

URL: https://kazatin.com/
Title: Козятин

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQAlCG5A7vvn5UlcXTVOPYYe8%2BNbbSdYNqt%2FAkWqrcA8b94WcKGEqaRwpKqWVh9M

Search URL Search Domain Scan URL

URL: https://t.me/vsimnews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vsim.ua/

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMOzqjwswxLKjAw?hl=uk&gl=UA&ceid=UA%3Auk

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vsim_ka/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/%D0%86%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B2%D0%B8%D0%B4%D0%B0%D0%BD%D0%BD%D1%8F%D0%92%D0%A1%D0%86%D0%9C

Search URL Search Domain Scan URL

URL: http://www.besthosting.ua/

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/

Search URL Search Domain Scan URL

URL: https://www.eeas.europa.eu/delegations/ukraine_en

Search URL Search Domain Scan URL

URL: https://www.irf.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://unpkg.com/imask HTTP 302
https://unpkg.com/imask@6.4.3 HTTP 302
https://unpkg.com/imask@6.4.3/dist/imask.js

Request Chain 104

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.9185674691933867&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=ca1076ba-99eb-4371-a16f-72da112a1822 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.9185674691933867&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=ca1076ba-99eb-4371-a16f-72da112a1822

Request Chain 121

https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=9718ac7f-5b36-4315-ba55-9703dc9538f6

Request Chain 122

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d7883669-b029-4c6f-945f-497279f9e218

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVDudNXYu3hRJ-TU4j2PA8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVDudNXYu3hRJ-TU4j2PA8&google_cver=1&C=1

Request Chain 143

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1DlA8bmT6ACt.2xGEuskwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVDudNXYu3hRJ-TU4j2PA8&google_cver=1&google_hm=2

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGemxmOfUj-xyHHncUTu1r0&google_cver=1

Request Chain 145

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5ODI3OTAyMzgyMDc1OTg3Ng%3D%3D

Request Chain 203

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=B7rkBnxET3RiUDVSOTEycDVrallwc3pGdzd4WG8rajBTV1g4MVJxYnNLOC8vNGRCY1MwSlV0OGgwLzNJY1VHWlVqNGVqWnU0bG0zOWJCczNMK0d6MitGTnU2UjFJK2FOMDJZckVPenRVbThCc3FEaWI0WnN2NGJ3SFZxb1l6clJDWStiYnp3YlJmSit3MkFkaDI3OEdMa0UrbW5iRUphUEI0VFhHcUhxNlZhV25hM3ZEcC9PRnhpQTRHZU9adnpzSGdNZmRVWWZWK1JJaUdjU3F1YTg0N0NDZk41REZVa0N4QUF3cFB5QjFJWitjditZPXw&cppv=2

Request Chain 215

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=69f747e4-825d-40c3-b4e0-28d9b31411ca&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361

Request Chain 221

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=8065e0b1-3e53-4d96-9f5a-31c5f6fba2a0&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 222

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=166cd09e-21aa-4529-69a5-66fb3104590c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=166cd09e-21aa-4529-69a5-66fb3104590c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=49766781676018897483412090730401545950&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361

Request Chain 224

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7156471621840074894&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361

Request Chain 226

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=166cd09e-21aa-4529-69a5-66fb3104590c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=166cd09e-21aa-4529-69a5-66fb3104590c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361&bounce=1&random=1853985212 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=gO.yrILf4N2mtat4ZLQjae&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361

Request Chain 227

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361&cklb=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=

Request Chain 228

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=166cd09e-21aa-4529-69a5-66fb3104590c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=166cd09e-21aa-4529-69a5-66fb3104590c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361

Request Chain 229

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-gNY8OQhE2opKjlBj7SlFwrXAaapgv2udZw--~A&zpartnerid=570&env=mWeb

Request Chain 230

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=WCJJIPin6H%2FjhU7%2F%2FD1GcehmG0YFtxvj%2BS41iYitP1U%3D

Request Chain 234

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361&_test=Y1DlBgAAAa3LYwAO HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y1DlBgAAAa3LYwAO&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361&_test=Y1DlBgAAAa3LYwAO

Request Chain 236

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361

Request Chain 237

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=166cd09e-21aa-4529-69a5-66fb3104590c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=166cd09e-21aa-4529-69a5-66fb3104590c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361&dcc=t

Request Chain 239

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361

Request Chain 241

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=166cd09e-21aa-4529-69a5-66fb3104590c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361 HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=461&user_group=1&expires=5&user_id=166cd09e-21aa-4529-69a5-66fb3104590c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361

Request Chain 247

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1DlA8bmT6ACt-2xGEuslAAAFJoAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENdtV_c3p848qpw-DZP2WPM&google_cver=1

Request Chain 249

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1DlA8bmT6ACt-2xGEuslAAAFJoAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1DlA8bmT6ACt-2xGEuslAAAFJoAAAAB&dcc=t

Request Chain 250

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2498279023820759876

Request Chain 251

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1666332294

Request Chain 253

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1DlA8bmT6ACt.2xGEuslAAA%265274?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1DlA8bmT6ACt.2xGEuslAAA%265274

Request Chain 254

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3862738804059468780&expiration=1667455494

257 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vsim.ua/
Redirect Chain

http://vsim.ua/
https://vsim.ua/

179 KB
38 KB

1476ms
1411ms

Document
text/html

2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5160fcc53fe3f8fb86003618c65d55bb8c0753fa06b77408b1dfbcc0e937a1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, s-maxage=30
cf-cache-status: DYNAMIC
cf-ray: 75cf8ede2ce8dd84-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Oct 2022 06:04:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhwluUbtFBKhzPbHkt9BKrYeqlyQdzJGuOn8re1NiEudZRXa%2B4JvhKJznbt77gFebSWxDYpM%2F%2Bt1wY77xORvcfk4D%2BHgDgBUDudCDV%2B0%2FUQ0vNLtgsZjLR%2F0%2Bf8mB5crorFer9Og"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 75cf8edcd9f7dd47-LHR
Connection: keep-alive
Content-Type: text/html
Date: Thu, 20 Oct 2022 06:04:47 GMT
Location: https://vsim.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNy3CpgZngFjHg5eFXUnQISh2OsoIBARe%2BhO7iPFhkrV0%2B3fBOMCzGdUGlS6gf1U7hhXcinzzTdlCXN83KiLcIZ9J9EMR6GDQelnuJEl4yFD2zuDBKurjE78db6bkZ2TIajKQEAO"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 3831ad9.css
vsim.ua/css/ 629 KB
98 KB 44ms
44ms Stylesheet
text/css 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/3831ad9.css?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9c424eb31fac71d827f3497f4b2a92d9e7e4985db6ce7b379e74aa75fff7f50

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154082
cf-polished: origSize=646179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 11:09:56 GMT
server: cloudflare
etag: W/"634e8984-9dc23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uU8hjQR8oXkxvAN5AoPzLoNo2fO26tSsPz7bUvdd6hF0cMlKhs9d%2BFW7nKVV%2FXlJsErxdwOya8xTo8KJrhe2AdBEMZ%2BdgC8SMWoVuC0RCjNVVUGkVTFStrSks8bY%2BzX9r7mIuYCe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 75cf8ee7ad48dd84-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Logo_new_vsim_v8.png
vsim.ua/img/ 5 KB
5 KB 38ms
38ms Image
image/png 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/Logo_new_vsim_v8.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4327604
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4716
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-126c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFx5NmFWz0u1%2BDrL0p%2F7BDwldmI02GHE%2BSoUi81toJ8z0VLKlF%2FDa8X4zKZOZLpjVwxjgHSdx5Fr%2FX4XLH3O22UU5AmxXP6yeEpsEqqQUeC7Cty5vzDsailBKO08gkk4etxeCcrU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8ee7ad4add84-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 news_today.svg
vsim.ua/html/20min-page/web/img/icon-title/ 1 KB
1009 B 53ms
50ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/news_today.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6249
etag: W/"5e4d36b2-467"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f414DcNaK5xMFAeyvq4vRtn3semsJI9IbxRe%2BsDrVeIhs64hPNyWFJVOpVnlKBjQsEIWGm3eIPpozq%2Fa4yuhqdhDHttdTelIiZ%2FgkOxuHywVrL2TfbPYQ0AprGe8TR6QSZGwCpPy"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 75cf8ee7cd63dd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 3a3e6097812f3a5e0784f2728ee992a773b286b8.jpeg
vsim.ua/img/cache/reference/panel_link/0023/71/ 5 KB
5 KB 219ms
216ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/panel_link/0023/71/3a3e6097812f3a5e0784f2728ee992a773b286b8.jpeg?hash=2021-06-23-20-19-41
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7b2c2ba81eef5c39dd8993cde57f790bdaf179e3d5a2132241b598233d13591

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 23 Jun 2021 17:19:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "60d36d33-124d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPLofsd2xxNgz7uyXGJnuoSP25z4keB636cDQ2UFVazfxF8wSVVI0nfu%2Btohuf2mFid5fq%2Fdciq3l3TfHWrpvYgOzGRQZA6Bie6xTEIAvvRVCT1rYMTGy5efNe30bQd4qW6bLd4y"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8ee7cd64dd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4685

GET
H2 200 8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg
vsim.ua/img/cache/reference/panel_link/0026/31/ 4 KB
4 KB 214ms
211ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/panel_link/0026/31/8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg?hash=2022-02-25-14-28-31
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 25 Feb 2022 12:28:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6218cb88-e27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7D3y5sCZq6KGO4R3JN3PAbfluJ4Lj9c%2B52j3WV2jpIN%2B2c8%2BE7P6ukhhD0I1aazIUkRZ3EpZG8dFnQRrS2vhqtkEdeB5A2k%2B7reJVoWJTK9%2B8Ia6uc9SP5pJDOzcGsppTT1vznU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8ee7cd65dd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3623

GET
H2 200 f5382d7d294a42cd552167d97e033f8d7c8ef3b0.jpeg
vsim.ua/img/cache/reference/panel_link/0024/75/ 14 KB
15 KB 54ms
51ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/panel_link/0024/75/f5382d7d294a42cd552167d97e033f8d7c8ef3b0.jpeg?hash=2021-10-11-12-24-48
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3303123e662ff6f0aab97d549ba72d289e29a064faa7b19211f681a10f48221b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Oct 2021 09:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1387
etag: "616402e7-3925"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otXzSZosOwKfgoQqL4m3pepRN5mh4ctSXAcME1%2B7zXVKYeb14btolWTOBMt5WsiJJuSFThLupz7KsDxeZUznE1nLjt%2BbPEg6YeYybpz693lkuWEE6fRmPR7rvNQb7ClYOTh%2Br7Kj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8ee7cd66dd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14629

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
609 B 53ms
51ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4235064
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHBulUnxiFsdFkJVuX9Om31T6aCvnrjMvff1%2BAcZkIXiYNz0XswFF5E%2BUZQ0ha8kJK9XTQwsTvSmJb23qe00%2BW3d%2BL%2BS3PRQoBBMzQo9ctsA3FtmQc8%2BL1T%2FkssAQn%2FQm3ua%2B6Ov"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8ee7cd68dd84-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Often_comment.svg
vsim.ua/html/20min-page/web/img/icon-title/ 929 B
816 B 239ms
236ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/Often_comment.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e4d36b2-3a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hv0nvncY49UJquM5VWvcBPK3jcxZj%2FZuJWxQ9gTadQTwLPS2GI1AaWQnls6MSJ%2BbF0plTujXut8MKGhSWg%2B54Ov2qujXWRKTuBr2nZENDtxBNQ0wT8Li8xMQ4cBdLRBdpkeY5EqY"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 75cf8ee7cd69dd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
592 B 56ms
53ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154082
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8tBF4Hr0OxifYLhQS4%2FkcwvaP%2Be1FC9suIqDTiZKEHdIc6NYAyFpIS%2FFdxsdnSRVMPRs8%2FYgkU17BIK053oy29m4MXFQsq6pzWfIlOr%2F2xDABjDUoUy9vmm7uWjz0CftOWnyD14"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8ee7cd6bdd84-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Newslater.svg
vsim.ua/bundles/twentyminutuamain/img/icon-title/ 766 B
964 B 224ms
222ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/icon-title/Newslater.svg?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e4d36b1-2fe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozIKIO4CO54FLu0lurJPFHiaVsgXVdlq%2Bm2NlmbtQvGGriwpYbocA1fNxDG7g%2FkY9P8gu3YOvw3ewDkjjuulXC3WRelShtObXYaERsOzSpRMCeR7VPBpjVFvSODHn778fItBHh8F"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 75cf8ee7dd70dd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 04757c045656223f79bdfdb8cb09896f9b1eaf03.png
vsim.ua/img/cache/reference/rubric_partner/0021/76/ 8 KB
8 KB 223ms
221ms Image
image/png 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/rubric_partner/0021/76/04757c045656223f79bdfdb8cb09896f9b1eaf03.png?hash=2021-01-22-11-59-23
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: MISS
last-modified: Mon, 14 Feb 2022 16:26:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "620a82c1-200e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2TcY%2Fj9zvafhhAbWwNmXPyxfmVDPuFCWlCsv16da6PHDZ4ge2GIN5YXPN9jAlArOrcOz3P%2F%2Bo2LeTzoUUUVGBFzM0d6ODkYP7CezWTQJVCRaRGtKHU9LU1K4XA7eNrBYGOCjSL5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8ee7dd71dd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8206

GET
H2 200 EU_hor.png
vsim.ua/html/20min-page/web/img/ 77 KB
77 KB 54ms
52ms Image
image/png 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/EU_hor.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4320488
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78494
last-modified: Wed, 27 Apr 2022 07:07:05 GMT
server: cloudflare
etag: "6268eb99-1329e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpaMwTGVEM2QtQJMmqeV0SSBEaIb89SohX8eRDJ1Ull6BN%2FvdrUDyfzkeBt6miC0LM%2FccCLedhrr%2BSNu6CoYsjdreJe9mHayhDsT0aDqIPg9Ufdotvle%2F9gX3tgHankWwRwnlNeR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8ee7dd72dd84-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
vsim.ua/html/20min-page/web/img/ 13 KB
14 KB 54ms
52ms Image
image/png 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4235063
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13734
last-modified: Wed, 27 Apr 2022 07:07:05 GMT
server: cloudflare
etag: "6268eb99-35a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBwhYbQs81foExa%2BriAyRxScXmJDXJTiYlgsTcD6Bye6bpVrmej8lFRflOzdgvRxAZtG%2B7YdMZErcjnHYU8ADKtLU7t0KUy7gNI6jx3xGpGD2nQ8%2BmFOKPPxOAe5zTVuXl8wjmKQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8ee7dd75dd84-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ANRVU_logo.jpg
vsim.ua/html/20min-page/web/img/ 63 KB
64 KB 54ms
52ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/ANRVU_logo.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66fbe356f6e297ef03954cdb269883d5352c2463a0d3367ade4b077088658ab5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4325879
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64782
last-modified: Wed, 13 Jul 2022 08:36:37 GMT
server: cloudflare
etag: "62ce8415-fd0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4joL4%2ByOSoF7vm%2FKsEIh1QOhgUgeBExV1q3IPT8%2FoYwTXvGo2gHrPcxbV%2Bdwy1ok9qTGXYZi%2BJ3DyrigGjC7LnkBs71a2%2BYV8pPKYTz%2FO37KwCY7zC0Qo26fq1%2FYBINfU%2FAikACC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8ee7dd77dd84-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Push_notifacation.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
1 KB 56ms
54ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Push_notifacation.svg?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6249
etag: W/"5e4d36b2-75a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXvaCcBLMysRmCBVDWsW6rU5%2F5nT4np6TS0htmNlAYt3qZGNjkf0fIb31ieszhiQ%2BWWpf5GIAB605ekPGMwj6wZhL1rUr19UCriH9KN9reH3YdzVCWZ4xQRQ4vVIjc8RPqTaosY7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 75cf8ee7dd78dd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Instagram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
1 KB 55ms
53ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Instagram.svg?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6249
etag: W/"5e4d36b2-884"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Md5ImArRDvnADqqf8ZAnws%2BaOT8BXlGb0V4aqZhDvBWbYjoCBBA8PdjNTNbNX3MN1DsrwatM2PHwaqqNmN6W4DFTV9%2F7lgpu8w1LEZa8lECvqZGzeIIWQFuyli1r9%2FqLdldN863"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 75cf8ee7dd79dd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Email.svg
vsim.ua/html/20min-page/web/img/sub_image/ 3 KB
1 KB 56ms
54ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Email.svg?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6249
etag: W/"5e4d36b2-aa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DU6uWh3PGfcwhm%2F6SSA%2B8ocXl59GvATf%2B2geaU2n6YbDH%2FKUfXVkWXL9aCENGW25NeaDu%2BJNzBFqDB%2BK3vHEXd1Yo8Rt61s0V%2FhR1cXiF%2B3Qusc3mdKDgJfZOk0whpSzj5HwmTV"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 75cf8ee7dd7bdd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Telegram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
1 KB 55ms
53ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Telegram.svg?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6249
etag: W/"5e4d36b2-7c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21AN9Lnbh0FU%2F97BEyWNnqPdjZhluHQgNfXH2ZNK6WZONiAUBvhzNd4sGcIwbYouAYSWMW4dr2HVjbe4lo3AYLRF0Ubx7mxnoNFYKLP1uYimB%2F%2BhwESB7SnbrwAxb05AB96fJPsQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 75cf8ee7dd7cdd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Viber.svg
vsim.ua/html/20min-page/web/img/sub_image/ 4 KB
2 KB 54ms
53ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Viber.svg?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6249
etag: W/"5e4d36b2-1132"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJ201Rpvr61nas9eQuJhbvdxCseLwiT2t0h9PI5qlB7JZsJMcJ5V7rE53lLY7qtD9jAIsTOYgyxj4BcLIDyFiahTOZs5ahq2KKvxTV59jGHWWuN0P8Tmw9BT3wcYUfYwx8s49va8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 75cf8ee7dd7ddd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 GN.svg
vsim.ua/html/20min-page/web/img/sub_image/ 5 KB
3 KB 55ms
54ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/GN.svg?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6249
etag: W/"5e4d36b2-145a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZEG5QuGXDQhrOURbW3Fihy8kiu6zpepKtN9D5qCBcjsPwh7uK9LfbBViaEJlf0LREDRySh4fTHfIHQVqQMrbaG9LRNiglgQi3PWhqXz8wDvP4XI%2FKiY6eZXMK1W9CtdzvxY807w"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 75cf8ee7dd80dd84-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
vsim.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 53ms
50ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsim.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Oct 2022 13:38:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"634571bd-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3mUG8V97GmeorGHgcgBi9zhB8ofBKHVFjCJ7qvIjSXNPgtHUrC2YEWdlh5fNP3MBrZgWo6nIQOZGVaWlip2LhNVDBpRBnDPd2wQ3VKMo%2B9asDDEONB8S2pbKA1ZxEHBEX16AaJx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 75cf8ee7cd61dd84-LHR
expires: Sat, 22 Oct 2022 06:04:49 GMT

GET
H2 200 rocket-loader.min.js Show response
vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 52ms
51ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Oct 2022 13:38:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"634571bd-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRy%2FqMHolFd7gE1DFvvXfoNk2QBcp9kkZsPpNSGWeZxx0syxh4HP%2B3rYQDtomUTqGbnl%2BghX9eOIy65pM%2FXuK8gWa%2BFQs8lX9WJ616pzSHhodYv2ANaAmZoNpTOipvcLOColGbeh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 75cf8ee7dd82dd84-LHR
expires: Sat, 22 Oct 2022 06:04:49 GMT

GET
H2 200 iframe Show response
vsim.ua/site_login/ Frame F14A 7 KB
2 KB 278ms
278ms Document
text/html 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/iframe
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9039086360c377c07ce4378ab72299bbd8c5b85309547993cf2d8540de1553e

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 75cf8ee7dd83dd84-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Oct 2022 06:04:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zx0GcgzZ%2FyxLY7aeJUgJgF95s8D%2FEL1OZa3tp%2F9BEXwGC2RQnRNkArCWP5jdUBOMcfNRICshgBvjPrVYQFrqQAdxNzEvpv8f5%2FnwA0KAw3IX1HAsKea0L51cGNPvP8qIgB57f5ly"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

