vsim.ua Open in urlscan Pro
31.41.220.94 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vsim.ua/
Effective URL:
https://vsim.ua/
Submission: On May 17 via api (May 17th 2022, 8:40:37 am UTC) from GB — Scanned from GB

Summary HTTP 283 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 57 IPs in 9 countries across 43 domains to perform 283 HTTP transactions. The main IP is 31.41.220.94, located in Ukraine and belongs to BESTHOSTING-AS, UA. The main domain is vsim.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 4th 2021. Valid for: a year.

This is the only time vsim.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 48	31.41.220.94 31.41.220.94	42655 (BESTHOSTI...) (BESTHOSTING-AS)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
12	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
3	2a00:1450:400... 2a00:1450:4001:809::200d	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 3	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	79.171.117.17 79.171.117.17	64494 (VARITI-AS) (VARITI-AS)
7	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	52.174.47.89 52.174.47.89	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	31.41.216.82 31.41.216.82	42655 (BESTHOSTI...) (BESTHOSTING-AS)
5	185.239.174.234 185.239.174.234	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	23.32.59.34 23.32.59.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	185.83.69.178 185.83.69.178	55081 (24SHELLS) (24SHELLS)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 4	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
53	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:401... 2a00:1450:4014:80f::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
7 24	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
5 7	104.92.100.195 104.92.100.195	16625 (AKAMAI-AS) (AKAMAI-AS)
6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.92.106.130 104.92.106.130	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
4 4	18.184.30.67 18.184.30.67	16509 (AMAZON-02) (AMAZON-02)
3 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	52.213.107.111 52.213.107.111	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:37a8:11c6:83f7:6fb7	16509 (AMAZON-02) (AMAZON-02)
1 1	63.33.35.114 63.33.35.114	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.125.222.121 3.125.222.121	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:249... 2600:9000:2491:9c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:1f18:1ac... 2600:1f18:1aca:4282:23ee:9932:eba:4db7	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
1 1	2a03:2880:f02... 2a03:2880:f02d:110:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.194 142.250.185.194	() ()
283	57

48 31.41.220.94 (Ukraine) 1 redirects

ASN42655 (BESTHOSTING-AS, UA)
PTR: dedic.dc.besthosting.ua

vsim.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7eaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)

leokross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.174.47.89 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.41.216.82 (Ukraine)

ASN42655 (BESTHOSTING-AS, UA)
PTR: dedic.dc.besthosting.ua

tracker_beam.20minut.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.239.174.234 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.83.69.178 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.87 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4014:80f::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.186.66 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.92.100.195 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-100-195.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.106.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-130.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.184.30.67 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-30-67.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.107.111 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-107-111.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:37a8:11c6:83f7:6fb7 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.35.114 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-35-114.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.222.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-222-121.eu-central-1.compute.amazonaws.com