GET
H3 200 viber-f.svg
vsim.ua/bundles/twentyminutuamain/img/ 3 KB
2 KB 67ms
67ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/viber-f.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?256562f1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?256562f1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61075
etag: W/"5e4d36b1-bff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZM6X58sJfWgJnsyGInM2kQjfgR1eNrYyna%2BDXADcYJzVZs3ElzJXgs66ut6pmlD38M7gppaflp2NxyUBQX7VwS%2FkLxw6YwlFdL7vTIRwmZNOKXzh3PycORoxayQe8o46b2MOFol2"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 75cf8ee848617198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 g_n_icon.svg
vsim.ua/bundles/twentyminutuamain/img/ 1 KB
1 KB 38ms
37ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/g_n_icon.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?256562f1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?256562f1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61075
etag: W/"5e4d36b1-478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BYK8rE1g5OLMWoS2%2FGIXUNvb9%2B5E4sG3PJDuht%2Bb6xc1aDjIn43aYshobTjleNIwX10ZanrBq%2BHwpMCwsgkPi19F%2FG41s2zJNTnp%2BZS13KIerWpK3Tb5L6rh2vbjbb%2BVNDTeVWm"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 75cf8ee848637198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 telegram-f.png
vsim.ua/bundles/twentyminutuamain/img/ 548 B
1 KB 255ms
255ms Image
image/png 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/telegram-f.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?256562f1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?256562f1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e4d36b1-224"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zggiOm1IrYyYtdYf%2B%2BvharInhPPmbsN7FzAf%2Fkq4DnENPUoCrUHn2di%2F5t%2BZjRe1%2BoLcPG6sv0ZBG7GwPbL%2FbZ9cg0bZmIcGW7enu%2BaG5SfHIRRbqe%2FX80pTDj7WZg4hST4xeOTs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8ee848647198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 548
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 70 KB
71 KB 36ms
35ms Font
font/woff2 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?256562f1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://vsim.ua/css/3831ad9.css?256562f1
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9403615
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-118d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GexdDBh3uGbn%2B7yag9vTF%2F8d0lKU3i4fiCK4fw6SC0Ky%2B32Q8W2ASUhLyl5EjVVsG6eGt3xRFo%2BjZtCrAWj9eX5Wr2CqvbUOWm%2Fo86JSpGdzr%2BFDWHUrqy2cCIx8ziA%2FPUtpqIa0"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8ee858657198-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 MaterialIcons-Regular.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 43 KB
44 KB 71ms
70ms Font
font/woff2 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/MaterialIcons-Regular.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?256562f1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer: https://vsim.ua/css/3831ad9.css?256562f1
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9403615
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44300
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-ad0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7yPw2U%2FWMXHhVsdyk%2BlFckbYqvuYZYP5Rom%2BKiNTw4xvPMpKoa6xVOTS%2B%2BlS42g1BUxUegeojJ4I1XW3HVa9QbqorM4Qe%2Bkc%2F5cXhbY8GVs9mx5HL2b8b21d5E%2FHXYiWtDLbC08"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8ee858667198-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET aGeq.js
leokross.com/vAW/ 0
0

GET
H3 200 0728b5d.js Show response
vsim.ua/js/ 879 KB
246 KB 48ms
48ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/0728b5d.js?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca2da4362115518ffdfe27c6fa107bc239a879f36ff3e6bd5db0db5c4917c079

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153403
cf-polished: origSize=900210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 11:09:51 GMT
server: cloudflare
etag: W/"634e897f-dbc72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXzKV4aSQos%2BpGp8xOgb0KtcLRVTbHbIHQmVE1617TV02c0P3NwDV9wzmDS2Ixmso9hAaTw1q2Y2fQAP2K0%2FpizemI44ZEYRWc1ZVKePgoBI9hqgrVSBk6e6kc%2BGIR%2FFmDkJWYR4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 75cf8ee8e90d7198-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

imask.js Show response
unpkg.com/imask@6.4.3/dist/
Redirect Chain

https://unpkg.com/imask
https://unpkg.com/imask@6.4.3
https://unpkg.com/imask@6.4.3/dist/imask.js

135 KB
28 KB

45ms
45ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/imask@6.4.3/dist/imask.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a4c2ecf677f70d4d9d1b3ef31558bb18a0bee17b8f1f38ce5ca65f8871118ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2635925
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GDBE31B3YF2F3FXS9TDJJZQD-lhr
server: cloudflare
etag: W/"21ac7-KqSYXxY+9Y5mzCD11c6bKZsRmN0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75cf8eea0b0e72a6-LHR

Redirect headers

date: Thu, 20 Oct 2022 06:04:49 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GDBE0QWZRNYTWNQEVR8HDPKY-lhr
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2636001
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /imask@6.4.3/dist/imask.js
cache-control: public, max-age=31536000
cf-ray: 75cf8ee9aac272a6-LHR

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 124ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97d6da2803646c6d9e6d88bd8f319c55f9d209db6fbf015dda8f48db2d8d4c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Oct 2022 06:04:49 GMT
content-md5: 1yvJLcuujSqonjEYXnNP3Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: RJLCv45sitvOFTuk6XbKVJO5ugJTNwNvUfUQ4qk/BIgktYuVmjYpb6KcgC3aMnfzE8Vo9kG4fW+Lop3/YqBglQ==
x-fb-trip-id: 917726464
x-fb-content-md5: e0a6229e26dcc322873339da96109bb2
cross-origin-opener-policy: same-origin-allow-popups
etag: "532160023178184751ea0ba43e68f007"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Thu, 20 Oct 2022 06:23:59 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 191 KB
76 KB 165ms
69ms Script
application/javascript 2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa11693faa5ba78dd9afea87ff5e362d37cfe257613b623299288868ef150b98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yp6rMqfw1CLl2m5cDyjoLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-yp6rMqfw1CLl2m5cDyjoLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 20 Oct 2022 06:04:49 GMT

GET
H3 200 ed8d0db.js Show response
vsim.ua/js/ 95 KB
35 KB 92ms
91ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/ed8d0db.js?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153403
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 11:09:57 GMT
server: cloudflare
etag: W/"634e8985-17b3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eKNw2R%2BWYitr40rJa0IFrsv5LKMaI8%2BtJb%2FEvA%2BiMdxaEwepi6S6kdhm45Lju7guIOrAuUQN%2FyF5eL%2F0bs8Qd35LWndDlRzodh4hGZrQU%2FUZMKGDNuzIhNJrwgGw87F28z11QHo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 75cf8ee8e90f7198-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/ 64 KB
18 KB 119ms
34ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 14 Sep 2022 11:42:41 GMT
date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 11:41:55 GMT
server: nginx
etag: W/"6321be03-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 106 KB
42 KB 145ms
49ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NWSHLFG

Requested by

Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

950e709afdb43e3e873928a371ec67c1ad60b913301caa60dedc9fc6aa097e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 42320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 Oct 2022 06:04:49 GMT

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 85F3 39 KB
14 KB 35ms
35ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666238400
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8741d5f93d1bc181b910e4233b1f1e04ddf054ea0eddfb982e3e507a46634289

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80dYY0RAgLlRmBSKXUmjQt%2FXsp7AUv4bBiWCQSG2abql9uC%2Bg9tdaljYG6axW7Uzca5OScUSwjEvLRs9J3lZRQgK5YvgLqlQYaHnYg5B0yJHgXXp4c2PZzuNtwj2uaapWWwljCeF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75cf8ee8e9107198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame 85F3 21 KB
8 KB 36ms
35ms Other
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 765af387ee9fa62e6d518027dbde12b943b800714fe9e249a789a5970f2683bf

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0F%2BjX4eP8tN5kcGEWHWsp024GrpBtW%2FiuJ6pfyaJN7h3adP74Pgrq8in352L5HRDCPpxVqzdxNxwU8ECls2yfxUZiWp3XkYeTnaJGhRareytOaVIm9onRVPCruM3ZvcfMOW%2BFDlG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75cf8ee959877198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fc40332.css
vsim.ua/css/ Frame F14A 177 KB
31 KB 41ms
41ms Stylesheet
text/css 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/fc40332.css?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3151eb02230f6f505658b2df91cb14159810f9e4a083ce21920b76297a7989

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153403
cf-polished: origSize=181636
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 11:08:38 GMT
server: cloudflare
etag: W/"634e8936-2c584"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQ4MWUnVdpwnhOSwEpBmxQS9uZH5R98BD1%2Fd0WieHxOUECSre6%2FasoCBbO4JVsjAyC9iLrzBwIqNS4sjlRrbAlXSpWkCnvMd3NNoLLcx4MDuIjoEGLV%2FKLUhTlhEAK2VEFc2O55S"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 75cf8ee9a9e07198-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rocket-loader.min.js Show response
vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame F14A 12 KB
4 KB 31ms
31ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/site_login/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Oct 2022 13:38:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"634571bd-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEbn4ryB7b4szPGY6PJcVNVNb3B7YSjmWsK8YW7kDngTgMOP9AON9AGqNfzsgrm2fSRBnRe8Z6Vjh4YEw8uRT3if9NpjxeWT0QW5W9dWFbeFYQpiFRqJYQ8PbZK1cCdFoulpRJPQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 75cf8ee9a9e27198-LHR
expires: Sat, 22 Oct 2022 06:04:49 GMT

GET
H3 200 dba7e9c.js Show response
vsim.ua/js/ Frame F14A 246 KB
73 KB 52ms
48ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/dba7e9c.js?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbd991c12551f95524a9ca44db10706d942e698b9ef56d6111fe568c5cf193ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153403
cf-polished: origSize=251457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 11:08:43 GMT
server: cloudflare
etag: W/"634e893b-3d641"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHuYtH2HgT6JNeWI%2B27PkXpb8elhgPrheBduy1xlOKp1Dy0Vvv3gJWMu2ReMYZOvIOCVQ3iK9H0TKmqJsvawxVA4gm6OaSUSQj%2BRQo2N%2FzTvnTQna65%2BvOBEtQf%2B%2BnvwyxMH5wGM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 75cf8eea2a607198-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/cb/ Frame 7C08 38 KB
14 KB 35ms
34ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=75cf8ee7dd83dd84
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 539fd060625d1b2496b2253ef07b53b72d8f3789213be80f46bc7ac070aa6857

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaS0jad1KNjcYAvkYEtcA236Il1kLppzfnWmz7CczUxqINSINV%2BYpcxp%2F0%2FbqWcyOXTsKvYWwYKPwanlUxsoBZ4DQ9tiXxmnAdPHpyslvn5f0SoYkKTi05HM0RpoLj3jSk5iAuoi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75cf8eea2a617198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/462846/ 369 KB
114 KB 132ms
55ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8bcbce10c6e36925ecfb871b292c6b0ce305919b4b8231ab7e95b5999b8c9d33

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 22 Oct 2022 06:04:49 GMT
date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 15:59:53 GMT
server: nginx
etag: W/"634ecd79-5c5e6"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
28 KB 154ms
51ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

815d5a06ae768e817858bbad120c9b4c64fa2cf7d47cccdc90e07a913a3a972a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27634
x-xss-protection: 0
server: sffe
etag: "1369 / 898 of 1000 / last-modified: 1666217300"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Oct 2022 06:04:49 GMT

GET
H2 200 wrapper_hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/462846/ 2 KB
1 KB 172ms
96ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/462846/wrapper_hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8fde8bf6c1c3c2bec65b23e45729683c058e063e2aa77a4e57c365a24a820614

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 22 Oct 2022 06:04:49 GMT
date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 21:53:55 GMT
server: nginx
etag: W/"635071f3-6c4"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 5 KB
1 KB 118ms
48ms Fetch
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=d9345397765ace7e36f5036f718db82e
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
x-correlation-id: 3ae5aa004d2f024e690031e108d26bb0
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: MISS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Oct 2022 05:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2932
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 20 Oct 2022 07:15:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
50 KB 146ms
57ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

858444ad6d47e86b330b11d6b914ae37360821be6e5eabcef5cf609f3bb6dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51161
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 Oct 2022 06:04:49 GMT

GET
H3 200 remplib.js Show response
vsim.ua/bundles/twentyminutuapaywall/js/ 93 KB
32 KB 40ms
40ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30015300955352764840758227634ade8cc98299ccadc46cf9f3f6681385a756

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153402
cf-polished: origSize=197222
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 10 Sep 2021 08:36:22 GMT
server: cloudflare
etag: W/"613b1906-30266"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJR%2F2aLEQUtyINy5qB9myAtKZ1EAbWP7YFGOXcoOjJnyPr6WwHAV9ut%2F6IHnJChYvX%2B1VU54dHrcdBEpTur6PBp4p%2Fy64070Q6FHy4cc8dxWv3j%2FqSNob9NaaeeBB%2FLwwtorIujK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 75cf8eea5ab17198-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
26 KB 83ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Oct 2022 06:04:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27027
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Gn9qT13zqpic0rd/bmpY/CuhutIgsGeZA8x/KxLo14vXQURdHHw95xTt0w6VxT5lphQ2Kyrl08RYMzTPjxA19Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 75cf8ede2ce8dd84 Show response
vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 85F3 2 B
636 B 48ms
48ms XHR
text/plain 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/75cf8ede2ce8dd84
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666238400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbTkQ8DOGSejI92h6s20Po9pXzUG%2Bp4az0AwNdCLhy54CUBLg%2BsIa0A6hbhzyrsimeQ4IBWta56uZrd9YuRSpxXTzkJ4zMEV0epWnPgGOuHrQYdpMtlovfn0K%2FbJMUdArr0o8X0C"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 75cf8eebac057198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
id.gravitec.net/ Frame 1AC8 621 B
700 B 146ms
40ms Document
text/html 2a02:6ea0:c700::21
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=315360000 public
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 20 Oct 2022 06:04:50 GMT
etag: W/"5e9485b6-26d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
pragma: public
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AdRmOLE+xd3/iqQxAA
x-77-nzt-ray: GRQDQ7wQ8bQ
x-77-pop: frankfurtDE
x-accel-expires: @1978352504
x-age: 3253386
x-cache: HIT

GET
H2 200 hbw_master_306660_6693.js Show response
player.adtelligent.com/prebidlink/19285/ 235 KB
35 KB 30ms
30ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19285/hbw_master_306660_6693.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/wrapper_hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7646e6f9d4e40c0eeaba1226df6b2bd510e0063d0412d944a1b74a5065301f96

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 22 Oct 2022 06:04:49 GMT
date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 21:53:55 GMT
server: nginx
etag: W/"635071f3-3ab37"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/cb/ Frame 7C08 38 KB
14 KB 36ms
36ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=75cf8ee7dd83dd84
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ee3f417a2e00b7c6853140b8da5243e0f4b6ae040d9a3671acfa092e6e8e185

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSxCgxKaPQ6nDxA45vhQ8xJFkMuGNFAqYr%2ByMC3EjX6rgwUDtN%2Bp7VNdtiu6P%2FD68ft4nCiHUmaYMSqQlP09YPAv2Yyp3wjTanNmWe%2FOBx8PSS7eOmwTggePCvKE7gxsOICcmQZs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75cf8eec3cb87198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 122ms
33ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 18 Jan 2023 06:04:50 GMT
date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=7776000
x-proxy-cache: HIT

GET
H3 200 pubads_impl_2022101701.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a419095aa8f87ac838a7c0f52fa682bc635aa4d1927b9c058d547fc67dd5ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 10:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130931
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 17 Oct 2023 10:46:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 104 B
115 B 133ms
50ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee58d63b466de0f67a216954ad930f8cfa99fcb23b97c3c27e9c714520d2fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Thu, 20 Oct 2022 06:04:50 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 3 B
455 B 167ms
48ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://vsim.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H3 200 506134916849111 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 61ms
61ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/506134916849111?v=2.9.87&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b66a0d2f84c1753acd238ea65adf26a5e0972c6e4a5fea21356d23865c565c6d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Oct 2022 06:04:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85969
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rnR5cKCNJwRy9kgCW8VW4W6pBTFKcXaSiQKeiQNi79B+WHbkCAJT1vqziwtzq3UoyaK9NSJx8+7kko+Ye6iyRQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 85F3 39 KB
14 KB 51ms
50ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666238400
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ec63184ee9988d3b6ebfa9084c1b51b4c830b35778eb1d68758cbd4e5dc9de9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vX5MIRgLtvLdaWSiPT8%2FL5BI8jaeSfWyjHy3zsAY3yKoTqBCQ0b%2FMe5X2w203qEhxJby1wPAcPPdlNbFKg5qPH90FuXTNuWxNW5gcxa7Vilu1wPyuuPO3ix9uxfo3dOwKXqzlDI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75cf8eecbd527198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
791 B 40ms
39ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?256562f1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3046372
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0ogZyxWh3NGwqSVJcbMNwyeNutJrTgIuCawbAYT%2B8TFiUXUSy8TKGAdlXX5gf5zStPrrDAGOlZdHMLdBmJ0X9M1rkPCg9JLk1uz8D5P8xzNPxh91TQ0ZOLL6MAi3XY%2BcLRTC598"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8eeced737198-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bg-img--small.jpg
vsim.ua/bundles/twentyminutuamain/img/ 5 KB
6 KB 36ms
36ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/bg-img--small.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?256562f1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?256562f1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57300
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5504
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-1580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VewhREjZjTH%2BOlTXObdAm7kWAaZZr%2Bz0ZcoFxIkm7BZ04ENLmoDZCoxCYRaqwtW4980GsGUkdCUaiCxaG4Gg6wFkt1WLhFVI1YH1tjXSh3dWZiOISg0UKSkJn2czoDSBY6sSVBQX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8eed3ddf7198-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
795 B 38ms
38ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?256562f1
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?256562f1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153405
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Apt7YVD%2BkxyP2XPZMYJiINVy9TrD6dEQ3BLAFf2vQIuilSOHCjwDq2XZdKD9HMFS3AxdCTKLErOC8KlgfAWKSZV8lx%2B%2FJSECFLg4dwS6rhCv8tfF%2FOqQji3Zgf9nE7gBUrILd5p"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8eed5dfc7198-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 check Show response
vsim.ua/site_login/login/ 20 B
474 B 386ms
386ms XHR
application/json 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/login/check
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?256562f1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9

Request headers

Accept: */*
Referer: https://vsim.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-dev: Desktop
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQDa5PzAqN1GM7XVt%2FB28Eee8leeT9EQa9kB5xuQs5T7AruyD8fzBZ3l%2B06oKxCUxZbTK%2BWH5yJt%2BzJmDkQyWbfc4vPcqfYyyOxiqQU0W%2F1dxfDoiFahW2qjEm7mGtBo0H3Z42uh"}],"group":"cf-nel","max_age":604800}
x-cache: BYPASS
content-type: application/json
cache-control: no-cache, private
cf-ray: 75cf8eedde8e7198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-stat: 1

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame 7C08 21 KB
8 KB 37ms
37ms Other
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d5208c848c3fbef8333e22d86da1ab163b3fd87070227d74fb9708340d71851

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3uek%2FlyVXBfSa7PM5pkaEs8IKOkRy9eJ7F5WlzoF%2FoRZ%2FOtvWQl2Le9tzDNPS7csjfIqlDOG5sTZOgO6ppTJc%2FpdcEU8hU3m78BlL28gta4ivlQKKpfhqUcj%2FdSX4G%2FrLJzLnPH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75cf8eee1ec17198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 3c87f3e62079dcab9d2ec1fe4fc4117ae10046f8.webp
vsim.ua/img/cache/news_rtp_large/news/0029/33/ 56 KB
57 KB 365ms
365ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0029/33/3c87f3e62079dcab9d2ec1fe4fc4117ae10046f8.webp?hash=2022-10-19-18-14-27
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb291507e5260cc5736f21afdf26ded91911f93f30cab7f1c2d6c816ab4d527f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 15:31:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63501850-e04e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHSjGA4ZuyeaiOXYFxJiMatdHEWeF7t5lvnVWFKjx%2Frwio511KCrD1b4TKGXJgXbYCz9A8FdCl0RHjKdKpcJGGkxLgxely6YwI%2Fof%2F6pnND6F4Tmp5m8wUcogwfTqACQx9lz5w1V"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8eee1ec37198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57422

GET
H3 200 d1736ec693898148e94decdf89262cc220218898.webp
vsim.ua/img/cache/news_rtp_large/news/0029/33/ 21 KB
21 KB 310ms
307ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0029/33/d1736ec693898148e94decdf89262cc220218898.webp?hash=2022-10-19-22-02-33
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05bd034ac34f63787aed067ef728f22a40f866190cbbcc70babf7539dccde1a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Oct 2022 05:38:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6350decd-5410"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUIY%2BId%2B4ms8TtpjVydPL7X0P%2BGzoBSyaJKfhZNA91sc1Eztvk4BoHoCPoD1L7XXCjhp6zhvoPCjFnVS71uquA4Rs2j%2Bw0OeIo96nh3s%2FauEFKYcNafUg5TXu%2B6xRyYIkjI1ThWU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8eee1ecb7198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21520

GET
H3 200 129a8edb8237c6210d639d221379e8024becd22d.webp
vsim.ua/img/cache/news_rtp_small/news/0029/33/ 14 KB
14 KB 318ms
315ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/33/129a8edb8237c6210d639d221379e8024becd22d.webp?hash=2022-10-19-15-50-49
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d57e20667ea39b107e09205c690f1ca673f05813639892d3c8acfd4f1afa07

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Oct 2022 05:38:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6350decd-3674"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXnnm105q8k6yBfdhbD%2BTohDw2P2CYtgs7h5T8%2Bz5NpBIoUNCASkvKXsyIjBiCvMNOtPpaUVcCEl7T79VzV%2B%2FEV8ZiX9bWSwz%2B1HxipBqMp7DZpd9cAHHOFSLGVqkoy5oIfO6JPY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8eee1ecd7198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13940

GET
H3 200 27a796fdec0a20ab5b3ffc15350165b78f75d8a8.webp
vsim.ua/img/cache/news_rtp_small/news/0029/33/ 28 KB
28 KB 312ms
310ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/33/27a796fdec0a20ab5b3ffc15350165b78f75d8a8.webp?hash=2022-10-19-14-51-28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a570a7edddc83f35c875f28f99ca28e01ce6cd45cfa86ee6a182710798839ca6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 15:31:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63501852-6f1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EK9lWOJYSx0JXFWjjtjG%2FcF5bQvnaY07X3Y7Y67Snrmg8Iu3%2FfYp16wQxMjWjv5LUUREe%2B3ba2sAw8T1mxgP7hJRZFSkKBw0xGSQnojQqVumwJYlo%2Fzh6e7Z53%2FPKhcxe3sfYJSe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8eee1ece7198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28446