red.vtracy.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:9c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1f18:1aca:4282:23ee:9932:eba:4db7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:110:face:b00c:0:2 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	2 MB
48	vsim.ua 1 redirects vsim.ua	1 MB
46	googlesyndication.com 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130 ade.googlesyndication.com	281 KB
40	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284	293 KB
15	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 805 static.adsafeprotected.com — Cisco Umbrella Rank: 552 dt.adsafeprotected.com — Cisco Umbrella Rank: 504	98 KB
11	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5115 ghb.adtelligent.com — Cisco Umbrella Rank: 6102 ghb1.adtelligent.com — Cisco Umbrella Rank: 7139 sync.adtelligent.com — Cisco Umbrella Rank: 4112	156 KB
10	google.com accounts.google.com — Cisco Umbrella Rank: 82 ampcid.google.com — Cisco Umbrella Rank: 1833 adservice.google.com — Cisco Umbrella Rank: 74 analytics.google.com — Cisco Umbrella Rank: 685 www.google.com — Cisco Umbrella Rank: 7	79 KB
8	casalemedia.com 5 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 477 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530	7 KB
8	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 27389 id.gravitec.net — Cisco Umbrella Rank: 119927	58 KB
6	pubmatic.com 4 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446 image6.pubmatic.com — Cisco Umbrella Rank: 612	2 KB
6	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 102 web.facebook.com — Cisco Umbrella Rank: 226	13 KB
5	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 18143 us-u.openx.net — Cisco Umbrella Rank: 399 rtb.openx.net — Cisco Umbrella Rank: 1524	1 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 393 mug.criteo.com — Cisco Umbrella Rank: 2669	1 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 297	1 KB
4	advertising.com 4 redirects pixel.advertising.com — Cisco Umbrella Rank: 435	1 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 518	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	148 KB
4	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	5 KB
4	google.de ampcid.google.de — Cisco Umbrella Rank: 48705 adservice.google.de — Cisco Umbrella Rank: 7678 www.google.de — Cisco Umbrella Rank: 5483	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	200 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 910	38 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 599	139 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 598	570 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 354	921 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1128	927 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1040	344 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 4049	1 KB
2	20minut.ua tracker_beam.20minut.ua	135 B
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 49720 api.gravitec.media — Cisco Umbrella Rank: 39276	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	114 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 663	614 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	34 KB
1	vtracy.de red.vtracy.de — Cisco Umbrella Rank: 97802	16 KB
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3409	374 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1439	297 B
1	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 8026	257 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5990	169 B
1	leokross.com leokross.com — Cisco Umbrella Rank: 522538
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1364	37 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
283	43

	Domain	Requested by
53	s0.2mdn.net	vsim.ua s0.2mdn.net 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
48	vsim.ua	1 redirects vsim.ua
23	pagead2.googlesyndication.com	vsim.ua 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
20	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
18	tpc.googlesyndication.com	910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
10	dt.adsafeprotected.com	910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com vsim.ua
7	securepubads.g.doubleclick.net	vsim.ua securepubads.g.doubleclick.net www.googletagservices.com
7	cdn.gravitec.net	vsim.ua cdn.gravitec.net
6	googleads4.g.doubleclick.net	vsim.ua
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com vsim.ua
5	ghb.adtelligent.com	player.adtelligent.com
5	www.facebook.com	vsim.ua connect.facebook.net
4	image6.pubmatic.com	4 redirects
4	ups.analytics.yahoo.com	3 redirects googleads.g.doubleclick.net
4	pixel.advertising.com	4 redirects
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4	ib.adnxs.com	1 redirects player.adtelligent.com googleads.g.doubleclick.net
4	910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	player.adtelligent.com	vsim.ua player.adtelligent.com
4	connect.facebook.net	vsim.ua connect.facebook.net
3	static.adsafeprotected.com	fw.adsafeprotected.com 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
3	www.google.com	910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com tpc.googlesyndication.com
3	unpkg.com	2 redirects vsim.ua
3	accounts.google.com	vsim.ua accounts.google.com
2	static.xx.fbcdn.net	www.facebook.com
2	mug.criteo.com	vsim.ua
2	gum.criteo.com	1 redirects
2	id.rlcdn.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
2	cms.quantserve.com	910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects vsim.ua
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	pbjs.e-planning.net	1 redirects vsim.ua
2	hbopenbid.pubmatic.com	player.adtelligent.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	tracker_beam.20minut.ua	vsim.ua
2	www.googletagmanager.com	vsim.ua www.googletagmanager.com
2	www.google-analytics.com	vsim.ua www.google-analytics.com
1	ade.googlesyndication.com
1	web.facebook.com	1 redirects
1	id5-sync.com	player.adtelligent.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	red.vtracy.de	910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
1	pixel.everesttech.net	1 redirects
1	ag.innovid.com	910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	s0.2mdn.net
1	sync.adtelligent.com	vsim.ua
1	a4p.adpartner.pro	1 redirects
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	adtelligent-d.openx.net	player.adtelligent.com
1	ghb1.adtelligent.com	player.adtelligent.com
1	htlb.casalemedia.com	player.adtelligent.com
1	www.google.de	vsim.ua
1	analytics.google.com	www.googletagmanager.com
1	api.gravitec.media	cdn.gravitec.media
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	cdn.gravitec.media	cdn.gravitec.net
1	id.gravitec.net	cdn.gravitec.net
1	leokross.com	vsim.ua
1	www.googleoptimize.com	vsim.ua
0	googlecm.hit.gemius.pl Failed	910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
283	70

This site contains links to these domains. Also see Links.