GET
H3 200 effd606584bc2808eeede99c66363788a784282f.webp
vsim.ua/img/cache/news_rtp_small/news/0029/33/ 3 KB
3 KB 256ms
254ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/33/effd606584bc2808eeede99c66363788a784282f.webp?hash=2022-10-19-23-11-36
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67377d285eebf1e265451c30270df2984d3d1e7c6931138da1f9afd2fdc951dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Oct 2022 05:38:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6350decd-bc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cl3Hhh4uktCSpEbLAmu%2BJyXAW0w4VjxDEb8qIVRhoHagge0LKSzoEuT3Yac54woWOeqRaDpmW001euEStN4T4M%2BKygMgcqVKYZ4RxfQvSprFdJAkXV7KSAqat3aCoj7mPGVUhLvC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8eee1ed07198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3012

GET
H3 200 d62bd72812ad3ed8f1ccb73466dc6e63d5eca805.webp
vsim.ua/img/cache/news_rtp_small/news/0029/32/ 23 KB
24 KB 315ms
313ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/32/d62bd72812ad3ed8f1ccb73466dc6e63d5eca805.webp?hash=2022-10-19-11-39-02
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c0201b9f30f6389ad00a1567d15ff415ebdc4b533b3e423597b2c204f96e38c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 13:09:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634ff6f8-5d2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGPUq2W5XOLndW2j%2FD%2BkfiSh06nxNCICHYPObXxMeHsAWoG6jfCibLvV2sjE8uUIR0I8%2BHZQcZMEDMN1HOPy3FUBeLAtMNeLpaJtwHkWfIweBEVERTyctVHRkncmMH2TwGxHtkx1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8eee1ed17198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23852

GET
H3 200 f871c3e3cb3d923114e23bb69c20a6abf6950f85.webp
vsim.ua/img/cache/news_rtp_small/news/0029/32/ 21 KB
22 KB 319ms
317ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/32/f871c3e3cb3d923114e23bb69c20a6abf6950f85.webp?hash=2022-10-18-14-44-02
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1edf0655e0cd335369a4fff375f0a00bebac1cbcb9877d4ff77ec23fcc0d669

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 11:12:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634fdb91-5490"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIXxsCxu4x7bliZKIgAaH%2FaUEWE8nYRCTHQRFLo6ogKqMYMID2XVr%2BZ1Q1gxrCkoykVaXxCCyfePQuUAFAVOZLSGjGO9pO2%2FB1utA14vfxtzZtbFST80JXSeRIUVbqDefo%2BSVTkX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8eee1ed47198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21648

GET
H3 200 8bdda2242fe1cdd2f477cf1e33247c92ca8b2569.webp
vsim.ua/img/cache/news_rtp_small/news/0029/32/ 29 KB
30 KB 259ms
257ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/32/8bdda2242fe1cdd2f477cf1e33247c92ca8b2569.webp?hash=2022-10-19-10-18-23
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c62bdad439ef23f22531c49bbca436568978e6933b403a41716b1b555671d7e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 19 Oct 2022 09:09:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634fbeaf-748c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0HgctC64%2FYmh7dxuFVHUsBDX55acwegu1MnNDkOddjqVr%2FsRL2j6yz%2FjAU9RU%2FarLyEhh93dUqr%2Bxr5dw0cgpG0ha9wUNSzWbNcudj7%2B1YiyZcJa6TB3AV%2BNwohwTafYB7EyQy3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8eee1ed57198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29836

GET
H3 200 075f88d6d2af0026cd0c89f2c4e7e76e36353aed.webp
vsim.ua/img/cache/news_rtp_small/news/0029/33/ 24 KB
24 KB 321ms
319ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/33/075f88d6d2af0026cd0c89f2c4e7e76e36353aed.webp?hash=2022-10-19-15-36-57
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf02835f7d7204f999ca0f11913448cd7d3291870e2926978ace7c08f938a74

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Oct 2022 13:09:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634ff6f8-5e92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55n0Ksi9MO12GBiLgY6uonPhEexOOyumJv%2B%2BqENQNvcGIzD8OaYpV79xO6cikpi9HNhIqWqdhV9hOPNbP30HtH4bmuOxdVVtPE6yG9sVwyErlve8aVAGrSa9KOQ9zU%2FyTAM%2BS0jc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8eee1ed67198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24210

GET
H3 200 45257c6ade0ed75ec10cfb755450d50b600ac214.webp
vsim.ua/img/cache/news_rtp_small/news/0029/32/ 29 KB
29 KB 324ms
322ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/32/45257c6ade0ed75ec10cfb755450d50b600ac214.webp?hash=2022-10-18-14-46-43
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87aeaba5c3a963a90db309b4eb6af11f3e99be97be873cb9b56b4d97e1403205

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 14:10:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634eb3f3-72cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPk%2FZr0bjS0X0lPoae5rZgThAAPB%2FJU4lO4BqHuQKmDwOR47vkPpSiAESRBry5sJoa77zixYQ2zGh6%2FS18R4b5kFFEBQbz5pYRghdLJb2gCSJH88oV1JPceFGONCp9dWX7BobpPV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8eee1ed77198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29388

GET
H3 200 2831237-rizdvo-25-grudnya-ptsu-uhvalila-rishennya.jpeg
vsim.ua/img/cache/news_rtp_large/news/0029/32/ 21 KB
22 KB 290ms
288ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0029/32/2831237-rizdvo-25-grudnya-ptsu-uhvalila-rishennya.jpeg?hash=2022-10-18-17-59-43
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 953f57fdd5ba9e3438a71eb9d13c94df1d9d8bc696db4611ad95af02e4a0ab64

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 15:07:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634ec11d-5595"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muKFoi%2B00g3TmALN7TlnlC0ipsoyssmGOds2KVn9kWaB5u1ypgt45%2F6eAh%2F4iENi%2FYckH6WWq1rTCrW8PTaXTJ8VLxFAz8RVkspKRtOLvSswwQvqUgdS1e8%2Fl43Z5zs86qCqMnVo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8eee1ed87198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21909

GET
H3 200 2831018-hmelnichani-poproschalisya-z-anatoliem-sikorskim-yakiy-u-berezni-zaginuv-na-kiyivschini.jpeg
vsim.ua/img/cache/news_rtp_large/news/0029/32/ 22 KB
22 KB 288ms
286ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0029/32/2831018-hmelnichani-poproschalisya-z-anatoliem-sikorskim-yakiy-u-berezni-zaginuv-na-kiyivschini.jpeg?hash=2022-10-18-14-46-40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9220da8802219ec6b8a86298c38ed944015c652b71edb98aae59e50f224e7ad9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 11:47:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634e9244-5823"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a91qzln%2Fe5q5emYebPmGD4xSw5O9gvYqRjPSSYCR8vn8QHE1tcpXjJ8RwzgWTZmEhrKE1vC0qcceppPLyjH3bNqnZPLgOXNTJl%2B6gi4Z6%2B29OGxNIbLfrQwlvD79h5i2B7F%2FTcI6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cf8eee1ed97198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22563

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
74 KB 137ms
55ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61b01f993036081b115074b850ed1b6bf6a974d479903ba6c79d78eb5d8d793c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75533
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 Oct 2022 06:04:50 GMT

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 187ms
102ms Stylesheet
text/css 2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I7eGHxGOKJ91G_WV7DHn0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-I7eGHxGOKJ91G_WV7DHn0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 20 Oct 2022 06:04:50 GMT

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 147ms
65ms XHR
application/json 2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=218226485810-uqk03eati6qp5glmb6e91f2u24152enh.apps.googleusercontent.com&as=6cCUAIxYjNSnBxuZuAzjxA

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0edd10834f143a1c905e97a24af339043c1723815f13c9fe6598179d88be992d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-AYx2sZ6dAaYnZZvIYbDkqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-AYx2sZ6dAaYnZZvIYbDkqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vsim.ua
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 306 KB
87 KB 83ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=d7f7cd1be6a9039a982ce729533ad219

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6cabb06600c16545403165369864ed7843f0ce044243eac23278ed4d6f09d830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Oct 2022 06:04:50 GMT
content-md5: cQyas/+s2k6klY31DbzuqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88568
x-fb-rlafr: 0
x-fb-debug: 9WgPIq4WHmCX4C9aCqIPrhlL1FiVswNppsjhiHRbyNlpn5p7tCnuwh82cglBVCmO4QFsepbWN2/xSGM5/814yQ==
x-fb-content-md5: 7b46aa05b652bb700322445974b1528a
cross-origin-opener-policy: same-origin-allow-popups
etag: "9c8c24d09f022b7a1c6c13c751e18261"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 20 Oct 2023 04:36:02 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 131ms
47ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1227969851&t=pageview&_s=1&dl=https%3A%2F%2Fvsim.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAQCACAAI~&jid=688619335&gjid=1683111176&cid=429268025.1666245890&tid=UA-43975937-2&_gid=1298859135.1666245890&_r=1&_slc=1&cd1=NotAuthorizedUser&z=2017309162

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 151 B
414 B 114ms
29ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19285/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: f7d848e954293a192fae29cbbbdf604433ec3e0486c65254218225b883948a69

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 06:04:49 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 151

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
424 B 114ms
29ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=306660&site_id=6693&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fvsim.ua%2F&adid=gns5be.xn&features=81952&vpbv=N091&lifecycle_tte=2875
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19285/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 06:04:49 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 128ms
37ms Fetch 35.214.184.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=d9345397765ace7e36f5036f718db82e&user_id=01d27000-d6d8-4863-802b-b8640cb6dd99&utmb=eec6255a-0253-4be5-add7-f82e2a8ff164&path=https%3A%2F%2Fvsim.ua%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.214.184.209 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

209.184.214.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:50 GMT
x-correlation-id: 1f8e0151a5d2092227dfcc61dc74bd59
x-content-type-options: nosniff
referrer-policy: no-referrer
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1 ; mode=block
expires: 0

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/306633/ 15 KB
7 KB 90ms
32ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/306633/config.json?cb=https%3A%2F%2Fvsim.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 71b3b074157c25cd000acd54048408825d573adcd9f43924a77250f11432c8b4

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 22 Oct 2022 06:04:50 GMT
date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 12:01:31 GMT
server: nginx
etag: W/"634fe71b-3c2a"
content-type: application/json
access-control-allow-origin: https://vsim.ua
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 181ms
49ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 149ms
54ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

OPTIONS
H2 200 pageview
tracker_beam.20minut.ua/track/ Frame 0
0 368ms
83ms Preflight 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://vsim.ua
access-control-max-age: 3600
content-length: 0
date: Thu, 20 Oct 2022 06:04:50 GMT
server: nginx/1.16.1

POST
H2 202 pageview Show response
tracker_beam.20minut.ua/track/ 0
135 B 83ms
83ms XHR
text/plain 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Requested by: Host: vsim.ua
URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?256562f1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vsim.ua
date: Thu, 20 Oct 2022 06:04:50 GMT
access-control-allow-credentials: false
server: nginx/1.16.1
content-length: 0
access-control-max-age: 3600

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame 7C08 23 KB
8 KB 40ms
39ms Other
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 483d60de91ce591b15e45f67515ea0d828d98675fcf2b5b642340757cbfe232e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tG48jRGbK3LmgQZNROdDbVHABn1YrypxR%2BaeqHCg0u3VVbYhH5v%2FrNWr57ehpSEG5k4%2FZzKP6O3Py0HO%2BFP315ZtZ%2Fa4QSAs4QH0ZJ3tCGHfXCrmRGxKRuRPiGpn6jvzRPRk6o1x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75cf8eeecf737198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 129ms
41ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=506134916849111&ev=PageView&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1666245890365&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666245890364.1082482117&it=1666245889965&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Oct 2022 06:04:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame 85F3 19 KB
7 KB 35ms
35ms Other
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0792598dc22bb5723ebf2752972d8618d51a121148f46e702dc8fa7cdac32f0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnquqXlJJN%2BLTyrr%2FCKGWWEXYx5NomFayAwTu7bfHSQigOjkhbZ50dtd%2BNMSGoxw5PC%2B7X02DWaqJO%2BbHUFGqsKHuWaA1kBZ0Fd%2BegEW7mIjLu1T0f7IiR%2Bge3jXlIre9y5mg5mK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75cf8eeeef857198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 545ms
545ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3751769262565394&correlator=1049849528775178&eid=31062930&output=ldjh&gdfp_req=1&vrg=2022101701&ptt=17&impl=fifs&iu_parts=45035109%2Cvsim_main_(300x250)&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x400&ifi=1&adks=978356717&sfv=1-0-38&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1666245890376&lmt=1666245890&dlt=1666245889207&idt=1104&adxs=1092&adys=228&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=429268025.1666245890&ga_sid=1666245890&ga_hid=1227969851&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

913b33251392c04c21ced1d2f70b36c459be2bf4230b523d35c3c54222228666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11101
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 158ms
63ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62648a73a43652c89447080e34f5863fbf4e3f73a23055383c6951b6a9e4fe75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11359
x-xss-protection: 0

GET
H2 200 container.html Show response
ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 21D1 6 KB
4 KB 175ms
48ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 06:04:50 GMT
expires: Fri, 20 Oct 2023 06:04:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 75cf8ee7dd83dd84 Show response
vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 7C08 2 B
638 B 48ms
48ms XHR
text/plain 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/75cf8ee7dd83dd84
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=75cf8ee7dd83dd84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Oct 2022 06:04:50 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0E9V3v7l5lzhjXtkv9uTab2ray8syYKVuGGMvhPcJnQ0nrWDzo%2FwiWNwKmppnUiphnnxXgvHqxWflRoonTYf2fgWoioBxhmVytd5rZimWueQsDeGZKvpZ8sNHx%2BvaX4wdxaSrGdk"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 75cf8ef18a6a7198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
433 B 109ms
34ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-43975937-2&cid=429268025.1666245890&jid=688619335&gjid=1683111176&_gid=1298859135.1666245890&_u=YEBAAEAAAAQCACAAI~&z=688164808

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Oct 2022 06:04:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 75cf8ee7dd83dd84 Show response
vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 7C08 2 B
633 B 44ms
43ms XHR
text/plain 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/75cf8ee7dd83dd84
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=75cf8ee7dd83dd84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIOUKvvmCeobl2Mc0x9EwLzc2YJFbM0YUibNPiglKgH3jGm1x5aVx4dQoAGI2DJZB6LdnLTyHnpFiDB5QttpXCCaQeITEu1RuHemnQBHpxd7hPb5ugPaojslZ9jwqnUbepcWqGlK"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 75cf8ef2cb977198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 146ms
52ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Oct 2022 06:04:51 GMT

GET
H3 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
795 B 36ms
35ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?256562f1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3046373
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCT54dLZRsBS%2FP6Av9LYr8PYQ%2B0PXbOFMTUm8RBP9%2FHzs0q8ek7lq3xnRl29v5nRFFhwWHMn%2FWQFmZcGocHuIEUCaDNKRGV80vOXNn2SIxiWQ9icQLtrWf%2FBSkelnpPqDQT0Itf4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75cf8ef2ebbf7198-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 426 B
583 B 30ms
30ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=517711
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19285/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8e3a25b55c58e07a313ade89020a58e45bc34915479f397e78f3e57ca462336e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 06:04:50 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 281

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
559 B 158ms
68ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=863026&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22103444623b96a8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fvsim.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.1-c%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222eacbb53a0f088%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news8(1200x250)%23div-gpt-ad-1632837984961-0%22%7D%7D%2C%7B%22id%22%3A%223528ff97600fd2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news9(1200x250)%23div-gpt-ad-1632838225160-0%22%7D%7D%2C%7B%22id%22%3A%2242e4d8b2c1336a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news10(1200x250)%23div-gpt-ad-1632838267602-0%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ca1076ba-99eb-4371-a16f-72da112a1822%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 244ce5328794d815a620d9b6ff15e532ca3343e09d29fdf3556129f8c516c3a7

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqE4Z69AIUQf1y4FQigK2G4kBFikO3ak67l4R9hMxU2AIL4z2aCIzOaxUkxCEYftoh3T25%2FZ%2FtzT%2BTG9V1CKIG0b9T4w4zUqbMdAON5ojbPVc4QdFwvgKXirRPAH1HYdoOWjE7dj"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vsim.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 75cf8ef3997e76c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.9185674691933867&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F...
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.9185674691933867&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=h...

551 B
960 B

38ms
38ms

XHR
application/json

185.172.90.252
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.9185674691933867&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=ca1076ba-99eb-4371-a16f-72da112a1822
Protocol: H2
Server: 185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 2dba54900b10d798dbd18a0d067b8256a3d3fa3597515cfb295cea1bda8c480f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Thu, 20 Oct 2022 06:04:51 GMT
date: Thu, 20 Oct 2022 06:04:51 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-type: application/json
access-control-allow-origin: https://vsim.ua
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 551
x-sid: AMS-929

Redirect headers

date: Thu, 20 Oct 2022 06:04:51 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.9185674691933867&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=ca1076ba-99eb-4371-a16f-72da112a1822
access-control-allow-origin: https://vsim.ua
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-929

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 379 B
1 KB 220ms
135ms XHR
application/json 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f42abca4cb5e328eaf48eb745c19f85f34221623bc3041dd80a52180b09babd1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:51 GMT
AN-X-Request-Uuid: 9d74189b-32ba-4a74-a06a-74bd151d6c40
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 379
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 207ms
66ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce4018383a88820acf8a0cd0028&pos=8a969ce4018383a88820acfb3bce002a&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 2b945d4f7266ec9af9a13dac9a19c161aae7664b3789329bb2942340aac2c618

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://vsim.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
287 B 205ms
64ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce4018383a88820acf8a0cd0028&pos=8a969ce4018383a88820acfb3bce002a&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 04c319ae62d2da160dd9736f313102f6e806fb2b3f6b705d396cb54b9034e0b5

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://vsim.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 209ms
68ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce4018383a88820acf8a0cd0028&pos=8a969ce4018383a88820acfb3bce002a&cmd=bid&secure=1
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e157883a343e5f570ec6e117e439634c1d8337669f10d8402107884edad14f38

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://vsim.ua
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
690 B 42ms
29ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: bcda03bd12755919402d622d40a568ccd82a5c58261a7854423c478c38354455

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 20 Oct 2022 06:04:50 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 388

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
169 B 134ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Thu, 20 Oct 2022 06:04:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
54 B 147ms
65ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Thu, 20 Oct 2022 06:04:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 141ms
59ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Thu, 20 Oct 2022 06:04:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 collect
region1.analytics.google.com/g/ 0
332 B 121ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0CS1NTGGLB&gtm=2oeah0&_p=1227969851&_gaz=1&cid=429268025.1666245890&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666245891&sct=1&seg=0&dl=https%3A%2F%2Fvsim.ua%2F&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 105ms
35ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0CS1NTGGLB&cid=429268025.1666245890&gtm=2oeah0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 140ms
52ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0CS1NTGGLB&cid=429268025.1666245890&gtm=2oeah0&aip=1&z=671493947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 75cf8ede2ce8dd84 Show response
vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 85F3 2 B
639 B 45ms
45ms XHR
text/plain 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/75cf8ede2ce8dd84
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666238400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5%2BCEtgP8cdGAdwnQEF5%2FA1fuu3GjYM3pWWYOO3AYlnf8O0kKLtGoFztJj5vXzWp8RiHQapiMmFvOuehRhfPSvUadTlQzMmc8RSft5sqtOK0%2FhR5C8uWlpw6cNJVk8sgRQD1Zk8l"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 75cf8ef47d717198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 86ms
42ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=178301089580185&ev=fb_page_view&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1666245891290&sw=1600&sh=1200&at=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Oct 2022 06:04:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 607B 0
18 B 70ms
41ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://vsim.ua
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://vsim.ua
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 06:04:51 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 login_button.php Show response
www.facebook.com/v12.0/plugins/ Frame 8DDE 31 KB
12 KB 117ms
104ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df152c9bf687e784%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff19183ed7decf6%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=d7f7cd1be6a9039a982ce729533ad219

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40f97573b43184307e466f2fca772ce222ca0ce89a44561710de7dd8915eea8c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Thu, 20 Oct 2022 06:04:51 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: PzdwzZSMdTAjHoNc1y/ZBcaRQhKaABM288B1STKn7VrPrXHAmSKONeVEup7mNU1135yFkDihE5YZ7NwUOTw90Q==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 204 /
csync.loopme.me/ Frame 2019 0
0 120ms
52ms Document
text/plain 2606:4700::6813:ad6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19285/hbw_master_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75cf8ef54efc06ae-LHR
date: Thu, 20 Oct 2022 06:04:51 GMT
server: cloudflare

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 1E35
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={}
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={}
https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=9718ac7f-5b36-4315-ba55-9703dc9538f6

0
404 B

202ms
185ms

Document
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=9718ac7f-5b36-4315-ba55-9703dc9538f6
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19285/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Thu, 20 Oct 2022 06:04:51 GMT
Etag: b16224891eb4ce19
Server: Adtelligent

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Oct 2022 06:04:51 GMT
Location: //sync.adtelligent.com/csync?t=a&ep=736011&extuid=9718ac7f-5b36-4315-ba55-9703dc9538f6

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d7883669-b029-4c6f-945f-497279f9e218