Domain
vn.20minut.ua
zt.20minut.ua
te.20minut.ua
kazatin.com
invite.viber.com
t.me
www.facebook.com
news.google.com
www.instagram.com
www.besthosting.ua
ua.depositphotos.com
www.eeas.europa.eu
www.irf.ua

Subject Issuer	Validity	Valid
vsim.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-04` - `2022-10-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-23` - `2022-05-24`	3 months	crt.sh
leokross.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
player.adtelligent.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
cdn.gravitec.media R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
api.gravitec.media R3	`2022-04-16` - `2022-07-15`	3 months	crt.sh
*.20minut.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-18` - `2022-10-18`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-07` - `2022-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-10` - `2022-07-09`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
vtracy.de Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://vsim.ua/
Frame ID: 26D753CCA4BCC950025C184FD8090FC4
Requests: 110 HTTP requests in this frame

Frame: https://vsim.ua/site_login/iframe
Frame ID: DE26D6F495B8249E8BCA6324E081F990
Requests: 3 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: B2F7FE8F014C9A7079A01A2011F10D74
Requests: 1 HTTP requests in this frame

Frame: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 34149C5C60ADAC3D755758C48BF3A4A5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DFB985898FCC87D24D0B6E1BD732A5FD
Requests: 1 HTTP requests in this frame

Frame: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B3BA8C864F9F6088D8D9E1BAAE3A91E1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGNznq8oBMAE&v=APEucNWEsvwMt5qcJJFqdxZBUP0BNkwaUStFnT3KCRmY5eSjT2ldvath3d9gvq1-6jE4Z4fXT4Vfglm2TWC_sbFrd_gdUGa5Fnxl23zCEv2H8maZhAOJoO2_4jwdVsZep1dmw8ABmmcmGGmcm6wuEzWecez5_syMvBlMB35nxt3kSCVQtDnviuI
Frame ID: 8479594225DC5B4F46256C4A892AB3D0
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4513369066257921189/index.html
Frame ID: D5A3C5641480E54522E13F417BBB7A65
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BB29521EB317C018A8B6D809881D32B2
Requests: 3 HTTP requests in this frame

Frame: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 574364343398B242BFEBBBCE350C7D74
Requests: 28 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvst-FvlYv-ysl6QQTWbJOH2rdhjUrHkUItK5AhxAbMzBmuWU8NmRcY3YocZ1XiDHUbkORi7wxZXGOzT96OL6PGrSlGxGUydmgmASg5axZaG2L5RSclwVkcc60LQWb-5EI9fvGFDSc7B_L47OVreXm8ANLW3niCbrBt5UKKUX3w86_vDLWsaVLbuEoCw8Zxl1om7kNoKrbr2S6DM850Ul76uSF4apB-0eJoCOeJUxWSlfXAc4xTpJpfwZlHqprFCNhtS0XczIXKM3eNvi6TIfVqEGRcSGjKY7kad1SCKJNRMfwfTlp8yY2GzQ&sig=Cg0ArKJSzOGCqHSTbR7cEAE&uach_m=[UACH]&adurl=
Frame ID: E5E020427B02AD2998D5627D0EE00C76
Requests: 7 HTTP requests in this frame