0
404 B

492ms
185ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d7883669-b029-4c6f-945f-497279f9e218
Protocol: HTTP/1.1
Server: 62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 06:04:51 GMT
Server: Adtelligent
Etag: b16224891eb4ce19
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d7883669-b029-4c6f-945f-497279f9e218
date: Thu, 20 Oct 2022 06:04:51 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H3 200 container.html Show response
ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5C93 6 KB
3 KB 123ms
41ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 06:04:50 GMT
expires: Fri, 20 Oct 2023 06:04:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F9AD 13 KB
5 KB 125ms
41ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 43617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 17:57:54 GMT
expires: Thu, 19 Oct 2023 17:57:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8B54 783 B
1 KB 142ms
50ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9943ccab7bd1668c337f3cc45b880e8c91283fb20273ae53083d18937cd4b8fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q71h-8NQtCybceh2Uumo0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-Q71h-8NQtCybceh2Uumo0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 06:04:51 GMT
expires: Thu, 20 Oct 2022 06:04:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 141ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 133ms
50ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 139 KB
25 KB 722ms
721ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3751769262565394&correlator=3838320425515957&eid=31062930&output=ldjh&gdfp_req=1&vrg=2022101701&ptt=17&impl=fifs&iu_parts=45035109%2C20minut_news8(1200x250)%2C20minut_news9(1200x250)%2C20minut_news10(1200x250)&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1200x250%7C1200x400%2C1200x250%7C1200x400%2C1200x250%7C1200x400&ifi=2&adks=2483578089%2C4059114074%2C1842437250&sfv=1-0-38&prev_scp=city_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De068d9d0e432a215-225443c451ce003b%3AT%3D1666245890%3AS%3DALNI_MZh2I5t064mUVVRJzS8YJ_XmQ09iQ&gpic=UID%3D00000b759d544f28%3AT%3D1666245890%3ART%3D1666245890%3AS%3DALNI_MYPHVkkOmHfZG4GGjkEZbclqvFRWg&abxe=1&dt=1666245891356&lmt=1666245891&dlt=1666245889207&idt=1104&adxs=204%2C204%2C204&adys=2004%2C6154%2C7805&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&psz=1192x250%7C1192x250%7C1192x250&msz=1200x250%7C1200x250%7C1200x250&fws=4%2C4%2C4&ohw=1192%2C1192%2C1192&ga_vid=429268025.1666245890&ga_sid=1666245890&ga_hid=1227969851&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4db3876d45aad7512cae19369e9d151e20b9a5a740725bb99f9e087c1cf2605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25819
x-xss-protection: 0
google-lineitem-id: 6137429191,6121875802,6122347131
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138409002465,138406575706,138406320230
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ruxaZoupmFj.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 8DDE 323 B
747 B 123ms
41ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/ruxaZoupmFj.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df152c9bf687e784%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff19183ed7decf6%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

092cb8a7c234247243577529fa46f11c66216fb8c2b91a9e12d6bda73b739ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
x-content-type-options: nosniff
content-md5: mEtfkiuN8zERyZQcBN9jeg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 323
x-fb-rlafr: 0
x-fb-debug: ZL3WBnEE2Qk1VpZSt9jzXaWUJ+yIHDbp9QCfhEXHNHXAaKJZqN//j5FRrZz/Tn/PBIS/BNWJFVmya05hZ1GxVQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 15 Oct 2023 00:50:40 GMT

GET
H2 200 N5_jusFw5aK.js Show response
static.xx.fbcdn.net/rsrc.php/v3ixCr4/yw/l/uk_UA/ Frame 8DDE 542 KB
143 KB 122ms
42ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ixCr4/yw/l/uk_UA/N5_jusFw5aK.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa08f73065fa1c37193a46df089274bb26466f044c18168ff52e49fdb55370d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cghwY3eiMppsq8bK+nYaHQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 145887
x-fb-rlafr: 0
x-fb-debug: con1rBxiVILU+XQto09R35oUAOJWsRHN0YldW5SPFt1LLZx2YsgMX2TWvw7UNrFcPIEMdTRWk8k/14VxBtCpiw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 19 Oct 2023 23:07:02 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A67C 624 B
976 B 140ms
52ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhjotv7NATAB&v=APEucNW4snG_4EeK7YdMwYejfXsOF2_dg-syX1lHzmAc8xsD-sqhpnVtYGn9sNjba6jWdJylk92CdyIDT_WYNNsl4W50BNN6SHlDfpJu1UaQAuz7x_MiXUa772P5BKZr944h_G7q9W4sTbWLnBOWjZsQ-2DZYxPqmL4eo05etOHuuYQ_7r4Pwgc

Requested by

Host: ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com
URL: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 06:04:51 GMT
expires: Thu, 20 Oct 2022 06:04:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5C93 15 KB
11 KB 163ms
76ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4zEwvA7cPZZGejz3eQY17jbCUOfdRK3rKZ85ovbJjnDZ58feDsHwcP1C6ioMFaQbKNOvScNdgmsRC-V9DyR4mIOWyH_9B2uk9UhUvTK_ktbTYaTngqWfRY0zlR5TfPPJ0-ossNWKwkqbAuLwnmmPW1y7o3B7cIUI7hHp-XWqjvwBY4QU&cry=1&dbm_d=AKAmf-DZ1bBMBMpLWmF4WrktSxYJmZF-PKVCzoPXdL3ixUYGxB-xzo_prTMXmUA6ADwHNxt6sXMNmSdfvQt9TnOIyaDdI0V9JH8Mbur45-7LphQH54x3mHZ-vOdmRKkRJLKd7PcdwiQWRophMD8qjbtKCRni6N83w1qJKCyloo5xjg8zE08ucTixRLMLepmP0m4f1Yzfq640eIw1Ik1xylBsgwu8k0MAPigSK3erD4E-dFbHfbXfkhnRn_Vbtr2Un8A8BXkvNx-0VvwPXFkavJxSPQC1lqfhlnT-xWnonwE-i4lR0FndeXGHwcGV40ccH5AuA_yCs_pHU7r2O8gGsraUUJsFcxIEx2d78Kiqh_UX_UiPu08OZh9uV8z3jeWHjeBDaCWGTo-funujrdKUJcppfQCgTvOjAv-PZ2Ijpif9LoPgiTCSP4L6KDGeTD4Vwf-O2-kroDQhgCVg9ugmJhlDuo5eBxNsvBqh7hyMaxVd4CzDmSqO3wbvS9twIQ9h-XGlHWnKudszn14aEeYa7OKmjhLcinxlGCjH7bGjOCme4Dht6Qb5g_1lQxVJf1S15MUwxiuEAxdC5C8pyGS4x_NdBPOXBWpm9zMtgORXJApLKKWqfaBcgkSp9dyWqeWp-5HYsunq-hrIqp1ORu1bMuVXAH3DqxRBUsBRff4glMUYMCHTe0du101dUjvF5XW1LQhoRbO61FDPDAZ4i5ooB_rpQlPx1CbVXTbJlM_e-_xVk1y1coYIrYia5mAZNvh4ikIZcV9jXa5l66H9cWVqh9jlYrbP9nTA8o59YD8AhCzbpyS2t4-ts_nnVmWxwucIWNH2gIu7sP-05O08e4DWMdAasY7R7K74FH0KmCR8DaneLJTZqULq1SjBiQwEmSdPifzhg0xfcfcO8S1XbbmvkXzqS9k3wX4zYGoGVyV43wJ3g-Bs5qJEc0AB91aNn7JfkRpNiqauPGAnkotii2w3kuKGAh_gAVenj3CcLE3fhURk1sWSFwaAWYPvLEX9G89ZaRVRaR0B6CUA-mua5zokzXsbc_YHcEzIkAPLwlUeGq0wLw-pKwtF72Yv0mLvd-BtlqfHeh1GbB7b3XZ04QLFzTdsD0AYym-U9kafbEkOz4Hf8p9WQXvwS1-4SUZKGPDKjsnHvi7bNq6AvujJq2HJFaT0kz65Y4ktGN3ce2bbORTPSWPZ1d2ilMJREhHXVshjHCgCZVq0dFyS1dPHn2G47dzk0KZgocnDcJyZ0oNpJQnCyGhFnIeEsMRgK4ak6Z3CsL-x8AQh6QdRkN74DmrJ1XKbrYF9YsgzB8xwnHezgIGVcPTz4vB3BxCHDabb4nRkYtqtZRUbvfE8022lEVjHBl7_I-7UT6Ris4rWANfBxjY4E1pDdW_X7EoZ7SQHn3tkfNandkSGJbtszNrdTl9mw14PrrQAowplXW3Qj_27g2TvsP8_DX6r0_i7WfxhsTT34Efh68eSNYo4zsa2VogNjj99Hyag_NEk4xr7slbCsPJfb60S6azPCh8KPWe9OvdFye00BSKFKq4CFgQniiocKRHMu8cmSwE0xcFcuEsA-3ECnNfRvQda702ZRCqtXOdMGDfMMVZwyux46XNGbDhMtdlki9oriMwtHIDe6wcxCDfU8LRRae2ljDFxedwUkkIEDe2PUajU5GQPM5zIF_tMjebCMxpmB1-3s2ZC8HxJ3mvkrrCkoJ78juQDDG7hcdc4A5JG1IydGcJix4rgK0k70VfuQCZpKC226Tj-tQLKJjrUvqwHbkw2QhIxdFe-cN9BdFW8TJYfCZQAp4ZltWQIhe08fmJ9RFJkyoZHW0QAfqms3RbvAyy7jSqYIjcvjy0H2jkEiBDt0AQMM0ncAdMdjWBCc80l7BioMDVLC2eUvs6X8ZU6SXS0Y1pIypSuqMQnOrBKUEz64duu2Czj8NQ4KyW7ggsqCc0LYZd6PN8spXmNNW1UrQVzKAHoA0GN0_JsXJxiqJsSp1EQm2sNEmeBRQKVLFwYD77H1A77MqFbem__rCiJc5geg_PnN3k-DESdIZZS00BJAHbXPtavEY-9nZYUveqtnzA4mictmQG4Ie5gjA-vPtHevf803uHFc96C7KGpdDnd-ske-yKPzjuQxVkW6Ni6XfrwSWNvzcIeCf5AnkkqK5Ko3GAXgm13_hkRj-P1ldyIFEK2ff3PN2KvZ6JdkZom9yJ0iFpqNwuMV4Y6osurJSoFyBd_iheDYx7-Dskb14a2GhQyzAPUFxMg6s62rUqRHh0vWm9Af0hR1BiqahykTfFKKt1f2wIH42RrZVRn6oq38glpgSqg10hkOYeXY_4T5QF4AhVTi4ijGspZaSqX6eBBGvdn47oYutWZ2TUbYa80l79A6Y3sIEHpeyBIe560pW-w7Iytac0aBAi9Vz8pkIa967VcV2E6S-KRCTzl9FVE0BM9aP0L8TP2X1eJlCdEbOVV3l3Fb815ueIrOyNFvBRqyCXzmY4HsVRvbB0Ovfxa3_yp48YSjnmuPmvKpBbSzIb5TS4FLorEfHVIj4cxeBiNzzr_nn_vFyK2Gmd-iQxl51Nu72EgvK-ojwx4seGWWg8rwtPrDIJsoQam7mzuM8dQfvlRnh7frIrj-JiJ0PSRgxs0PZICz9vX3lievtjnxbkQkbpbPL2mxRCqDpbhBPamJhkobe_EYatl7r69jJuM8UhG&cid=CAQSPwDq26N9CRCnP_CirAqdroFrf9JJBLW4Sh-soCcdX4AmCcLVChBqihwVZab0SplrXVctxmbk_nIcu-yIJo1N3hgBIA4&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf7b3149ecb19dc4ecc7b25d510ff63f3b224a63ffaf6e61705bca5880618069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C93 42 B
63 B 160ms
76ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AATwG4OakhHkRaj-cYo8OWSidD3Id1L5_9CB_k_MGoBcqHYtggv469oyrAJ1w1hOblcDNIuL3sy8T4D9ORLD75Sukhlq7QNSeaJ_9N9RsxSOVhD8k

Requested by

Host: ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com
URL: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 5C93 2 KB
1 KB 150ms
40ms Script
application/javascript 2a02:26f0:3400::1702:d12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25334725&cmp=28076520&plc=339530033&sid=5549275&aufilter1=4845432&prr=1&ppid=103&autt=1&auevent=ABAjH0ie4aYZRR8pUFepW4CcEegM&c1=4845432&auorder=1006926603&aucmp=18351072895&aucrtv=431987560&auxch=1&pltfrm=1&ausite=32529797535&turl=https://vsim.ua/&aubndl=&dvregion=0&unit=300x250
Requested by: Host: ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com
URL: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3400::1702:d12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 06:04:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:19:47 GMT
Server: Microsoft-IIS/10.0
ETag: "f128ce2aabbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 5C93 8 KB
4 KB 150ms
40ms Script
application/javascript 2a02:26f0:3400::1702:d12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com
URL: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3400::1702:d12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 06:04:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 15:59:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fc3bc740ccd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 5C93 3 KB
1 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/window_focus_fy2021.js

Requested by

Host: ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com
URL: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 15:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 15:08:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 5C93 17 KB
7 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com
URL: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 15:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 15:08:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5C93 0
0 50ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTvJYzOY3IyPUmJcFQH_lqUnAL2VvapL4PRss-uaPi3ldUtnVnHO2Q_VJqyQfCuBQdCQRWrCTFzWjD5NsvvPew_IWtUPA
Requested by: Host: ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com
URL: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C93 152 KB
47 KB 152ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com
URL: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47476
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666179788250400"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Oct 2022 06:04:51 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame F9AD 36 KB
16 KB 110ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 16:55:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8B54 0
0 128ms
75ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101701&jk=3751769262565394&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A67C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVDudNXYu3hRJ-TU4j2PA8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVDudNXYu3hRJ-TU4j2PA8&google_cver=1&C=1

43 B
766 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVDudNXYu3hRJ-TU4j2PA8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhjotv7NATAB&v=APEucNW4snG_4EeK7YdMwYejfXsOF2_dg-syX1lHzmAc8xsD-sqhpnVtYGn9sNjba6jWdJylk92CdyIDT_WYNNsl4W50BNN6SHlDfpJu1UaQAuz7x_MiXUa772P5BKZr944h_G7q9W4sTbWLnBOWjZsQ-2DZYxPqmL4eo05etOHuuYQ_7r4Pwgc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEOVDudNXYu3hRJ-TU4j2PA8&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A67C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1DlA8bmT6ACt.2xGEuskwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVDudNXYu3hRJ-TU4j2PA8&google_cver=1&google_hm=2

43 B
894 B

42ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVDudNXYu3hRJ-TU4j2PA8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhjotv7NATAB&v=APEucNW4snG_4EeK7YdMwYejfXsOF2_dg-syX1lHzmAc8xsD-sqhpnVtYGn9sNjba6jWdJylk92CdyIDT_WYNNsl4W50BNN6SHlDfpJu1UaQAuz7x_MiXUa772P5BKZr944h_G7q9W4sTbWLnBOWjZsQ-2DZYxPqmL4eo05etOHuuYQ_7r4Pwgc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOVDudNXYu3hRJ-TU4j2PA8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A67C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGemxmOfUj-xyHHncUTu1r0&google_cver=1

43 B
1020 B

41ms
41ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGemxmOfUj-xyHHncUTu1r0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhjotv7NATAB&v=APEucNW4snG_4EeK7YdMwYejfXsOF2_dg-syX1lHzmAc8xsD-sqhpnVtYGn9sNjba6jWdJylk92CdyIDT_WYNNsl4W50BNN6SHlDfpJu1UaQAuz7x_MiXUa772P5BKZr944h_G7q9W4sTbWLnBOWjZsQ-2DZYxPqmL4eo05etOHuuYQ_7r4Pwgc

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:51 GMT
AN-X-Request-Uuid: 8476f67a-d8b8-4f86-9c9f-f2b4ba1df7b1
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGemxmOfUj-xyHHncUTu1r0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A67C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5ODI3OTAyMzgyMDc1OTg3Ng%3D%3D

170 B
243 B

124ms
66ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5ODI3OTAyMzgyMDc1OTg3Ng%3D%3D

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:51 GMT
AN-X-Request-Uuid: f29eaea8-cbba-4544-bc3a-afa55ffdfc4f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5ODI3OTAyMzgyMDc1OTg3Ng%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5C93 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4zEwvA7cPZZGejz3eQY17jbCUOfdRK3rKZ85ovbJjnDZ58feDsHwcP1C6ioMFaQbKNOvScNdgmsRC-V9DyR4mIOWyH_9B2uk9UhUvTK_ktbTYaTngqWfRY0zlR5TfPPJ0-ossNWKwkqbAuLwnmmPW1y7o3B7cIUI7hHp-XWqjvwBY4QU&cry=1&dbm_d=AKAmf-DZ1bBMBMpLWmF4WrktSxYJmZF-PKVCzoPXdL3ixUYGxB-xzo_prTMXmUA6ADwHNxt6sXMNmSdfvQt9TnOIyaDdI0V9JH8Mbur45-7LphQH54x3mHZ-vOdmRKkRJLKd7PcdwiQWRophMD8qjbtKCRni6N83w1qJKCyloo5xjg8zE08ucTixRLMLepmP0m4f1Yzfq640eIw1Ik1xylBsgwu8k0MAPigSK3erD4E-dFbHfbXfkhnRn_Vbtr2Un8A8BXkvNx-0VvwPXFkavJxSPQC1lqfhlnT-xWnonwE-i4lR0FndeXGHwcGV40ccH5AuA_yCs_pHU7r2O8gGsraUUJsFcxIEx2d78Kiqh_UX_UiPu08OZh9uV8z3jeWHjeBDaCWGTo-funujrdKUJcppfQCgTvOjAv-PZ2Ijpif9LoPgiTCSP4L6KDGeTD4Vwf-O2-kroDQhgCVg9ugmJhlDuo5eBxNsvBqh7hyMaxVd4CzDmSqO3wbvS9twIQ9h-XGlHWnKudszn14aEeYa7OKmjhLcinxlGCjH7bGjOCme4Dht6Qb5g_1lQxVJf1S15MUwxiuEAxdC5C8pyGS4x_NdBPOXBWpm9zMtgORXJApLKKWqfaBcgkSp9dyWqeWp-5HYsunq-hrIqp1ORu1bMuVXAH3DqxRBUsBRff4glMUYMCHTe0du101dUjvF5XW1LQhoRbO61FDPDAZ4i5ooB_rpQlPx1CbVXTbJlM_e-_xVk1y1coYIrYia5mAZNvh4ikIZcV9jXa5l66H9cWVqh9jlYrbP9nTA8o59YD8AhCzbpyS2t4-ts_nnVmWxwucIWNH2gIu7sP-05O08e4DWMdAasY7R7K74FH0KmCR8DaneLJTZqULq1SjBiQwEmSdPifzhg0xfcfcO8S1XbbmvkXzqS9k3wX4zYGoGVyV43wJ3g-Bs5qJEc0AB91aNn7JfkRpNiqauPGAnkotii2w3kuKGAh_gAVenj3CcLE3fhURk1sWSFwaAWYPvLEX9G89ZaRVRaR0B6CUA-mua5zokzXsbc_YHcEzIkAPLwlUeGq0wLw-pKwtF72Yv0mLvd-BtlqfHeh1GbB7b3XZ04QLFzTdsD0AYym-U9kafbEkOz4Hf8p9WQXvwS1-4SUZKGPDKjsnHvi7bNq6AvujJq2HJFaT0kz65Y4ktGN3ce2bbORTPSWPZ1d2ilMJREhHXVshjHCgCZVq0dFyS1dPHn2G47dzk0KZgocnDcJyZ0oNpJQnCyGhFnIeEsMRgK4ak6Z3CsL-x8AQh6QdRkN74DmrJ1XKbrYF9YsgzB8xwnHezgIGVcPTz4vB3BxCHDabb4nRkYtqtZRUbvfE8022lEVjHBl7_I-7UT6Ris4rWANfBxjY4E1pDdW_X7EoZ7SQHn3tkfNandkSGJbtszNrdTl9mw14PrrQAowplXW3Qj_27g2TvsP8_DX6r0_i7WfxhsTT34Efh68eSNYo4zsa2VogNjj99Hyag_NEk4xr7slbCsPJfb60S6azPCh8KPWe9OvdFye00BSKFKq4CFgQniiocKRHMu8cmSwE0xcFcuEsA-3ECnNfRvQda702ZRCqtXOdMGDfMMVZwyux46XNGbDhMtdlki9oriMwtHIDe6wcxCDfU8LRRae2ljDFxedwUkkIEDe2PUajU5GQPM5zIF_tMjebCMxpmB1-3s2ZC8HxJ3mvkrrCkoJ78juQDDG7hcdc4A5JG1IydGcJix4rgK0k70VfuQCZpKC226Tj-tQLKJjrUvqwHbkw2QhIxdFe-cN9BdFW8TJYfCZQAp4ZltWQIhe08fmJ9RFJkyoZHW0QAfqms3RbvAyy7jSqYIjcvjy0H2jkEiBDt0AQMM0ncAdMdjWBCc80l7BioMDVLC2eUvs6X8ZU6SXS0Y1pIypSuqMQnOrBKUEz64duu2Czj8NQ4KyW7ggsqCc0LYZd6PN8spXmNNW1UrQVzKAHoA0GN0_JsXJxiqJsSp1EQm2sNEmeBRQKVLFwYD77H1A77MqFbem__rCiJc5geg_PnN3k-DESdIZZS00BJAHbXPtavEY-9nZYUveqtnzA4mictmQG4Ie5gjA-vPtHevf803uHFc96C7KGpdDnd-ske-yKPzjuQxVkW6Ni6XfrwSWNvzcIeCf5AnkkqK5Ko3GAXgm13_hkRj-P1ldyIFEK2ff3PN2KvZ6JdkZom9yJ0iFpqNwuMV4Y6osurJSoFyBd_iheDYx7-Dskb14a2GhQyzAPUFxMg6s62rUqRHh0vWm9Af0hR1BiqahykTfFKKt1f2wIH42RrZVRn6oq38glpgSqg10hkOYeXY_4T5QF4AhVTi4ijGspZaSqX6eBBGvdn47oYutWZ2TUbYa80l79A6Y3sIEHpeyBIe560pW-w7Iytac0aBAi9Vz8pkIa967VcV2E6S-KRCTzl9FVE0BM9aP0L8TP2X1eJlCdEbOVV3l3Fb815ueIrOyNFvBRqyCXzmY4HsVRvbB0Ovfxa3_yp48YSjnmuPmvKpBbSzIb5TS4FLorEfHVIj4cxeBiNzzr_nn_vFyK2Gmd-iQxl51Nu72EgvK-ojwx4seGWWg8rwtPrDIJsoQam7mzuM8dQfvlRnh7frIrj-JiJ0PSRgxs0PZICz9vX3lievtjnxbkQkbpbPL2mxRCqDpbhBPamJhkobe_EYatl7r69jJuM8UhG&cid=CAQSPwDq26N9CRCnP_CirAqdroFrf9JJBLW4Sh-soCcdX4AmCcLVChBqihwVZab0SplrXVctxmbk_nIcu-yIJo1N3hgBIA4&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:48:08 GMT