Frame: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5FC3741F2FB9F51DA0A33E7C3B4953C4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNWlXAklv1-dkKSpvcNI32MNHgeA1xcc9hdzB411nUqCh81vKsQr_h7X4topDFr4mKhN6zORrKQ1kLqW7XHwRmWNTxgHYxNYRK4NHYWUiUEU19HAKX64TF09maMWCLr8RduzFjNqUFRnNzvGFajpV1DApwMgHc8PD54geQemZqPjnC4oi-k
Frame ID: A02C4D8CD7AF6A549DCFC4B40361ECEE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYzJyMyQEwAQ&v=APEucNUKc5ZVX0C6P92Btd9LYLNa2pGcZROJLnr9HY48ol3NpZF9axvpk90jBMVNA4LJPSpxnW3lhlj7KQOpgDgUE0z_b_OS2GTnV6IcWoYRYnp9gG4Ej8eJBMsSwRCO-cMo3v5wHnEYFYPn6q6ulhUgfWf0cl2G3SjMq2bNYjXw1EXCf3GlX1M
Frame ID: C01B4E328E58C0C4528CD48C24B04E64
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AE51599F7946F01B61324F5A203BD8E8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 19A8414D1E9122F1D9FF47385418CD3B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C4D189F2AB9E2C483229C3CC80E0FAC5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5FE1DCD9A68185807DBA2D5B35805534
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8175421740786782563/index.html
Frame ID: EC11D8A9C636250CC26A18E7A228C8EB
Requests: 22 HTTP requests in this frame

Frame: https://s0.2mdn.net/10176755/1628770995716/index.html
Frame ID: 2583C07C9980142603A24128459F4D2F
Requests: 24 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: FB5514E67E0125001EF161D480B1F3EC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f49fa6016c2b8%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff36473cdf405dfc%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text&sdk=joey&size=medium&use_continue_as=true&width=250&_rdc=1&_rdr
Frame ID: F88B137D59941BA726013F85F49C2637
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0EC0AC3E2753BD353CE67B6645D55F02
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C66521A127BA6086F892766FC0F65C41
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Всім - Новини Хмельницького

Page URL History Show full URLs

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

283
Requests

91 %
HTTPS

46 %
IPv6

43
Domains

70
Subdomains

57
IPs

9
Countries

4981 kB
Transfer

10847 kB
Size

44
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://vn.20minut.ua/
Title: Вінниця

Search URL Search Domain Scan URL

URL: https://zt.20minut.ua/
Title: Житомир

Search URL Search Domain Scan URL

URL: https://te.20minut.ua/
Title: Тернопіль

Search URL Search Domain Scan URL

URL: https://kazatin.com/
Title: Козятин

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQAlCG5A7vvn5UlcXTVOPYYe8%2BNbbSdYNqt%2FAkWqrcA8b94WcKGEqaRwpKqWVh9M

Search URL Search Domain Scan URL

URL: https://t.me/vsimnews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vsim.ua/

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMOzqjwswxLKjAw?hl=uk&gl=UA&ceid=UA%3Auk

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vsim_ka/

Search URL Search Domain Scan URL

URL: http://www.besthosting.ua/

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/

Search URL Search Domain Scan URL

URL: https://www.eeas.europa.eu/delegations/ukraine_en

Search URL Search Domain Scan URL

URL: https://www.irf.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://unpkg.com/imask HTTP 302
https://unpkg.com/imask@6.4.2 HTTP 302
https://unpkg.com/imask@6.4.2/dist/imask.js

Request Chain 78

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.4058016626740524&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=929ad7e1-7dd8-487e-bace-2c5828ba728d HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.4058016626740524&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=929ad7e1-7dd8-487e-bace-2c5828ba728d

Request Chain 87

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=8e72e8ea-6a1e-4b3b-bad0-fced2d4b3693

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFoO8lSTY7E9C4RVoDNAqxI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFoO8lSTY7E9C4RVoDNAqxI&google_cver=1&C=1

Request Chain 97

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoNfemSCDeloK6hftBYy8QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFoO8lSTY7E9C4RVoDNAqxI&google_cver=1

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELCyezmgAgpy4f8a6IcXMn0&google_cver=1

Request Chain 99

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk3OTEyMDA0ODI2NzkxMTY5Mw%3D%3D

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMv6nblELRlo0fVZGKBOr0E&google_cver=1

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEObr5B9DR_f4Wbfn9UvV3vU&google_cver=1

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEF43hW6uS4kMCcACxsiBoSQ&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEF43hW6uS4kMCcACxsiBoSQ&google_cver=1&__user_check__=1&sync_id=00a53553-d5bd-11ec-ad1e-152b84bd0406