GET
H/1.1 200
OK dvbs_src_internal109.js Show response
cdn.doubleverify.com/ Frame 5C93 59 KB
19 KB 43ms
42ms Script
application/javascript 2a02:26f0:3400::1702:d12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25334725&cmp=28076520&plc=339530033&sid=5549275&aufilter1=4845432&prr=1&ppid=103&autt=1&auevent=ABAjH0ie4aYZRR8pUFepW4CcEegM&c1=4845432&auorder=1006926603&aucmp=18351072895&aucrtv=431987560&auxch=1&pltfrm=1&ausite=32529797535&turl=https://vsim.ua/&aubndl=&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3400::1702:d12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 06:04:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:20:14 GMT
Server: Microsoft-IIS/10.0
ETag: "03bb312aabbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19455

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F9AD 0
10 B 44ms
44ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Vl5xog
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 5C93 443 B
550 B 217ms
51ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_351729623356&jsTagObjCallback=__tagObject_callback_351729623356&num=6&ctx=25334725&cmp=28076520&plc=339530033&sid=5549275&advid=&adsrv=&unit=300x250&isdvvid=&uid=351729623356&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=99&bridua=3&dup=null&ppid=103&auevent=ABAjH0ie4aYZRR8pUFepW4CcEegM&aucmp=18351072895&aucrtv=431987560&auorder=1006926603&ausite=32529797535&auxch=1&pltfrm=1&aufilter1=4845432&autt=1&c1=4845432&turl=https://vsim.ua/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&prr=1&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTauGD%3A%3E%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauGD%3A%3E%5DF2Tar9EEADTbpTauTau67f7ab2gbhc2h2g44df_fghdcc3h2_7e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.50&aubndl=&callbackName=__verify_callback_351729623356
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 5797a3262edb2a28901bfd4bd5489023d36a1bf12a72a4f865f86e5126f8f36f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:51 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/19/2022 06:04:51

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D41A 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 41150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:39:01 GMT
expires: Thu, 19 Oct 2023 18:39:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame D41A 36 KB
16 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 16:55:55 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 5C93 71 KB
24 KB 155ms
78ms Script
text/javascript 108.177.15.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWc2y_H8KhVXxzQdpERu8LbnEgoN5DYNCuFTY1-SKqSNJqtW-4&d=CokBAKAmf-DPz7GAG_q_AEjxRFN4zhDDR6M4aGNTlD4izCGlJ_6LzgFgKAFrcUfQFudm2T8fG5HD5z1MoaOByPf7TexaXFQ-5T9rJuLp8VJmr_PHXClvtf-Ors8uV4YWpsosijsv9mWpSPm76gg8HMERplC6Y_lPlhW9CGihh_3Gz3PBurKZkZ6CTLcSiRUAoCZ_4BJg8hGtCSV9GwaZssFJGnUmuA2rNhl5C9WVsEXm6bRROWW0Wdf6pM-2DNn5Mf7h8fmtqkw5oSHjTBj-1S56haIvGaiIjnPuqkSkXBTT3y9YU6NRNKOhsR7KrInAZRot9Yzy8h5wUDYgjj0wHxWtS00GJHaS2MRIKmycNF54UfvTozsNhfCla0oRwIuHfuylD9CdBEYPhdsmLs-0NjbE4lF3CnHoxL8TWjQzbxnnHXtiKQBsDQhYWlUI3nc5PicpwF_-Fwj9nd04XzNa94_F6-mo1oI4sOJJHO3_qxNe80OYplCRPcJ2Q6yB1iShJmiAM2NfUuPHMJIeblT3ZwEUSnLYQQKCCFob_64LpTzfen6dG1RuaU9bwjrNNrsfeMVpsan7c9TvEPkENvWQBOiSzEVbzqrVqSONhxrdYYnwnds-_VfOI5kZZ622YZWpUOzQkFswd75jUTvK0MQvpFlqY1k_dN6YGS4oTt7jj727oIVMoGi5JPuepvJzSOxzvWgWm6kW9g6uvNC1kN-6QuMjRRDZmM32vKLBQxf2oi-dM3B_W-NwAUFUvmAPt0kfvdokizSbQAX5ulfrOmKZ-5SElyDhMUF2JwBV9tNG5bVwaMQWR_V4tiS6h17_6OkV8q6NbCar_nT8UERR4ZUAWj1LC2C3qfCOi-6dA6PPCB02jTwR4DYmoAnHn79GR3y4nI-9tiDRgB-7NHUYab6wo85VYuSKD5bDQQrgYWNjVw3xFZLKLxUvVUMMaFQubAbrou67Q6igNx35CJrqZ4jZBhMIu3iy_hUGhwAYwZMqTvUYldd5om0FO5R8UQgapfjlBRlEEwpWMiUSoL1sx3ksS5gp3o9l-a3561Y9otnzz0UCXFUfq9qInbaXEkx5FQ3JOcVgUl0rzjgjfK7AGOfG8LxQDWbx6Ep37FQTHwlqvm4fL_zJs_T4wRGXWzby2Yn80P3sbGUSbj9DLcrwEcNPoHVcUsg1mq4UoRJYbZGX8SerEg-08L1NmxAWnngMu3PhKt5aDr3kiVmZc1co1tsRHa-62b3W4qsYNS1GLi2LMQo-Ym8z1q1sqdx-06on9YeQoNLCoRBThog2NJDftLnrhG8DAmX6JkxUeULLtnnGiTicJoRQNziOFGUK7vbk081P68QUK6dxDS1Bc63bqHc5NFk3D9w0zpBMOOiwkTHoo9xh0GdKKDOwEyM5bCIPW0EWa9tmqnm5Sw3oRY7bOlbSXtRsd8EZo9onRptpxO6cix0hKVHbSad3e1G9UHQISYSvI6uUn4QguL6Ftc4KtMbtZRTKV0NZKwxrSpySMyV2sisBXrQpqEMVvTJ0vtNJLalrk4cGFehLm-5OtQQ8IxegdJ9M8k7dBCi1c4msRq19VXQoIcuzVANtMLbEkYjpzhqe-y2TY1YccM2fUm_bkH3zzj38k1maKINO5mxANlf1u88qqMxXL-ebKw5ugyvX9h0TbLF0x90-XJLJF9vQ17jfHyOYcA3NaI73ColqZGSBjhMjdNrayHhNP4gGfeWGkuxT0ye0QGtxecLnj5ZAy6c2CAAyth3JjQEQ0bfmncE0O3HSE_b9TQ8sgOu20nJucOxkI8IjXwgRFW_c7m4HcPl4J_pCPQg7bk6Obh2Auwf_9pTnokalapeOFaIPi9E18yjVGBeJcPZ5AUDiRVCu-dXahAW1ZQyad7l22MkKjtvR9-UnQUCxtBw8S2gEK5t65MMXeGXOOEe-7mtLAUHfzTrGY2cAyvCA32EGRDoR7342Z9mJdb3e5gvpsIVb70XaBDTBRrzfjmhhsRC3YwagzMWgAnH9u17QxD4SF2b-3OiAE33P4NB9sYUssblKF46WD6fEkVzK_hr4C_embGJM_vMlnCqkBTchhHd7h2ycJKUes_xEV7hU_WGmAhd6m4-pJmnDcdWQqc90yj_FTz8V4jrI_HjeWaCYLsi3p5jvSZcI_S3ToCt30ZqBGHLMnaC3XAYoalml1tJa_ZNiOaqMeDGh1Oxs6mIppu9EVsrxpo9l6Q2MH3nap79NwhuIxfwz1bjxV_HcSgGcpsf5pbT6v5pNWwpDZP6UWHv_RDVszX8ei9EUIo_UVd7ZF373YX0E6T_vp_DClcMX4CUH-7E3yVZszsIMf54JIPVndhEL3pz3KzjILYydTjKYjkYzOc4nBLLnY7YwK4t5CCI7PAFB0JpOEEedoud-K2bSWPsttgcsX-uRPcmX_7FSmyEI1GWzR129kvt59AklgzVEo33hAYo-l1ahrT1tJBil3MnTRht4z5ifxrq46sQqB74Q_rleE0BpHnoWsLO6hOX_dD6fbQeHRRHJJvAn63WuduEPFrCvErDDx8gwmipQ8KSUJ6wOYT6oU-TLYVE_NWYTXUXtHUYEEchYnI89DMaSSxA9NnWDfgiwP1_5V07kdd3L-_adLHKu9FNAGFUmkoAhKa2zqHmIkKkGrhmAAGBxeNGP51-oUpOQKGsAdG2pLDt-13PNMDSicuDHs1f06_3l4uKXuT_A4dHl9jqIP3NTSjv2a6wTq8ThQw77zeX32zBLRsPe3e2ByvT37eVApxLaeA3QdSMlbftFuoKXaoKHdTMzt5LgZP-9cVNY1dtks0k6Pmzcr5cRns06-yJQj1KnWbF1oYjOa5Kk5eKYWBUGjLl0iZapct7efkr2ujBLhvenXneEc-2reYb32nWI5z902L4ycRg-yyfkxkRk4vGON9xRu2l8OCGjR0EUaAdSaqJz1UyHo5Qau_LrHTjWPxObwAV5G4TkeYpuzA5CKx9aOoYaesL4g6AY_Pv2YW5vtOaYYuadLAyeXq7ype8g8Duxsr8gUzH-qGgtkkSRnKC4vpZyeXXoExe-ju_lggcfBGZ3BGhCpZrp7IXXIWh5SthzmQkKQjAUIHdQCOzTfFLH1m9Fm388kb1U2XMdrwOnVlHc5o4wwF3ey_nqrSztbQ_njglR0l2nIH1R7HczBY2BylP5P-pL93mpGVlEfoTgSSm8FqQWQXoh-xzvMb02G5x6gIXletuSjVH-vrzZ_PrOQIclAnlDj7redupdJDjmAC4Wy9aQeWpuKtEm8CCEhgVInWeCPJH1cGNsz_0VKtIFvcT7u-sR1fL4JTrqZ5QierIiYZFnN6T_6XL7a1wcsg0eE8boHsC4R5zVSuVJthDClMq6OIjIAO-hNRZ74BwkFjEkcRYVaIyMxBMuBAWFqmi7JyYz-aFt3EOHtDWxsA3MIvQ5VVB-log4AqDYxl2HAkLUnkzAhjM7m2hAFH-T9npuaZEGup7ZLRy6hE0mjar8mnlQnPFYOwkhYnYC4UbHo5Mp7miIFWzR-jiKZvuBrbAET5MiQafAQaeECd4bytJu0zXHeAXGXJjgxP8AJrFjIL73IlOProlUBk5KpsMnLXhXh5KY5OPEZQcofGNuOKOmnrgHpq1QO-nbFc7t799BvzT5SeTfFMu1n2bRyzxLW8aX3SZUU1pNO3IGTKIDyVDk8vvbCgdRNepwDyQRHU7-Cp6Jj0nK3smgEeTk48-Vz-msysJm7EFzhXhLoHIEFdDCGtNPsv9bs5TjEFLwv_Htyo9Dp9CmAMAtNFGqbIAoUMgaRwgEEj8A6tujfQkQpz_woqwKna6Ba3_SSQS1uEofrKAnHV-AJgnC1QoQaoocFWWm9EqZa11XLcZm5P5yHLvsiCaNTd4YASAOYAE

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f157.1e100.net

Software

cafe /

Resource Hash

b87a02f9bbdd0546a6c298508814467b77a937d88cbafec75f60c72933cdc07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23759
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D41A 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtfLyA-VQY-aGJOjRx_APzoeJ4AIAAAAAOAHgBAI&bg=!r6ylrOjNAAYeOJy_Pjg7ACkAdvg8WmCaxHsjOZZqmQYH0pse1qR5Khr1ENURqyS1lQ_uRFT5BBwcBgIAAABuUgAAAAJoAQcKABWGlwpC2azRdKaJlDPwFVQfKYW2keKZAuo-OU0pq4shtjGOdxyOhmxCMLEQj-PmmRYA4SKuAoRpS-oQI1xOqkfoZtL1ON_zobeIcrBNfpcFcqJo3GcA_qfTCBnb0hlL01wRwdo5I20NxBwDsTlo9Mmrd9mcdd4RUZ-ZCDZk3mi72dwd87zgp0oP1T8LQpTmXVq7t7_Wo0iSVMfgHtgO-PEUkO1jW881J-pllMAHQjN0sKGgZtYsSypbJ8gWWBeThoOT6afrp0JPxZz7m4To0_hs1FQiLu6rnOq0FTiFeqhZ2pNxo-MSsoIV-iHaV-4Jj-jjalnSrh3NkAuerrlgTEpZXvAbPLBhs3RfDpALAKSX7AMHXZDNSD1ghZAijItVtJ5PzG87N4pLMKvM2hFO3J4t3Hn7nd09kbMs8_w0lIwKD9cpq4sOCvdK_b9dztp92QkDqg08jbRnq9zZlaR43KxJJgbOfCxVfEkPT-m2CFvUhbiNO8SJTkFS4XdxoJj_lJWTP-dM647psnopTxc5ERzIJGENlgaxbYsjm-ia7hErbCFdsXSkviwa3z-I2VxriK1YPGqq5u5nlI-Jt4yb4pHkOTvavp5lJzNWnaPgl51GOVRUwd7tgLKiyYt80EHP0QzDE0O16E0PAcNgQaYDiks9V-LVK-r_kzIDxGAKXe51unLmLotqo89g3uDJdKjEbjas7pg0DPUDznniz16Ma_JkA2IQOt02i-KrA0L-0VWuuFMycO3bbhUzeC9L3dklRlkR_fzKFjNX0JeccWhwrI3TcRI1_KH9Raf21MujChNMi_GVT-nhZM3zWo2PQHq5BN-xdgley8LAwfO5P20qylgjJpSWCoshk0P3Jp4S7BG48nCAKDCYW1_xeLACDbu_HEoFyIy-fogSNOoW_hgBk_zGRJgwjLPrfbfLhnP-aHjXlLmpkHcDYkwAU9E6E3UAY9bXbqoqxHhTl_upaTzBocy8LkpY8d-fc82LaK6TmfKi2r9dWkufamLNxi0eUdzGoBdCmA

Requested by

Host: ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com
URL: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
218 B 30ms
30ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19285/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://vsim.ua
Date: Thu, 20 Oct 2022 06:04:51 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C03C 0
0 80ms
79ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPSkr8DJngwMNHcVWDLfjexue90_aUutZD5L6UiUGlkBsuVEgIU5hVxb5JOKF_PCnuG53p4mXACBAXAv7Y5oC07Irb9J4IGEa6jAPOW5Kkf9wOGTY1p1rs-4GoBhaWWjnBLGGTLysMIh3GIynX7Hes0LDRFcgmCqomeNJ_4qeMYHmbkCyOmtauXCC767j_C-EYuWUkWDsJCVZWqERsubDxDV15y7l-NNJ0V2p-amPsMdqPg80Cc2H3x-ruiG-qlRdmIK1txffRApYqdisEOF5oH1Am9w2f0wQBZ9BlwDobxagKle1rjIwog8vvOmbyHi9I&sai=AMfl-YS30dRuq1RNwBHII4aSSrvUKMpvgtD9XEIUJRKzNvDIKAQ112PlSc_0GaRCtqQQAjiT83AtD274m1lt9gnSFdHAaKS32kMLFPngb9KXQ8_S6RXwa5vQGO2Ik3zT8CwDhQ&sig=Cg0ArKJSzBN5Q6Uljt3vEAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/ Frame C03C 23 KB
9 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 15:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 15:08:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame C03C 3 KB
1 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 15:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 15:08:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C03C 0
0 138ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSshKl9-ihrfgXqITtHYui8byh9UVtzcxyWGCvGFX1TPQuBv7zWnBm2dDkj0jnwSrLjUQ_uejx952SBE_OIWqtXlQJ4cg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C03C 152 KB
46 KB 148ms
60ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47476
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666179788250400"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Oct 2022 06:04:52 GMT

GET
H3 200 17802634189168058656
tpc.googlesyndication.com/simgad/ Frame C03C 193 KB
193 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17802634189168058656

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a61bcc9e290ec56ee4972574c2c85c682706a76d0e5abdef86a7f6103ed78fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 09:07:26 GMT
x-content-type-options: nosniff
age: 75446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197153
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 08:46:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Oct 2023 09:07:26 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5C93 170 KB
59 KB 138ms
40ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
Origin: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 10:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Oct 2022 10:22:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221018/r20110914/elements/html/ Frame 5C93 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221018/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWc2y_H8KhVXxzQdpERu8LbnEgoN5DYNCuFTY1-SKqSNJqtW-4&d=CokBAKAmf-DPz7GAG_q_AEjxRFN4zhDDR6M4aGNTlD4izCGlJ_6LzgFgKAFrcUfQFudm2T8fG5HD5z1MoaOByPf7TexaXFQ-5T9rJuLp8VJmr_PHXClvtf-Ors8uV4YWpsosijsv9mWpSPm76gg8HMERplC6Y_lPlhW9CGihh_3Gz3PBurKZkZ6CTLcSiRUAoCZ_4BJg8hGtCSV9GwaZssFJGnUmuA2rNhl5C9WVsEXm6bRROWW0Wdf6pM-2DNn5Mf7h8fmtqkw5oSHjTBj-1S56haIvGaiIjnPuqkSkXBTT3y9YU6NRNKOhsR7KrInAZRot9Yzy8h5wUDYgjj0wHxWtS00GJHaS2MRIKmycNF54UfvTozsNhfCla0oRwIuHfuylD9CdBEYPhdsmLs-0NjbE4lF3CnHoxL8TWjQzbxnnHXtiKQBsDQhYWlUI3nc5PicpwF_-Fwj9nd04XzNa94_F6-mo1oI4sOJJHO3_qxNe80OYplCRPcJ2Q6yB1iShJmiAM2NfUuPHMJIeblT3ZwEUSnLYQQKCCFob_64LpTzfen6dG1RuaU9bwjrNNrsfeMVpsan7c9TvEPkENvWQBOiSzEVbzqrVqSONhxrdYYnwnds-_VfOI5kZZ622YZWpUOzQkFswd75jUTvK0MQvpFlqY1k_dN6YGS4oTt7jj727oIVMoGi5JPuepvJzSOxzvWgWm6kW9g6uvNC1kN-6QuMjRRDZmM32vKLBQxf2oi-dM3B_W-NwAUFUvmAPt0kfvdokizSbQAX5ulfrOmKZ-5SElyDhMUF2JwBV9tNG5bVwaMQWR_V4tiS6h17_6OkV8q6NbCar_nT8UERR4ZUAWj1LC2C3qfCOi-6dA6PPCB02jTwR4DYmoAnHn79GR3y4nI-9tiDRgB-7NHUYab6wo85VYuSKD5bDQQrgYWNjVw3xFZLKLxUvVUMMaFQubAbrou67Q6igNx35CJrqZ4jZBhMIu3iy_hUGhwAYwZMqTvUYldd5om0FO5R8UQgapfjlBRlEEwpWMiUSoL1sx3ksS5gp3o9l-a3561Y9otnzz0UCXFUfq9qInbaXEkx5FQ3JOcVgUl0rzjgjfK7AGOfG8LxQDWbx6Ep37FQTHwlqvm4fL_zJs_T4wRGXWzby2Yn80P3sbGUSbj9DLcrwEcNPoHVcUsg1mq4UoRJYbZGX8SerEg-08L1NmxAWnngMu3PhKt5aDr3kiVmZc1co1tsRHa-62b3W4qsYNS1GLi2LMQo-Ym8z1q1sqdx-06on9YeQoNLCoRBThog2NJDftLnrhG8DAmX6JkxUeULLtnnGiTicJoRQNziOFGUK7vbk081P68QUK6dxDS1Bc63bqHc5NFk3D9w0zpBMOOiwkTHoo9xh0GdKKDOwEyM5bCIPW0EWa9tmqnm5Sw3oRY7bOlbSXtRsd8EZo9onRptpxO6cix0hKVHbSad3e1G9UHQISYSvI6uUn4QguL6Ftc4KtMbtZRTKV0NZKwxrSpySMyV2sisBXrQpqEMVvTJ0vtNJLalrk4cGFehLm-5OtQQ8IxegdJ9M8k7dBCi1c4msRq19VXQoIcuzVANtMLbEkYjpzhqe-y2TY1YccM2fUm_bkH3zzj38k1maKINO5mxANlf1u88qqMxXL-ebKw5ugyvX9h0TbLF0x90-XJLJF9vQ17jfHyOYcA3NaI73ColqZGSBjhMjdNrayHhNP4gGfeWGkuxT0ye0QGtxecLnj5ZAy6c2CAAyth3JjQEQ0bfmncE0O3HSE_b9TQ8sgOu20nJucOxkI8IjXwgRFW_c7m4HcPl4J_pCPQg7bk6Obh2Auwf_9pTnokalapeOFaIPi9E18yjVGBeJcPZ5AUDiRVCu-dXahAW1ZQyad7l22MkKjtvR9-UnQUCxtBw8S2gEK5t65MMXeGXOOEe-7mtLAUHfzTrGY2cAyvCA32EGRDoR7342Z9mJdb3e5gvpsIVb70XaBDTBRrzfjmhhsRC3YwagzMWgAnH9u17QxD4SF2b-3OiAE33P4NB9sYUssblKF46WD6fEkVzK_hr4C_embGJM_vMlnCqkBTchhHd7h2ycJKUes_xEV7hU_WGmAhd6m4-pJmnDcdWQqc90yj_FTz8V4jrI_HjeWaCYLsi3p5jvSZcI_S3ToCt30ZqBGHLMnaC3XAYoalml1tJa_ZNiOaqMeDGh1Oxs6mIppu9EVsrxpo9l6Q2MH3nap79NwhuIxfwz1bjxV_HcSgGcpsf5pbT6v5pNWwpDZP6UWHv_RDVszX8ei9EUIo_UVd7ZF373YX0E6T_vp_DClcMX4CUH-7E3yVZszsIMf54JIPVndhEL3pz3KzjILYydTjKYjkYzOc4nBLLnY7YwK4t5CCI7PAFB0JpOEEedoud-K2bSWPsttgcsX-uRPcmX_7FSmyEI1GWzR129kvt59AklgzVEo33hAYo-l1ahrT1tJBil3MnTRht4z5ifxrq46sQqB74Q_rleE0BpHnoWsLO6hOX_dD6fbQeHRRHJJvAn63WuduEPFrCvErDDx8gwmipQ8KSUJ6wOYT6oU-TLYVE_NWYTXUXtHUYEEchYnI89DMaSSxA9NnWDfgiwP1_5V07kdd3L-_adLHKu9FNAGFUmkoAhKa2zqHmIkKkGrhmAAGBxeNGP51-oUpOQKGsAdG2pLDt-13PNMDSicuDHs1f06_3l4uKXuT_A4dHl9jqIP3NTSjv2a6wTq8ThQw77zeX32zBLRsPe3e2ByvT37eVApxLaeA3QdSMlbftFuoKXaoKHdTMzt5LgZP-9cVNY1dtks0k6Pmzcr5cRns06-yJQj1KnWbF1oYjOa5Kk5eKYWBUGjLl0iZapct7efkr2ujBLhvenXneEc-2reYb32nWI5z902L4ycRg-yyfkxkRk4vGON9xRu2l8OCGjR0EUaAdSaqJz1UyHo5Qau_LrHTjWPxObwAV5G4TkeYpuzA5CKx9aOoYaesL4g6AY_Pv2YW5vtOaYYuadLAyeXq7ype8g8Duxsr8gUzH-qGgtkkSRnKC4vpZyeXXoExe-ju_lggcfBGZ3BGhCpZrp7IXXIWh5SthzmQkKQjAUIHdQCOzTfFLH1m9Fm388kb1U2XMdrwOnVlHc5o4wwF3ey_nqrSztbQ_njglR0l2nIH1R7HczBY2BylP5P-pL93mpGVlEfoTgSSm8FqQWQXoh-xzvMb02G5x6gIXletuSjVH-vrzZ_PrOQIclAnlDj7redupdJDjmAC4Wy9aQeWpuKtEm8CCEhgVInWeCPJH1cGNsz_0VKtIFvcT7u-sR1fL4JTrqZ5QierIiYZFnN6T_6XL7a1wcsg0eE8boHsC4R5zVSuVJthDClMq6OIjIAO-hNRZ74BwkFjEkcRYVaIyMxBMuBAWFqmi7JyYz-aFt3EOHtDWxsA3MIvQ5VVB-log4AqDYxl2HAkLUnkzAhjM7m2hAFH-T9npuaZEGup7ZLRy6hE0mjar8mnlQnPFYOwkhYnYC4UbHo5Mp7miIFWzR-jiKZvuBrbAET5MiQafAQaeECd4bytJu0zXHeAXGXJjgxP8AJrFjIL73IlOProlUBk5KpsMnLXhXh5KY5OPEZQcofGNuOKOmnrgHpq1QO-nbFc7t799BvzT5SeTfFMu1n2bRyzxLW8aX3SZUU1pNO3IGTKIDyVDk8vvbCgdRNepwDyQRHU7-Cp6Jj0nK3smgEeTk48-Vz-msysJm7EFzhXhLoHIEFdDCGtNPsv9bs5TjEFLwv_Htyo9Dp9CmAMAtNFGqbIAoUMgaRwgEEj8A6tujfQkQpz_woqwKna6Ba3_SSQS1uEofrKAnHV-AJgnC1QoQaoocFWWm9EqZa11XLcZm5P5yHLvsiCaNTd4YASAOYAE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 15:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 15:06:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221018/r20110914/ Frame 5C93 30 KB
11 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221018/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 15:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 15:06:23 GMT

GET
DATA 200
OK truncated
/ Frame C03C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b73856925422c64a8f1ca63f24459ee0e1b38e97766220f07c3e3afba82bcad2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements3094.js Show response
cdn.doubleverify.com/ Frame 1043 545 KB
105 KB 43ms
43ms Script
application/javascript 2a02:26f0:3400::1702:d12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3094.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3400::1702:d12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 06:04:52 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Sep 2022 19:04:54 GMT
Server: Microsoft-IIS/10.0
ETag: "0cf338991cbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106974

GET
DATA 200
OK truncated
/ Frame 5C93 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ac651a263f00343d784511e38598501e6768038ab1bb4b7a42753a634adcfba

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101701&jk=3751769262565394&bg=!srGlsfXNAAYeOJy_Pjg7ACkAdvg8WgDofQtgp92JfC8AbK2sS9FwDJHibKnpjkjHFXZOVL4BblUWYAIAAACPUgAAAAFoAQcKAERnmyxFlOS4uvx5pUyU23yVedlXCjv5mMo5P855gHAD5b4lET-rS3miIB1VumqXMUq54Ti8rhmKp-oqyGIzblhTQs2NjpkCpx2qVzpK7iYVUTbReDdMenlxAiaqVSSkVM3DvMFFHTgjJIwSz2G6F9Eu47XhwS4E8QRUJTdief38KYsV0L-8g3gE2ILPYhSJKNIgQLTjwnpaN6nwuRgBj6arLUYLYhkqOm65GqivJW9ESnuelEpYyD8lQkI_h_JF9gI5IUXQ7rUNNfHS1YB61TzUDM7RDAwLO0no6mwoy2oK3zIqpSAo3YErPa9ZUBNcif2IPE2hz4xycmIztYe_B4N_0UjBK0A_G2l35l0ehX9LVrMvv5Ov14B8ocWrz7OlRyBcgQFfAkp1yhxx3OVV4m14MEIdRvxaWLovoWsDliq4T8rTfr-0iN4S8-HZFizxRuIKvs-T12dRLdE6MpYFO4QPLGfoaBHmtAihS7BusQLYBAVkNOTlqPiKorxCvbF-7uzTHbWZxrzZ9RvfrRCI_48V6aOCIQS9B6ZI9FHpErBLo3aUEJzPgJobHHQYMd-fC2jJ7iHSsxpCEzUVOFbAyrYQnTOrlMMjFgiBUrYr0GkU3aHVleOsMBkNNuEs6Rgv1N0iNgzy0nuZXW2NdO782qiS6v9iU2fYkr-T_3fj44t18c0uVCSdAvh5Flak6d2fNtNH74Qm-UrQOyG1BC_AzTsFJ3CepreLrUzt28DJeN-IKQXuMOSlJ7z6ZpZHYP2AU9aUvKuWikyFH-DzYZQqmTr0DFnoKdFUplKmwEzavuvz9vR43NVK0lzNOrucRqP4anDpaKi6cF6MNoMnOniPKPHWkrSJ5rEkmIX6obN58BlGRTYYkBaUMC5XyVMwnI1OVSm5kKYSz7GaXL2pwRWAHEjSGA4EuG-quLjEteYcx1UJ7XfWJbSN4ECA76kVWPYetCkGi1_vvdtuzMICE3u27uiZmgQHTyx_ySqL4yMzC2Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 1043 694 B
703 B 216ms
67ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=117&ttfrms=29&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauGD%3A%3E%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauGD%3A%3E%5DF2Tar9EEADTbpTauTau67f7ab2gbhc2h2g44df_fghdcc3h2_7e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1666245892333490&jsCallback=dvCallback_1666245892333127&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=10&brh=2&sdf=2&dvp_epl=191&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://vsim.ua/&c1=4845432&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0ie4aYZRR8pUFepW4CcEegM&aucmp=18351072895&aucrtv=431987560&auorder=1006926603&ausite=32529797535&auxch=1&pltfrm=1&aufilter1=4845432&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=20307260.456859663&dvp_tukv=113306283330.12975&dvp_uuid=781345018531.2078&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=819073333455
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 809e0b95e70d98495043d6e13c9dbf1c7c4e6a9b8aac099d87088bc77f95b4c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:52 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/19/2022 06:04:52

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C03C 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxQu8AdQrWhm5g43p0620g3pemdfJByKmuvo94WkMTvHXwycFkfDuyd5IOWgeJqiQZB9T6E57-XiqNFvF41aZerwcotUzV8Psqj3tm5dSBYEGDYDN7Z3kJZ83KgJqoglbuOYVL8AXrcqqUxar1pX7-BFuvqCpan4TTjgcxnpEodfjhJ4zB0lRCsu2IFQMf9ruqHTpoQF1e8V8uejXSAcMR-7BINPwiE7G_i0t9X06hbamGsd07cejZF-5ZIf-CbSydTheC3KH7fzmDkqAoi2KnHOkkXTzVTi5dARlWhXqMnOFlM9x2CYpb3zaJgJvhE-2x_cc&sai=AMfl-YT38I_Fgyt27-sDEzVb3j9c94-9hHeb2jElQvmATKe-cDoK_z_Bs1beRjaRxrlnbEoUWroSUkNTAznEqyKPvwIWw1TBcO7nZNEDvQghipVy41uUNGd5ZCvlTzvcDTyUrQ&sig=Cg0ArKJSzMrWTM9gPzYaEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Oct 2022 06:04:52 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/ Frame E4FC 22 KB
4 KB 137ms
55ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecd94534038f3813cd7b6b7ffa2faa84e69b27f5ed72837602dcd3638cfe39b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 06:04:52 GMT
expires: Fri, 20 Oct 2023 06:04:52 GMT
last-modified: Wed, 13 Jul 2022 08:06:16 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5C93 0
575 B 176ms
79ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMBlkCoGucB0Jp7s2RZ5Tue93CPGi78b1cPOMJkoh3E3L0RFpxjWEAbHOZvyznTF3I6I0sOgaKd7hEPY6dQl1Lq56x7sRtNN8B7uMM2Ne0ydOETktEyQYOjy_BOvGdXwtPvc0&sai=AMfl-YSrSAOtloINmhP8zEyX_yu26S9VJwYooC19KnVH7eBeaWv0VM8ettLsDdv7VutpENLdX6YRH7R7GgUGSwZyQK8O1z723iE3oOdqx4mAtNjloLrenGBVGL-LJk-ot075g4qk3Q&sig=Cg0ArKJSzO-_W5pu_Ge4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=367&cbvp=1&cstd=361&cisv=r20221018.64837&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements3094.js Show response
cdn.doubleverify.com/ Frame 575D 545 KB
105 KB 43ms
42ms Script
application/javascript 2a02:26f0:3400::1702:d12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3094.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3400::1702:d12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 06:04:52 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Sep 2022 19:04:54 GMT
Server: Microsoft-IIS/10.0
ETag: "0cf338991cbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106974

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 575D 694 B
700 B 118ms
53ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=82&ttfrms=6&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauGD%3A%3E%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauGD%3A%3E%5DF2Tar9EEADTbpTauTau67f7ab2gbhc2h2g44df_fghdcc3h2_7e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1666245892596901&jsCallback=dvCallback_1666245892596549&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=10&brh=2&sdf=2&dvp_epl=191&noc=4&nav_pltfrm=Win32&ctx=25334725&cmp=28076520&sid=5549275&plc=339530033&crt=175054344&btreg=531423458&btadsrv=doubleclick&adsrv=1&advid=9533763&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=20307260.456859663&dvp_tukv=3104135121.1899962&dvp_uuid=11917742.330002459&dvp_strhd=0.3000001907348633&dvpx_strhd=0.3000001907348633&dvp_tuid=1050662872001
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 749059e392b5dbdcfd11e760dde35fce2ae514f55cde7bfc3d2aa54ce0583910

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:52 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/19/2022 06:04:52

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/ Frame E4FC 5 KB
2 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1870
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 08:06:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 09:04:57 GMT

GET
H3 200 fonts.css
s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/ Frame E4FC 1002 B
256 B 44ms
43ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/fonts.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 08:06:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 09:04:57 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/ Frame E4FC 5 KB
1 KB 45ms
43ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b7a6a134bab0a0a7d01c36675fd60234f4b701f5a7edc0678e1e061048a012a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 08:06:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 09:04:57 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E4FC 118 KB
40 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Oct 2022 17:25:10 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E4FC 57 KB
23 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Oct 2022 06:04:52 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/ Frame E4FC 9 KB
4 KB 61ms
60ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3818
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 08:06:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 09:04:57 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/ Frame E4FC 24 KB
10 KB 64ms
64ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edef2c013c0d422caa829a837df925dd680b146ba9a181f2798a23bc30b17ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10568
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 08:06:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 09:04:57 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/ Frame E4FC 17 KB
3 KB 62ms
61ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ce885d1d7be6e0002ad71407d7140a4754af1639e8ccf133324a26edeeba1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2683
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 08:06:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 09:04:57 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5C93 0
26 B 165ms
79ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMBlkCoGucB0Jp7s2RZ5Tue93CPGi78b1cPOMJkoh3E3L0RFpxjWEAbHOZvyznTF3I6I0sOgaKd7hEPY6dQl1Lq56x7sRtNN8B7uMM2Ne0ydOETktEyQYOjy_BOvGdXwtPvc0&sai=AMfl-YSrSAOtloINmhP8zEyX_yu26S9VJwYooC19KnVH7eBeaWv0VM8ettLsDdv7VutpENLdX6YRH7R7GgUGSwZyQK8O1z723iE3oOdqx4mAtNjloLrenGBVGL-LJk-ot075g4qk3Q&sig=Cg0ArKJSzO-_W5pu_Ge4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=622&vt=11&dtpt=255&dett=3&cstd=361&cisv=r20221018.64837&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E4FC 7 KB
6 KB 139ms
53ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea78b2a6075cdc0a54ab9ae6307361d0209634563b4f11ea590ece7f7b14385d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5691
x-xss-protection: 0

GET
H3 200 baseImage5_300x250_DeepBlue_0_0_1.00.png_1657625510486_baseImage5_300x250_DeepBlue_0_0_1.00.png
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61a667df7847c634bdc735c3/original/ Frame E4FC 7 KB
7 KB 41ms
40ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61a667df7847c634bdc735c3/original/baseImage5_300x250_DeepBlue_0_0_1.00.png_1657625510486_baseImage5_300x250_DeepBlue_0_0_1.00.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18786e5a2ed85d779bb7fd1c3118ad335306f0741908639455fee0b4361d790c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 05:03:42 GMT
x-content-type-options: nosniff
age: 522070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6916
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 11:31:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 05:03:42 GMT

GET
H3 200 CRU_DIS_17_F007_EXT%20(1)_1264_4608_1.34.jpeg_1665673227634_CRU_DIS_17_F007_EXT%20(1)_1264_4608_1.34.jpeg
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/633d8b4b7b1f025d30bb023e/original/ Frame E4FC 11 KB
11 KB 47ms
43ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/633d8b4b7b1f025d30bb023e/original/CRU_DIS_17_F007_EXT%20(1)_1264_4608_1.34.jpeg_1665673227634_CRU_DIS_17_F007_EXT%20(1)_1264_4608_1.34.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc0ccbfdb085bbbb3e5c10cb54244c88c790b85cdb6bf0689d1e2b8c811b3f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 17:06:16 GMT
x-content-type-options: nosniff
age: 565116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11627
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 15:00:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 17:06:16 GMT

GET
H3 200 baseImage3_300x250_DeepBlue_0_0_1.00.png_1657625510486_baseImage3_300x250_DeepBlue_0_0_1.00.png
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61a667877847c6cfd2c734f5/original/ Frame E4FC 9 KB
9 KB 46ms
42ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61a667877847c6cfd2c734f5/original/baseImage3_300x250_DeepBlue_0_0_1.00.png_1657625510486_baseImage3_300x250_DeepBlue_0_0_1.00.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3400a1ff22e23daa3a02f57a4cf7e88eeca624c549667716d2bc4c5290884562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:11:58 GMT
x-content-type-options: nosniff
age: 161574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8804
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 11:31:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 09:11:58 GMT

GET
H3 200 baseImage4_300x250_DeepBlue_0_0_1.00.png_1657625510486_baseImage4_300x250_DeepBlue_0_0_1.00.png
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61a667c27847c67cd0c73572/original/ Frame E4FC 25 KB
25 KB 52ms
48ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61a667c27847c67cd0c73572/original/baseImage4_300x250_DeepBlue_0_0_1.00.png_1657625510486_baseImage4_300x250_DeepBlue_0_0_1.00.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a1ae3fba49e8baf9481690260f8a060b18cfec1d780921ab11acb731c069fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 05:03:42 GMT
x-content-type-options: nosniff
age: 522070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25844
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 11:32:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 05:03:42 GMT

GET
H3 200 wave.png_1657625510486_wave.png
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6272a6d9fb31e7461ed868a5/content/ Frame E4FC 5 KB
5 KB 50ms
46ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6272a6d9fb31e7461ed868a5/content/wave.png_1657625510486_wave.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e13f72268ed653f997a9c1797c1e4d596e15da4e8edb299c3fa2ebc7c77d458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:03:36 GMT
x-content-type-options: nosniff
age: 496876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4808
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 11:31:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 12:03:36 GMT

GET
H3 200 ATOL_BLUE.png_1657625510486_ATOL_BLUE.png
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/617923a368ffdde15f5d7ae1/original/ Frame E4FC 4 KB
4 KB 60ms
56ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/617923a368ffdde15f5d7ae1/original/ATOL_BLUE.png_1657625510486_ATOL_BLUE.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96f087922f32e82fb25fbf87070e7d0c7b67442807c7c319581373b49684e5e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:54:01 GMT
x-content-type-options: nosniff
age: 540651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4452
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 11:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 23:54:01 GMT

GET
H3 200 icon2.png_1657625510486_icon2.png
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6272a6d9fb31e7461ed868a5/content/ Frame E4FC 6 KB
6 KB 62ms
58ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:04:57 GMT
x-content-type-options: nosniff
age: 161995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5901
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 11:31:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 09:04:57 GMT

GET
H3 200 icon3.png_1657625510486_icon3.png
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6272a6d9fb31e7461ed868a5/content/ Frame E4FC 6 KB
6 KB 61ms
57ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:24:56 GMT
x-content-type-options: nosniff
age: 524396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6126
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 11:31:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 04:24:56 GMT

GET
H3 200 blank.png_1657625510486_blank.png
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/62540ecfb3d115d67b86dcf6/original/ Frame E4FC 927 B
956 B 61ms
58ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/62540ecfb3d115d67b86dcf6/original/blank.png_1657625510486_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:04:46 GMT
x-content-type-options: nosniff
age: 162006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 927
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 11:31:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 09:04:46 GMT

GET
H3 200 Marella%20white%20logo.png_1657625510486_Marella%20white%20logo.png
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61a661477847c63681c726d0/original/ Frame E4FC 2 KB
2 KB 58ms
55ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61a661477847c63681c726d0/original/Marella%20white%20logo.png_1657625510486_Marella%20white%20logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2c2e7fc2d7a7facfbc8a1bf2ccf4316dfe8bfdd0b7ffcb6b9c490b591dbae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:04:46 GMT
x-content-type-options: nosniff
age: 162006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1779
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 11:31:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 09:04:46 GMT