Request Chain 144

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=009f143d-d5bd-11ec-809b-1365eaaf0506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDA5ZjEzZjQtZDViZC0xMWVjLTgwOWItMTM2NWVhYWYwNTA2

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEHTuFDa9Ja7tr7Lr6yThXbI&_origin=1&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEHTuFDa9Ja7tr7Lr6yThXbI&_origin=1&google_cver=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEHTuFDa9Ja7tr7Lr6yThXbI&_origin=1&google_cver=1&apid=UP0097db10-d5bd-11ec-bf71-06c845b44618 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEHTuFDa9Ja7tr7Lr6yThXbI&_origin=1&google_cver=1&apid=UP0097db10-d5bd-11ec-bf71-06c845b44618&verify=true

Request Chain 146

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP0097db10-d5bd-11ec-bf71-06c845b44618 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP0097db10-d5bd-11ec-bf71-06c845b44618&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwMDk3ZGIxMC1kNWJkLTExZWMtYmY3MS0wNmM4NDViNDQ2MTg%3D

Request Chain 166

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEECHUIkGB65qtHdI9WwCcac&google_cver=1&google_push=AYg5qPJaGG_XIEOijQ__BTCprSu1fOjB-uwpSBCcWraXZt8tc1FekwjdhaLIYeCjH28roSFFm_cypCJ-jSTxSIHptjjn1Ry4A6k HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEECHUIkGB65qtHdI9WwCcac&google_cver=1&google_push=AYg5qPJaGG_XIEOijQ__BTCprSu1fOjB-uwpSBCcWraXZt8tc1FekwjdhaLIYeCjH28roSFFm_cypCJ-jSTxSIHptjjn1Ry4A6k&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2Gbh2iJWSVmojcP-DWjwvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJaGG_XIEOijQ__BTCprSu1fOjB-uwpSBCcWraXZt8tc1FekwjdhaLIYeCjH28roSFFm_cypCJ-jSTxSIHptjjn1Ry4A6k

Request Chain 167

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBqxonJPMMet42YADkKTb-0&google_cver=1&google_push=AYg5qPISWB_aytcy40mJ4nlLll7v0qRu9GXPlWMXCpqdTS4eyrQyFvwEjRGnY70G3ljfRDp5xxTCv4Nxuii4C0_G2fgGr_UwYkVc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM5V05FQjUtMTAtTDdQOA==&google_push=AYg5qPISWB_aytcy40mJ4nlLll7v0qRu9GXPlWMXCpqdTS4eyrQyFvwEjRGnY70G3ljfRDp5xxTCv4Nxuii4C0_G2fgGr_UwYkVc

Request Chain 168

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG1JTCmhsBfs3ZwpzIEoPDc&google_cver=1&google_push=AYg5qPInTMwFuUJu_NziR9MXYavBcKO0sbyAS3abCV0xqjgQZ71bI86G8Bs6hcie262TuEy_c-hGDpb4lzB45k_vur2H7OROVOCT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoNfejwo-faGyoqOaHnN5gAAAS4AAAIB&google_push=AYg5qPInTMwFuUJu_NziR9MXYavBcKO0sbyAS3abCV0xqjgQZ71bI86G8Bs6hcie262TuEy_c-hGDpb4lzB45k_vur2H7OROVOCT&google_cver=1&google_gid=CAESEG1JTCmhsBfs3ZwpzIEoPDc

Request Chain 174

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLPPISApzI4Nsc1KLMf3_HEeBT2QE--4J489aDM5Esz1OMru2R7LR-wuIriFhlbp2ERuyWbnnGjj2wJVajDXulbvXS2xw&google_gid=CAESEO4L0U1TM0jUFOZCTxhFnJQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9OZmV3QUFBQmJ2ZHdQNA&google_push=AYg5qPLPPISApzI4Nsc1KLMf3_HEeBT2QE--4J489aDM5Esz1OMru2R7LR-wuIriFhlbp2ERuyWbnnGjj2wJVajDXulbvXS2xw