GET
H3 200 Live_Happy_logo2.png_1657625510486_Live_Happy_logo2.png
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61c2e42063d0eee082a84cf1/original/ Frame E4FC 2 KB
2 KB 57ms
54ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61c2e42063d0eee082a84cf1/original/Live_Happy_logo2.png_1657625510486_Live_Happy_logo2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:04:46 GMT
x-content-type-options: nosniff
age: 162006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1701
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 11:31:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 09:04:46 GMT

GET
H3 200 ATOL_logo_white.png_1657625510486_ATOL_logo_white.png
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61712f0ed029b471c2eed6c0/original/ Frame E4FC 4 KB
4 KB 56ms
53ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61712f0ed029b471c2eed6c0/original/ATOL_logo_white.png_1657625510486_ATOL_logo_white.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

932a4c24058b7fa194a0fdb2b602fbb6018cd2b878fe510c21f1b9b13fd568b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:09:54 GMT
x-content-type-options: nosniff
age: 525298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4168
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 11:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 04:09:54 GMT

GET
H3 200 terms.png_1657625510486_terms.png
s0.2mdn.net/dynamic/2/10986063/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6272a6d9fb31e7461ed868a5/content/ Frame E4FC 1 KB
1 KB 62ms
59ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55f2deff782ba65cf6da41a7254455c959d71ebde3f070aa043a25b3a5806e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Pa1FNNmsFF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:04:57 GMT
x-content-type-options: nosniff
age: 161995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1365
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 11:32:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 09:04:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E4FC 17 KB
6 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Oct 2022 06:04:53 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame BBBA 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 16:55:55 GMT

GET
H3 200 Ambit-Bold.woff
s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/ Frame E4FC 37 KB
37 KB 42ms
41ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/Ambit-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

620f78285fcec185cf13e3f850abbdd5aced51cf669f48d53fe2f36cf2df331d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:09:23 GMT
x-content-type-options: nosniff
age: 161730
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37416
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 08:06:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 09:09:23 GMT

GET
H3 200 Ambit-Regular.woff
s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/ Frame E4FC 34 KB
34 KB 49ms
49ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/Ambit-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cdb93e36aee3bae06fd27784d93ef71abaaeb9c733d2cf7d0811a3060606f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11302904111965405184/300x250-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:09:23 GMT
x-content-type-options: nosniff
age: 161730
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34408
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 08:06:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 09:09:23 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C93 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc0sMQihGP80q5CIHjetQuo6w7E3mN9e6FAwO_5YL2JO0GiAbybcSBt72wJEcUIK_bfriMV3KZwKLSsTCD5SWxpLQ7efQJcAzJKcd_177Cl7L6DqEUp1JpQsSjsZ5P2LB8kWE3SAA&sai=AMfl-YTmE6xVPz6W1QJCHEHfp-otAnkqGzyPirK8u4l-cv1DQ5iDo5vBJk9RYpVmOpgmrZiJGtXTw36tZEhbpyabgkAVtTb6I95DXKIQJneChTxbooIfz8XK3Jpo4VPB5BeGcWY&sig=Cg0ArKJSzLgcgUdNSvSeEAE&cid=CAQSPwDq26N9CRCnP_CirAqdroFrf9JJBLW4Sh-soCcdX4AmCcLVChBqihwVZab0SplrXVctxmbk_nIcu-yIJo1N3hgBIA4&id=lidar2&mcvt=1000&p=228,1092,478,1392&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=978356717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666245891331&rpt=915&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 111ms
35ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 20 Oct 2022 06:04:54 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 519822
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=B7rkBnxET3RiUDVSOTEycDVrallwc3pGdzd4WG8rajBTV1g4MVJxYnNLOC8vNGRCY1MwSlV0OGgwLzNJY1VHWlVqNGVqWnU0bG0zOWJCczNMK0d6MitGTnU2UjFJK2FOMDJZckVPenRVbThCc3FEaWI0WnN2NGJ3SFZxb1...

340 B
629 B

110ms
38ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=B7rkBnxET3RiUDVSOTEycDVrallwc3pGdzd4WG8rajBTV1g4MVJxYnNLOC8vNGRCY1MwSlV0OGgwLzNJY1VHWlVqNGVqWnU0bG0zOWJCczNMK0d6MitGTnU2UjFJK2FOMDJZckVPenRVbThCc3FEaWI0WnN2NGJ3SFZxb1l6clJDWStiYnp3YlJmSit3MkFkaDI3OEdMa0UrbW5iRUphUEI0VFhHcUhxNlZhV25hM3ZEcC9PRnhpQTRHZU9adnpzSGdNZmRVWWZWK1JJaUdjU3F1YTg0N0NDZk41REZVa0N4QUF3cFB5QjFJWitjditZPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7b2a40d3ab17f18bd52246979ae6121e5ebb314275efef1125edbbda1caf5fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1322506
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=B7rkBnxET3RiUDVSOTEycDVrallwc3pGdzd4WG8rajBTV1g4MVJxYnNLOC8vNGRCY1MwSlV0OGgwLzNJY1VHWlVqNGVqWnU0bG0zOWJCczNMK0d6MitGTnU2UjFJK2FOMDJZckVPenRVbThCc3FEaWI0WnN2NGJ3SFZxb1l6clJDWStiYnp3YlJmSit3MkFkaDI3OEdMa0UrbW5iRUphUEI0VFhHcUhxNlZhV25hM3ZEcC9PRnhpQTRHZU9adnpzSGdNZmRVWWZWK1JJaUdjU3F1YTg0N0NDZk41REZVa0N4QUF3cFB5QjFJWitjditZPXw&cppv=2
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 549342
content-length: 0
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 216 B
617 B 135ms
41ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

76365085aa30f651b2b2f34ccef7060451991ed0be6c022ac201c744947bb935

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Thu, 20 Oct 2022 06:04:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 9E0B 3 KB
2 KB 90ms
29ms Document
text/html 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 699
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 75cf8f083fa1360d-MAN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Oct 2022 06:04:54 GMT
expires: Thu, 20 Oct 2022 10:04:54 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 51AD 15 KB
6 KB 134ms
41ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=44814
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 20 Oct 2022 06:04:54 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 20 Oct 2022 18:31:48 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame 7360 8 KB
2 KB 114ms
45ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fb680c3452ce03e9424961b68a681fae464cd554ae44f459a4da137eaf1fb99

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://vsim.ua
cf-cache-status: DYNAMIC
cf-ray: 75cf8f084db17743-LHR
content-encoding: br
content-type: text/html
date: Thu, 20 Oct 2022 06:04:54 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H3 204 /
csync.loopme.me/ Frame 633D 0
0 77ms
46ms Document
text/plain 2606:4700::6813:ad6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75cf8f0809a606c1-LHR
date: Thu, 20 Oct 2022 06:04:54 GMT
server: cloudflare

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AF0F 15 KB
6 KB 132ms
42ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=44814
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 20 Oct 2022 06:04:54 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 20 Oct 2022 18:31:48 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame BA97 281 B
573 B 137ms
41ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Oct 2022 06:04:54 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2589 52 KB
17 KB 108ms
28ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462846/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 5758
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 20 Oct 2022 06:04:54 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 19 Oct 2022 04:28:54 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 341, 12615
X-Served-By: cache-lga13626-LGA, cache-lcy19255-LCY
X-Timer: S1666245894.458814,VS0,VE0

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 4312 2 KB
1 KB 199ms
97ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea889d6a8f8c3a8f8fd2fded6aa0d2892457a9df8548c5590c4ed2826ff608fd

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 75cf8f091b4e72d0-LHR
content-encoding: br
content-type: text/html
date: Thu, 20 Oct 2022 06:04:54 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anwE8GQz5YdQSIpHkAHDVmg5aAllb%2F1McM6pM%2Buk4GdxaE3WgCmcyj13S92K2XQeXsnpD32UaATfK4w53xxn4wRa0xeSQSJHgiPRHIhEgP4y0HCSPysJzH4quA4DWH0HuuvVLdW0suP2ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 7360 0
0 35ms
34ms Image
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 7360 170 B
188 B 52ms
52ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7360
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=69f747e4-825d-40c3-b4e0-28d9b31411ca&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63...

95 B
152 B

47ms
47ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=69f747e4-825d-40c3-b4e0-28d9b31411ca&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75cf8f09df7a7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=69f747e4-825d-40c3-b4e0-28d9b31411ca&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
date: Thu, 20 Oct 2022 06:04:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 7360 0
331 B 165ms
48ms Image
text/plain 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7360 70 B
265 B 126ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 7360 0
162 B 109ms
37ms Image
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1666245895.592852,VS0,VE9
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-lcy19259-LCY

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 7360 0
411 B 592ms
130ms Image
text/html 2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:55 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 7360 0
163 B 110ms
30ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd09e-21aa-4529-69a5-66fb3104590c%26reqId%3D5201d8e4-990c-4e63-4f1b-ef5b55640a58%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 20 Oct 2022 06:04:52 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7360
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=136...
https://mwzeom.zeotap.com/mw?cid=8065e0b1-3e53-4d96-9f5a-31c5f6fba2a0&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
152 B

47ms
47ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=8065e0b1-3e53-4d96-9f5a-31c5f6fba2a0&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75cf8f0a88a27743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=8065e0b1-3e53-4d96-9f5a-31c5f6fba2a0&zpartnerid=317&gdpr=1&gdpr_consent=
pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7360
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=166cd09e-21aa-4529-69a5-66fb3104590c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=166cd09e-21aa-4529-69a5-66fb3104590c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=49766781676018897483412090730401545950&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-...

95 B
152 B

50ms
50ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=49766781676018897483412090730401545950&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75cf8f0a586b7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-2-v044-0d06d6d5c.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: JSilvIiSQwg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=49766781676018897483412090730401545950&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 7360 0
324 B 176ms
39ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7360
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7156471621840074894&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-...

95 B
180 B

58ms
46ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7156471621840074894&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75cf8f09cf6d7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7156471621840074894&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Date: Thu, 20 Oct 2022 06:04:54 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3 200 receive
pixel.tapad.com/idsync/ex/ Frame 7360 95 B
113 B 64ms
37ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=166cd09e-21aa-4529-69a5-66fb3104590c

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/png
date: Thu, 20 Oct 2022 06:04:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7360
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=166cd09e-21aa-4529-69a5-66fb3104590c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=166cd09e-21aa-4529-69a5-66fb3104590c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=gO.yrILf4N2mtat4ZLQjae&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e...

95 B
152 B

43ms
43ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=gO.yrILf4N2mtat4ZLQjae&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75cf8f0ab8e37743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 google
last-modified: Thu, 20 Oct 2022 06:04:54 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=gO.yrILf4N2mtat4ZLQjae&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7360
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5...
https://mwzeom.zeotap.com/mw?cid=

95 B
152 B

44ms
44ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75cf8f0ad9557743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=
pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7360
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=166cd09e-21aa-4529-69a5-66fb3104590c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=166cd09e-21aa-4529-69a5-66fb3104590c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361

95 B
152 B

43ms
42ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75cf8f0aa8d67743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

expires: 0
pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
cache-control: no-cache
x-server: 10.45.23.27
content-length: 0
x-consent: absent

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7360
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-gNY8OQhE2opKjlBj7SlFwrXAaapgv2udZw--~A&zpartnerid=570&env=mWeb

95 B
152 B

45ms
44ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-gNY8OQhE2opKjlBj7SlFwrXAaapgv2udZw--~A&zpartnerid=570&env=mWeb
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75cf8f0aa8d97743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Thu, 20 Oct 2022 06:04:54 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0101.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-gNY8OQhE2opKjlBj7SlFwrXAaapgv2udZw--~A&zpartnerid=570&env=mWeb
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7360
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=WCJJIPin6H%2FjhU7%2F%2FD1GcehmG0YFtxvj%2BS41iYitP1U%3D

95 B
152 B

41ms
41ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=WCJJIPin6H%2FjhU7%2F%2FD1GcehmG0YFtxvj%2BS41iYitP1U%3D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75cf8f0ab8de7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=WCJJIPin6H%2FjhU7%2F%2FD1GcehmG0YFtxvj%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 7360 43 B
356 B 128ms
41ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=166cd09e-21aa-4529-69a5-66fb3104590c&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 7360 0
338 B 128ms
40ms Image
text/plain 52.30.33.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.33.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-33-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by: beacon-n004-dub-prod.krxd.net
date: Thu, 20 Oct 2022 06:04:54 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1666245895
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 7360 95 B
359 B 143ms
46ms Image
image/png 162.55.233.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=166cd09e-21aa-4529-69a5-66fb3104590c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.233.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/png
date: Thu, 20 Oct 2022 06:04:54 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7360
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y1DlBgAAAa3LYwAO&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5...

95 B
152 B

41ms
41ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y1DlBgAAAa3LYwAO&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361&_test=Y1DlBgAAAa3LYwAO
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75cf8f0c3ab17743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

x-served-by: cache-lcy19221-LCY
pragma: no-cache
date: Thu, 20 Oct 2022 06:04:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1666245895.047653,VS0,VE0
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y1DlBgAAAa3LYwAO&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361&_test=Y1DlBgAAAa3LYwAO
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame 7360 0
207 B 163ms
68ms Image
text/plain 13.32.99.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-36.fra60.r.cloudfront.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
server: nginx/1.20.1
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: _Tbi-5acJNRUd_cNK1ql-Nc-yZbRSAXcG0oRRsPeWPFP4yBRWuPUKA==
x-cache: Miss from cloudfront

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7360
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b5564...

0
337 B

40ms
40ms

Image
text/plain

52.30.33.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 52.30.33.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-33-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by: beacon-n009-dub-prod.krxd.net
date: Thu, 20 Oct 2022 06:04:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=42 t=1666245895
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
date: Thu, 20 Oct 2022 06:04:55 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 7360
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=166cd09e-21aa-4529-69a5-66fb3104590c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=166cd09e-21aa-4529-69a5-66fb3104590c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a...

43 B
568 B

43ms
43ms

Image
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=166cd09e-21aa-4529-69a5-66fb3104590c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ET53Q91AGHMARQHHV2A2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YCMCCQV9XFNVENQMH52D
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=166cd09e-21aa-4529-69a5-66fb3104590c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame 7360 0
145 B 329ms
223ms Image
text/plain 23.3.108.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=166cd09e-21aa-4529-69a5-66fb3104590c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.3.108.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-108-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:55 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7360
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D166cd...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361

95 B
175 B

41ms
41ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75cf8f0bfa6d7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
date: Thu, 20 Oct 2022 06:04:54 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ Frame 7360 0
214 B 194ms
44ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=41544&puid=166cd09e-21aa-4529-69a5-66fb3104590c&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7360
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=166cd09e-21aa-4529-69a5-66fb3104590c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24...
https://x.bidswitch.net/ul_cb/syncd?dsp_id=461&user_group=1&expires=5&user_id=166cd09e-21aa-4529-69a5-66fb3104590c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age...
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d...

95 B
152 B

42ms
41ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75cf8f0e9d6e7743-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361
Date: Thu, 20 Oct 2022 06:04:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2589 0
747 B 106ms
37ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:54 GMT
AN-X-Request-Uuid: 5bd32082-418c-45a1-bf26-121ab1e503ea
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BA97 32 KB
10 KB 42ms
42ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 06:04:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14667
Connection: keep-alive
Content-Length: 9454
Expires: Thu, 20 Oct 2022 10:09:21 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 51AD 0
42 B 79ms
28ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78313044&p=161562&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
content-length: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 126ms
36ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 20 Oct 2022 06:04:54 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 580195
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame BA97 284 B
536 B 198ms
43ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 4312
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1DlA8bmT6ACt-2xGEuslAAAFJoAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENdtV_c3p848qpw-DZP2WPM&google_cver=1

43 B
878 B

130ms
85ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENdtV_c3p848qpw-DZP2WPM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbLnPQiXHprK%2BEvtv%2Fa0jjykr%2Bu3x6UwU3iAZhj1xoILQpZHhsOBrEa7oAKSYW3V31Pp6TqW0ZReU4x4WeicG26PB4VGrudrMPbIU7Dsh%2FLIy8Vhk1mFYlNzKvbBkGNlP2l8IsJ3IsFYhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 75cf8f0a69bcdc5f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENdtV_c3p848qpw-DZP2WPM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 4312 70 B
264 B 40ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4312
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1DlA8bmT6ACt-2xGEuslAAAFJoAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1DlA8bmT6ACt-2xGEuslAAAFJoAAAAB&dcc=t

43 B
855 B

134ms
134ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1DlA8bmT6ACt-2xGEuslAAAFJoAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PNKB1GNGSN4QJV4D2PAE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T2V94VFVKJDZEHZFC10D
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1DlA8bmT6ACt-2xGEuslAAAFJoAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4312
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2498279023820759876

43 B
766 B

121ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2498279023820759876
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:54 GMT
AN-X-Request-Uuid: a45d31e1-3318-4931-9460-16eabb11962a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2498279023820759876
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 4312
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1666332294

43 B
766 B

122ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1666332294
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1666332294
pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 Y1DlA8bmT6ACt-2xGEuslAAAFJoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4312 43 B
601 B 178ms
57ms Image
image/gif 2a05:d018:d29:3601:2eb1:fd74:c477:e429
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y1DlA8bmT6ACt-2xGEuslAAAFJoAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:2eb1:fd74:c477:e429 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 4312
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1DlA8bmT6ACt.2xGEuslAAA%265274?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1DlA8bmT6ACt.2xGEuslAAA%265274

42 B
942 B

78ms
41ms

Image
image/gif

52.31.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1DlA8bmT6ACt.2xGEuslAAA%265274

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.31.4.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-4-32.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-0ea413a51.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +c9iXsAXQVU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v044-0965afbdc.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: TfwFQlCjRf4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1DlA8bmT6ACt.2xGEuslAAA%265274
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4312
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3862738804059468780&expiration=1667455494

43 B
766 B

120ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3862738804059468780&expiration=1667455494
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Oct 2022 06:04:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3862738804059468780&expiration=1667455494
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 4312 43 B
353 B 96ms
30ms Image
image/gif 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y1DlA8bmT6ACt.2xGEuslAAA%265274
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:04:54 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 27293
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75cf8f0a3afc54cf-MAN
content-length: 43
expires: Fri, 21 Oct 2022 06:04:54 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2589 0
747 B 35ms
34ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:55 GMT
AN-X-Request-Uuid: 4d23fc4e-d6b8-4dfb-8ef0-f0e859b54960
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.109; 217.138.196.109; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame 1043 0
229 B 108ms
46ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=9467438523c349c69c697666e3ddd08e&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=217&eoid=12&msrjs=3094&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=11&msltms=89&vltms=217&sei=289&vetms=4&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=1062&isumms=1061&nvr=6&isgmmims=1062&isgmv4mims=1062&elmtp=1&isbxdms=2262&b0=100&b11=1203&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=1303&sftb=1303&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=2064&isuiabvms=2064&isgmpims=1162&isgmv4dpims=2064&ispmxpms=2064&engalms=1061&dvp_dpr=1&dvp_valpct=2&ttfurm=3249&cbust=1666245895555781
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 10/19/2022 06:04:55

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame 575D 0
229 B 111ms
45ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=4c5ff893c89f4b43b1cd0e4a973b0b6e&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=119&eoid=11&msrjs=3094&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=8&msltms=62&vltms=119&sei=290&vetms=1&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=10&isumms=9&nvr=6&isgmmims=10&isgmv4mims=10&elmtp=1&isbxdms=2209&b0=100&b11=2230&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2330&sftb=2330&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1009&isuiabvms=1009&isgmpims=109&isgmv4dpims=1009&ispmxpms=1009&engalms=9&dvp_dpr=1&dvp_valpct=2&ttfurm=3126&cbust=1666245895717485
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 20 Oct 2022 06:04:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 10/19/2022 06:04:55

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: leokross.com
URL: https://leokross.com/vAW/aGeq.js