Request Chain 175

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKMBhedXuGzISHdnwRL4RdRpegqSQkp2bv7QG1bQ7nz4Ac4E9FoRwgd3bu2GE1RWRqQw4lmRTlGXsIOQV92kexYM_e9MQ&google_gid=CAESEF8NJUtOvNc3ZAzAyQ507aQ&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPu-jZQGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBLTUJoZWRYdUd6SVNIZG53Ukw0UmRScGVncVNRa3AyYnY3UUcxYlE3bno0QWM0RTlGb1J3Z2QzYnUyR0UxUldScVF3NGxtUlRsR1hzSU9RVjkya2V4WU1fZTlNUQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwblMtVEtmUXhQd0lCQzA3d0s2NDBSdl9xa24zbDZvUlpfXzFXb3dDSUxDNA==&google_push

Request Chain 177

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEECHUIkGB65qtHdI9WwCcac&google_cver=1&google_push=AYg5qPJJKDa2tJIyoHwG5LgfJfqjoIAaUPZ6xXaL0oZ6a1gxilibf6lNcCF6Vg5nj_Q3mO6ne7-tJB5vo1v1F5rkCLa-v8JBlA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEECHUIkGB65qtHdI9WwCcac&google_cver=1&google_push=AYg5qPJJKDa2tJIyoHwG5LgfJfqjoIAaUPZ6xXaL0oZ6a1gxilibf6lNcCF6Vg5nj_Q3mO6ne7-tJB5vo1v1F5rkCLa-v8JBlA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V08EVccIQrOuHdC6TAi6Qg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJJKDa2tJIyoHwG5LgfJfqjoIAaUPZ6xXaL0oZ6a1gxilibf6lNcCF6Vg5nj_Q3mO6ne7-tJB5vo1v1F5rkCLa-v8JBlA

Request Chain 178

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBqxonJPMMet42YADkKTb-0&google_cver=1&google_push=AYg5qPIz2K7tC3-wPTqydUUwpo3VmJaZapAngY9R1TNwARq36qEntqldcZntZ_HkjA8t1_rHHyR4ylfK_8Te_dirICqZoT6zITI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM5V05FQ0YtMTctQzlPSA==&google_push=AYg5qPIz2K7tC3-wPTqydUUwpo3VmJaZapAngY9R1TNwARq36qEntqldcZntZ_HkjA8t1_rHHyR4ylfK_8Te_dirICqZoT6zITI

Request Chain 179

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG1JTCmhsBfs3ZwpzIEoPDc&google_cver=1&google_push=AYg5qPIIOPjkb1FdfYqdq1Nd1A_uH-hFdsOssGLXBg0L86ZpbJ0aGrP8TghfxSpNPm-VwRaB4hpVS8H_SbK0kQ8jJV7OYUTaXD0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoNfejwo-faGyoqOaHnN5gAAAS4AAAIB&google_push=AYg5qPIIOPjkb1FdfYqdq1Nd1A_uH-hFdsOssGLXBg0L86ZpbJ0aGrP8TghfxSpNPm-VwRaB4hpVS8H_SbK0kQ8jJV7OYUTaXD0&google_gid=CAESEG1JTCmhsBfs3ZwpzIEoPDc&google_cver=1

Request Chain 235

https://fw.adsafeprotected.com/rfw/st/996673/61756196/skeleton.js?adsafe_url=https%3A%2F%2Fvsim.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1dd79d14-61fc-4835-38c9-bd8c6d62c230,c:cRkvGC,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-58499bf7cc-tlrbr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:285,fm:t64X8nT+11%7C12%7C13%7C141%7C142%7C143%7C15*.996673-61756196%7C151%7C152%7C153%7C154%7C16%7C171%7C172%7C173%7C174,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:301,oid:009ff25b-d5bd-11ec-b46a-36d6d4acc7da,v:19.8.309,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 248