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vsim.ua/	1970-01-20 16:26:45	Name: subscriber_life Value: %7B%22order%22%3A%5B%22modal_mail%22%5D%2C%22modal_mail%22%3Afalse%7D
vsim.ua/	1970-01-20 06:50:46	Name: Value: undefined
.vsim.ua/	1970-01-20 06:50:49	Name: AMP_TOKEN Value: %24NOT_FOUND
.vsim.ua/	1970-01-20 06:52:12	Name: _gid Value: GA1.2.1298859135.1666245890
.vsim.ua/	1970-01-20 06:50:45	Name: _gat Value: 1
vsim.ua/	1970-01-20 16:26:45	Name: GN_USER_ID_KEY Value: 01d27000-d6d8-4863-802b-b8640cb6dd99
vsim.ua/	1970-01-20 06:50:47	Name: GN_SESSION_ID_KEY Value: eec6255a-0253-4be5-add7-f82e2a8ff164
vsim.ua/	1970-01-20 07:33:57	Name: _pbjs_userid_consent_data Value: 3524755945110770
.vsim.ua/	1970-01-20 15:36:21	Name: _pubcid Value: ca1076ba-99eb-4371-a16f-72da112a1822
vsim.ua/	1970-01-20 06:50:46	Name: browser_id Value: ad2f4562-111e-4ab3-98a1-16f7bf0578d1
vsim.ua/	1970-01-20 06:50:46	Name: remp_session_id Value: 2bb6b1c5-da64-44b3-8eb7-cc989dad0561
.vsim.ua/	1970-01-20 09:00:21	Name: _fbp Value: fb.1.1666245890364.1082482117
.vsim.ua/	1970-01-20 16:26:45	Name: _ga_0CS1NTGGLB Value: GS1.1.1666245891.1.0.1666245891.60.0.0
.vsim.ua/	1970-01-20 16:26:45	Name: _ga Value: GA1.1.429268025.1666245890
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.adnxs.com/	1970-01-20 09:00:21	Name: icu Value: ChkIrqGFARAKGAEgASgBMIPKw5oGOAFAAUgBEIPKw5oGGAA.
.adnxs.com/	1970-01-20 09:00:21	Name: uuid2 Value: 2498279023820759876
.vsim.ua/	1970-01-20 16:12:21	Name: __gpi Value: UID=00000b759d544f28:T=1666245890:RT=1666245890:S=ALNI_MYPHVkkOmHfZG4GGjkEZbclqvFRWg
.vsim.ua/	1970-01-20 06:50:47	Name: __cf_bm Value: WRR.q_8Rdxh4UB94HvmNXn2FopFiixay3JT4pRl.RlQ-1666245891-0-AUnRJS+eRj9FmeQhkX7RsVy+EJhqYdouO5cX2fighNrMyt25wI8wjOmLhKkaP/0FJbJyys144GJDDmHHeCkz8HmYBAwdi46kInxp1tB6iRoPuQkz59XyhHrgC2d5lzyv2g==
.e-planning.net/	1970-01-20 16:26:45	Name: E Value: AA1ekFoHhvWjQ1bC
a4p.adpartner.pro/	1970-01-20 08:17:09	Name: apuid Value: d7883669-b029-4c6f-945f-497279f9e218
.mfadsrvr.com/	1970-01-20 16:26:45	Name: tuuid Value: 9718ac7f-5b36-4315-ba55-9703dc9538f6
.mfadsrvr.com/	1970-01-20 16:26:45	Name: c Value: 1666245891
.mfadsrvr.com/	1970-01-20 16:26:45	Name: tuuid_lu Value: 1666245891
.mfadsrvr.com/	1970-01-20 16:26:45	Name: ssh Value: !adtelligent,1666245891
.adnxs.com/	1970-01-20 09:00:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2H`hZ3xpX!1yIE`fS1ueD1W-044)d+]UfaVXpuCX/-qqBBf^HSiD'.?NO@I.SKR%s49M*P(hw9P-HC_#tsjv)np?:
.casalemedia.com/	1970-01-20 09:00:21	Name: CMPS Value: 5274
.casalemedia.com/	1970-01-20 09:00:21	Name: CMPRO Value: 5274
.adtelligent.com/	1970-01-20 08:20:02	Name: vmuid Value: b16224891eb4ce19
.adtelligent.com/	1970-01-20 08:20:02	Name: a736011 Value: 9718ac7f-5b36-4315-ba55-9703dc9538f6
.casalemedia.com/	1970-01-20 15:36:21	Name: CMID Value: Y1DlA8bmT6ACt.2xGEuslAAA
.adtelligent.com/	1970-01-20 08:20:02	Name: a307558 Value: d7883669-b029-4c6f-945f-497279f9e218
.doubleclick.net/	1970-01-20 16:12:21	Name: IDE Value: AHWqTUlYnQy45-JbiiriuXUDBq1V5gvRhMaywPhMtOnt1Pilib1Edlh0eGNGXh2Z-yU
.vsim.ua/	1970-01-20 16:12:21	Name: __gads Value: ID=e068d9d0e432a215:T=1666245890:S=ALNI_MZgNVkBOblsJCSKi7wNgpSlIW6UFg
.zeotap.com/	1970-01-20 15:36:21	Name: zc Value: 166cd09e-21aa-4529-69a5-66fb3104590c
.zeotap.com/	1970-01-20 06:52:12	Name: zsc Value: %DCC%23%2A%2B%CD%25%AC%15%A23%D6%E2%17_pA%A8%F0I%A7%B6%24EF%84%DD%C11%3DE%BF%5E%E9%D6%87l%C6%0A%94%146%F7%23p%2C%5Dk%5B%F6%17X%40r+%21%2A.%90%3F%10%D2%B2w%85%F9%B1%81B+%B9%DC+%A0aL%D6%E82%F6%C76%C3%A3%AB_%96%A5%98%18%ED7%A1%D3%F4%DD%8D%BB1%01%D2%F9%CFVvi%3EO%DE%EA%B5%9FH-%A6%C2%DB.%10%8Dx%00%A7q%1A%28%EA%A8%5C%12%13%B2%BC%5D%C9%0C%CB%A2q%AB%EB%A2%9F%97K%27%AF%C2%F3%E5%1F%D7%11Qz%DD%AC%7B%BD%9F%D4%5D%E6%83%02sf%3A
.ads.pubmatic.com/	1970-01-20 06:52:12	Name: KCCH Value: YES
.tapad.com/	1970-01-20 08:17:09	Name: TapAd_TS Value: 1666245894592
.tapad.com/	1970-01-20 08:17:09	Name: TapAd_DID Value: 69f747e4-825d-40c3-b4e0-28d9b31411ca
.adfarm1.adition.com/	1970-01-20 09:00:21	Name: UserID1 Value: 7156471621840074894
.tapad.com/	1970-01-20 08:17:09	Name: TapAd_3WAY_SYNCS Value:
.weborama.fr/	1970-01-20 16:16:41	Name: AFFICHE_W Value: 3h0CTLjejeDe12
.adform.net/	1970-01-20 07:35:24	Name: C Value: 1
.tidaltv.com/	1970-01-20 15:36:21	Name: tidal_ttid Value: 8065e0b1-3e53-4d96-9f5a-31c5f6fba2a0
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.adform.net/	1970-01-20 08:17:09	Name: uid Value: 3862738804059468780
.tidaltv.com/	1970-01-20 15:36:21	Name: sync-his Value: "H4sIAAAAAAAAADM0NjI3szK0MAIA8CCUuQkAAAA="
.dpm.demdex.net/	1970-01-20 11:09:57	Name: dpm Value: 17936557651660148044271838833177978093
.demdex.net/	1970-01-20 11:09:57	Name: demdex Value: 17936557651660148044271838833177978093
.vsim.ua/	1970-01-20 16:12:21	Name: cto_bundle Value: FahZAF82ZTFzRkNTb2kwUTVySGYxcWp3TkMlMkZzU2ZTc1RVdiUyRnhLMUZnOThWTUdYc3hoVml0ZW1GRDUxalZXb1U2ZlptUTdqNGZXcmo3N0tMcGw2UFQlMkZIUU5GZlFwMHd1TSUyRm4yQk5kdlhTdFlzQ21zJTNE
.vsim.ua/	1970-01-20 16:12:21	Name: cto_bidid Value: rDcZW19vemJoT2pVUXZUM0klMkJ3YnFJb240MmN0b0VsRU9KTiUyRnZ4RFplJTJCUXNNZ2RYVjJxYWNUMGhhJTJGTG1HQ3dnUkdCcnFBU3JYVm1YNjR6T016WllnMU1NWDhRJTNEJTNE
.smartadserver.com/	1970-01-20 15:36:21	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 15:36:21	Name: pbw Value: %24b%3d16990%3b%24o%3d11100
.agkn.com/	1970-01-20 15:36:21	Name: ab Value: 0001%3Ae6FIJ5kcA8tokXig8xB498mfBYEqtnz%2F
.yahoo.com/	1970-01-20 15:36:43	Name: A3 Value: d=AQABBAblUGMCENSmmSIDzl-10vhPNO1b-J0FEgEBAQE2UmNaYwAAAAAA_eMAAA&S=AQAAAqEQa26AbcxMX8UpR1K339s
.krxd.net/	1970-01-20 11:09:57	Name: _kuid_ Value: PJg-_mg5
.richaudience.com/	1970-01-20 09:00:21	Name: avcid-zeo-uid Value: 166cd09e-21aa-4529-69a5-66fb3104590c
.casalemedia.com/	1970-01-20 09:00:21	Name: CMTS Value: 5240
.everesttech.net/	1970-01-20 15:36:21	Name: everest_g_v2 Value: g_surferid~Y1DlBgAAAa3LYwAO
.fwmrm.net/	1970-01-20 11:09:57	Name: _uid Value: "e93b3_7156471626119295277"
.amazon-adsystem.com/	1970-01-20 12:56:31	Name: ad-id Value: A9859bwyEkJTv8o4v3K9DE4
.amazon-adsystem.com/	1970-01-20 16:26:45	Name: ad-privacy Value: 0
.bidswitch.net/	1970-01-20 15:36:21	Name: tuuid Value: a25ba196-0aa8-42e8-b17e-e81ae2bf96eb
.bidswitch.net/	1970-01-20 15:36:21	Name: c Value: 1666245895
.bidswitch.net/	1970-01-20 15:36:21	Name: tuuid_lu Value: 1666245895

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://leokross.com/vAW/aGeq.js Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=166cd09e-21aa-4529-69a5-66fb3104590c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=166cd09e-21aa-4529-69a5-66fb3104590c&reqId=5201d8e4-990c-4e63-4f1b-ef5b55640a58&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
ampcid.google.com
api.gravitec.media
bcp.crwdcntrl.net
beacon.krxd.net
bid.g.doubleclick.net
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.doubleverify.com
cdn.gravitec.media
cdn.gravitec.net
cdn.indexww.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
csync.loopme.me
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ef7f23a8394a9a8cc570789544b9a0f6.safeframe.googlesyndication.com
engine.widespace.com
eus.rubiconproject.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id5-sync.com
idsync.frontend.weborama.fr
image6.pubmatic.com
js-sec.indexww.com
leokross.com
loadeu.exelator.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
region1.analytics.google.com
rtb.mfadsrvr.com
rtb0.doubleverify.com
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssum-sec.casalemedia.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.richaudience.com
sync.smartadserver.com
sync.tidaltv.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
tracker_beam.20minut.ua
trc.taboola.com
unpkg.com
usermatch.krxd.net
vsim.ua
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
leokross.com
104.18.12.76
104.18.18.126
104.18.19.126
108.177.15.157
13.32.99.36
142.250.74.194
151.101.194.49
151.101.65.108
162.19.138.116
162.55.233.28
172.217.16.130
178.250.0.157
18.198.69.109
185.172.90.252
185.184.8.90
185.64.189.112
185.64.190.78
185.80.39.216
185.86.139.106
185.89.210.244
2001:4860:4802:34::36
212.82.100.182
23.205.235.133
23.3.108.242
23.35.236.201
2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4
2606:4700:10::ac43:db6
2606:4700:3035::ac43:d201
2606:4700::6810:7caf
2606:4700::6813:ad6c
2a00:1450:4001:800::200e
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200d
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a02:2638::1c
2a02:26f0:3400::1702:d12
2a02:6ea0:c700::21
2a02:fa8:8806:20::2040
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::300
2a05:d018:24:b002:dfb2:efb5:ace7:6be2
2a05:d018:d29:3601:2eb1:fd74:c477:e429
2a0c:5c81:5142::2
3.120.72.4
3.66.140.200
3.82.86.176
31.41.216.82
34.111.131.239
34.149.12.213
34.252.144.191
34.98.67.61
35.214.184.209
35.227.248.159
37.157.6.248
45.133.44.3
45.133.44.4
51.83.220.94
52.19.104.95
52.223.40.198
52.28.203.152
52.30.246.43
52.30.33.235
52.31.4.32
52.46.143.56
52.95.115.196
62.149.1.122
69.173.144.138
69.173.144.165
85.114.159.118
04c319ae62d2da160dd9736f313102f6e806fb2b3f6b705d396cb54b9034e0b5
05bd034ac34f63787aed067ef728f22a40f866190cbbcc70babf7539dccde1a7
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
092cb8a7c234247243577529fa46f11c66216fb8c2b91a9e12d6bda73b739ed9
0a4c2ecf677f70d4d9d1b3ef31558bb18a0bee17b8f1f38ce5ca65f8871118ba
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edd10834f143a1c905e97a24af339043c1723815f13c9fe6598179d88be992d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18786e5a2ed85d779bb7fd1c3118ad335306f0741908639455fee0b4361d790c
1a61bcc9e290ec56ee4972574c2c85c682706a76d0e5abdef86a7f6103ed78fa
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1ec63184ee9988d3b6ebfa9084c1b51b4c830b35778eb1d68758cbd4e5dc9de9
1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935
244ce5328794d815a620d9b6ff15e532ca3343e09d29fdf3556129f8c516c3a7
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b945d4f7266ec9af9a13dac9a19c161aae7664b3789329bb2942340aac2c618
2dba54900b10d798dbd18a0d067b8256a3d3fa3597515cfb295cea1bda8c480f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a
30015300955352764840758227634ade8cc98299ccadc46cf9f3f6681385a756
3303123e662ff6f0aab97d549ba72d289e29a064faa7b19211f681a10f48221b
3400a1ff22e23daa3a02f57a4cf7e88eeca624c549667716d2bc4c5290884562
34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
3a1ae3fba49e8baf9481690260f8a060b18cfec1d780921ab11acb731c069fb9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
40f97573b43184307e466f2fca772ce222ca0ce89a44561710de7dd8915eea8c
483d60de91ce591b15e45f67515ea0d828d98675fcf2b5b642340757cbfe232e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cdb93e36aee3bae06fd27784d93ef71abaaeb9c733d2cf7d0811a3060606f5a
4d5208c848c3fbef8333e22d86da1ab163b3fd87070227d74fb9708340d71851
4e13f72268ed653f997a9c1797c1e4d596e15da4e8edb299c3fa2ebc7c77d458
4fb680c3452ce03e9424961b68a681fae464cd554ae44f459a4da137eaf1fb99
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
539fd060625d1b2496b2253ef07b53b72d8f3789213be80f46bc7ac070aa6857
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f2deff782ba65cf6da41a7254455c959d71ebde3f070aa043a25b3a5806e1f
5797a3262edb2a28901bfd4bd5489023d36a1bf12a72a4f865f86e5126f8f36f
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5ce885d1d7be6e0002ad71407d7140a4754af1639e8ccf133324a26edeeba1b7
5ee3f417a2e00b7c6853140b8da5243e0f4b6ae040d9a3671acfa092e6e8e185
5ee58d63b466de0f67a216954ad930f8cfa99fcb23b97c3c27e9c714520d2fa6
5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b
61b01f993036081b115074b850ed1b6bf6a974d479903ba6c79d78eb5d8d793c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620f78285fcec185cf13e3f850abbdd5aced51cf669f48d53fe2f36cf2df331d
62648a73a43652c89447080e34f5863fbf4e3f73a23055383c6951b6a9e4fe75
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
66fbe356f6e297ef03954cdb269883d5352c2463a0d3367ade4b077088658ab5
67377d285eebf1e265451c30270df2984d3d1e7c6931138da1f9afd2fdc951dc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cabb06600c16545403165369864ed7843f0ce044243eac23278ed4d6f09d830
70d57e20667ea39b107e09205c690f1ca673f05813639892d3c8acfd4f1afa07
71b3b074157c25cd000acd54048408825d573adcd9f43924a77250f11432c8b4
749059e392b5dbdcfd11e760dde35fce2ae514f55cde7bfc3d2aa54ce0583910
76365085aa30f651b2b2f34ccef7060451991ed0be6c022ac201c744947bb935
7646e6f9d4e40c0eeaba1226df6b2bd510e0063d0412d944a1b74a5065301f96
765af387ee9fa62e6d518027dbde12b943b800714fe9e249a789a5970f2683bf
7b2a40d3ab17f18bd52246979ae6121e5ebb314275efef1125edbbda1caf5fa3
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
809e0b95e70d98495043d6e13c9dbf1c7c4e6a9b8aac099d87088bc77f95b4c2
815d5a06ae768e817858bbad120c9b4c64fa2cf7d47cccdc90e07a913a3a972a
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
858444ad6d47e86b330b11d6b914ae37360821be6e5eabcef5cf609f3bb6dfe9
8741d5f93d1bc181b910e4233b1f1e04ddf054ea0eddfb982e3e507a46634289
87aeaba5c3a963a90db309b4eb6af11f3e99be97be873cb9b56b4d97e1403205
88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b7a6a134bab0a0a7d01c36675fd60234f4b701f5a7edc0678e1e061048a012a
8bcbce10c6e36925ecfb871b292c6b0ce305919b4b8231ab7e95b5999b8c9d33
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3a25b55c58e07a313ade89020a58e45bc34915479f397e78f3e57ca462336e
8fde8bf6c1c3c2bec65b23e45729683c058e063e2aa77a4e57c365a24a820614
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
913b33251392c04c21ced1d2f70b36c459be2bf4230b523d35c3c54222228666
91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695
9220da8802219ec6b8a86298c38ed944015c652b71edb98aae59e50f224e7ad9
932a4c24058b7fa194a0fdb2b602fbb6018cd2b878fe510c21f1b9b13fd568b3
950e709afdb43e3e873928a371ec67c1ad60b913301caa60dedc9fc6aa097e8a
953f57fdd5ba9e3438a71eb9d13c94df1d9d8bc696db4611ad95af02e4a0ab64
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96f087922f32e82fb25fbf87070e7d0c7b67442807c7c319581373b49684e5e6
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971
97d6da2803646c6d9e6d88bd8f319c55f9d209db6fbf015dda8f48db2d8d4c35
9943ccab7bd1668c337f3cc45b880e8c91283fb20273ae53083d18937cd4b8fb
9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9
9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6
9ac651a263f00343d784511e38598501e6768038ab1bb4b7a42753a634adcfba
9c0201b9f30f6389ad00a1567d15ff415ebdc4b533b3e423597b2c204f96e38c
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a570a7edddc83f35c875f28f99ca28e01ce6cd45cfa86ee6a182710798839ca6
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
a9039086360c377c07ce4378ab72299bbd8c5b85309547993cf2d8540de1553e
aa11693faa5ba78dd9afea87ff5e362d37cfe257613b623299288868ef150b98
ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1edf0655e0cd335369a4fff375f0a00bebac1cbcb9877d4ff77ec23fcc0d669
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd
b4a419095aa8f87ac838a7c0f52fa682bc635aa4d1927b9c058d547fc67dd5ea
b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e
b66a0d2f84c1753acd238ea65adf26a5e0972c6e4a5fea21356d23865c565c6d
b73856925422c64a8f1ca63f24459ee0e1b38e97766220f07c3e3afba82bcad2
b87a02f9bbdd0546a6c298508814467b77a937d88cbafec75f60c72933cdc07c
b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30
bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824
bc0ccbfdb085bbbb3e5c10cb54244c88c790b85cdb6bf0689d1e2b8c811b3f7e
bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c
bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1
bcda03bd12755919402d622d40a568ccd82a5c58261a7854423c478c38354455
bf3151eb02230f6f505658b2df91cb14159810f9e4a083ce21920b76297a7989
bf7b3149ecb19dc4ecc7b25d510ff63f3b224a63ffaf6e61705bca5880618069
c0792598dc22bb5723ebf2752972d8618d51a121148f46e702dc8fa7cdac32f0
c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c62bdad439ef23f22531c49bbca436568978e6933b403a41716b1b555671d7e6
c7b2c2ba81eef5c39dd8993cde57f790bdaf179e3d5a2132241b598233d13591
ca2da4362115518ffdfe27c6fa107bc239a879f36ff3e6bd5db0db5c4917c079
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb291507e5260cc5736f21afdf26ded91911f93f30cab7f1c2d6c816ab4d527f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ccf02835f7d7204f999ca0f11913448cd7d3291870e2926978ace7c08f938a74
dbd991c12551f95524a9ca44db10706d942e698b9ef56d6111fe568c5cf193ef
dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8
e157883a343e5f570ec6e117e439634c1d8337669f10d8402107884edad14f38
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1
e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302
e9c424eb31fac71d827f3497f4b2a92d9e7e4985db6ce7b379e74aa75fff7f50
ea78b2a6075cdc0a54ab9ae6307361d0209634563b4f11ea590ece7f7b14385d
ea889d6a8f8c3a8f8fd2fded6aa0d2892457a9df8548c5590c4ed2826ff608fd
eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec5160fcc53fe3f8fb86003618c65d55bb8c0753fa06b77408b1dfbcc0e937a1
eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a
ecd94534038f3813cd7b6b7ffa2faa84e69b27f5ed72837602dcd3638cfe39b1
edef2c013c0d422caa829a837df925dd680b146ba9a181f2798a23bc30b17ca8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f42abca4cb5e328eaf48eb745c19f85f34221623bc3041dd80a52180b09babd1
f4db3876d45aad7512cae19369e9d151e20b9a5a740725bb99f9e087c1cf2605
f7d848e954293a192fae29cbbbdf604433ec3e0486c65254218225b883948a69
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0
fa08f73065fa1c37193a46df089274bb26466f044c18168ff52e49fdb55370d3
ff2c2e7fc2d7a7facfbc8a1bf2ccf4316dfe8bfdd0b7ffcb6b9c490b591dbae8
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

vsim.ua Open in urlscan Pro 2606:4700:3035::ac43:d201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

257 Requests

88 %HTTPS

39 %IPv6

57 Domains

93 Subdomains

69 IPs

12 Countries

3376 kBTransfer

9418 kBSize

65 Cookies

14 Outgoing links

Page URL History

Redirected requests

257 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vsim.ua Open in urlscan Pro
2606:4700:3035::ac43:d201 Public Scan

Screenshot
Live screenshot

Full Image

257
Requests

88 %
HTTPS

39 %
IPv6

57
Domains

93
Subdomains

69
IPs

12
Countries

3376 kB
Transfer

9418 kB
Size

65
Cookies

257 HTTP transactions
3 data transactions