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=udopGHwrQUFqS1pXVFF2dDJCanQwMnZrUm5XakQvYUNTckc1WmttTTlGYXRlWHJRSWlJZWZ4b3BJV01mUW9tNnR0anJFYjhvcW9oS1lGQ2J6UEs3eC83a2ZwREJ5TTlNd2JFazlPSm5hdDlhTUZEVjVHcHBsbkJMek1aaGp6S0ZHa1JxeDcxWXM5VFBuVG1kQzdZK3RDM01PZVdOSk1xNXpXbkdrMGhQdGplZ2dqVGtSeWYxQkRjL0V4TndQWGJ5V2J4Q0FPUmhxeC9EaFB4M1RRRWZTS3JONHhLMGFrdUJEa1JLY1pEL1JTK3drb3RvPXw&cppv=2

Request Chain 258

https://web.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f49fa6016c2b8%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff36473cdf405dfc%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250 HTTP 302
https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f49fa6016c2b8%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff36473cdf405dfc%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text&sdk=joey&size=medium&use_continue_as=true&width=250&_rdc=1&_rdr

283 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vsim.ua/
Redirect Chain

http://vsim.ua/
https://vsim.ua/

279 KB
40 KB

706ms
522ms

Document
text/html

31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 2548b3c33485911111fe9e0f8a89a514b29812d5f27c2aef845ef4187a88b33f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, s-maxage=30
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 17 May 2022 08:40:24 GMT
server: nginx
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 17 May 2022 08:40:23 GMT
Location: https://vsim.ua/
Server: nginx

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 94 KB
37 KB 178ms
62ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NWSHLFG

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9576eef29c62c781cbf8f09b52e8d8cabb6d722fcc401acb7066a26895b6fd05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37428
x-xss-protection: 0
last-modified: Tue, 17 May 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 May 2022 08:40:24 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/ 64 KB
18 KB 254ms
113ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:24 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 09:11:37 GMT
server: nginx
etag: W/"624c07c9-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 05 Apr 2022 09:14:07 GMT
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 ed8d0db.js Show response
vsim.ua/js/ 95 KB
33 KB 99ms
98ms Script
application/javascript 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/ed8d0db.js?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:24 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 08:02:18 GMT
server: nginx
etag: W/"6283568a-17b3b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3831ad9.css
vsim.ua/css/ 631 KB
96 KB 175ms
175ms Stylesheet
text/css 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/3831ad9.css?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 6213cd0129652e667291c8eab50d09b789eabc9ba7c4fc973800c04546dd1318

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:24 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 08:02:17 GMT
server: nginx
etag: W/"62835689-9da9b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 191 KB
77 KB 397ms
275ms Script
application/javascript 2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48876764c29f8d0fe52cf3ed564a88a1a5aa807395a35a45cfe69150653b0a13

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce--8q_p84IuGF-Ccb_65XrMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce--8q_p84IuGF-Ccb_65XrMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Tue, 17 May 2022 08:40:25 GMT

GET
H2 200 Logo_new_vsim_v8.png
vsim.ua/img/ 5 KB
5 KB 206ms
200ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/Logo_new_vsim_v8.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-126c"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4716
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 news_today.svg
vsim.ua/html/20min-page/web/img/icon-title/ 1 KB
1 KB 206ms
200ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/news_today.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-467"
content-length: 1127
content-type: image/svg+xml

GET
H2 200 8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg
vsim.ua/img/cache/reference/panel_link/0026/31/ 4 KB
4 KB 206ms
200ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/panel_link/0026/31/8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg?hash=2022-02-25-14-28-31
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Fri, 25 Feb 2022 12:28:56 GMT
server: nginx
accept-ranges: bytes
etag: "6218cb88-e27"
content-length: 3623
content-type: image/jpeg

GET
H2 200 9024a147951615ce3d980390f5dcde4cb86f3de3.jpeg
vsim.ua/img/cache/reference/panel_link/0021/03/ 797 B
919 B 206ms
201ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/panel_link/0021/03/9024a147951615ce3d980390f5dcde4cb86f3de3.jpeg?hash=2020-11-16-13-57-22
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: b1f484070f3a01a04875ffb1e467f31eac8336a3456c807400b47f1c51f53a58

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Mon, 26 Apr 2021 13:52:21 GMT
server: nginx
accept-ranges: bytes
etag: "6086c595-31d"
content-length: 797
content-type: image/jpeg

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 206ms
201ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Often_comment.svg
vsim.ua/html/20min-page/web/img/icon-title/ 929 B
1 KB 206ms
201ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/Often_comment.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-3a1"
content-length: 929
content-type: image/svg+xml

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 206ms
201ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Newslater.svg
vsim.ua/bundles/twentyminutuamain/img/icon-title/ 766 B
945 B 206ms
202ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/icon-title/Newslater.svg?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-2fe"
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 766
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 04757c045656223f79bdfdb8cb09896f9b1eaf03.png
vsim.ua/img/cache/reference/rubric_partner/0021/76/ 8 KB
8 KB 206ms
202ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/rubric_partner/0021/76/04757c045656223f79bdfdb8cb09896f9b1eaf03.png?hash=2021-01-22-11-59-23
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Mon, 14 Feb 2022 16:26:41 GMT
server: nginx
accept-ranges: bytes
etag: "620a82c1-200e"
content-length: 8206
content-type: image/png

GET
H2 200 EU_hor.png
vsim.ua/html/20min-page/web/img/ 77 KB
77 KB 206ms
202ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/EU_hor.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 27 Apr 2022 07:07:05 GMT
server: nginx
etag: "6268eb99-1329e"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 78494
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
vsim.ua/html/20min-page/web/img/ 13 KB
14 KB 206ms
202ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 27 Apr 2022 07:07:05 GMT
server: nginx
etag: "6268eb99-35a6"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13734
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 177ms
57ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

84e3f698fdb534a505985d0eec4f6c9af15828703874cfb432147bfc34b5e003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rsPDO34lb7uEMBYslww2lQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: jRvC3qpwr/OtX5C4YQGne+VfTLoDUvxAzvrXVhNWk1Y0BNQtkamb0d/PKRNav8Rm7QGhswgvulKzLO7i6iIY+w==
x-fb-trip-id: 2050670934
x-fb-content-md5: ad2e0dc3ea3f6b35463af070eaf97d82
x-frame-options: DENY
date: Tue, 17 May 2022 08:40:25 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e179e30ded2f8b012e377da986bcb678"
timing-allow-origin: *
expires: Tue, 17 May 2022 08:49:45 GMT

GET
H2

200

imask.js Show response
unpkg.com/imask@6.4.2/dist/
Redirect Chain

https://unpkg.com/imask
https://unpkg.com/imask@6.4.2
https://unpkg.com/imask@6.4.2/dist/imask.js

166 KB
38 KB

56ms
56ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/imask@6.4.2/dist/imask.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8fad7ea6d56c85bc473f0091aa9870e4a7db6609c037eac826ed00c68ea3fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8374135
fly-request-id: 01FVF0KJKRYS01R3X0C6T0GEMS
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"297db-B/zbN+2crPCo1IRXSpVqEqQx/1k"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 70cb0c552cfa75bd-LHR

Redirect headers

date: Tue, 17 May 2022 08:40:25 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FVF0YMCJAATR9FJZBYAY0BNZ
server: cloudflare
age: 8373773
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /imask@6.4.2/dist/imask.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 70cb0c54bc5975bd-LHR
access-control-allow-origin: *

GET
H2 200 Push_notifacation.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
2 KB 206ms
203ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Push_notifacation.svg?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-75a"
content-length: 1882
content-type: image/svg+xml

GET
H2 200 Instagram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
2 KB 207ms
203ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Instagram.svg?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-884"
content-length: 2180
content-type: image/svg+xml

GET
H2 200 Email.svg
vsim.ua/html/20min-page/web/img/sub_image/ 3 KB
3 KB 207ms
203ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Email.svg?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-aa0"
content-length: 2720
content-type: image/svg+xml

GET
H2 200 Telegram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
2 KB 207ms
203ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Telegram.svg?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-7c3"
content-length: 1987
content-type: image/svg+xml

GET
H2 200 Viber.svg
vsim.ua/html/20min-page/web/img/sub_image/ 4 KB
4 KB 207ms
203ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Viber.svg?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-1132"
content-length: 4402
content-type: image/svg+xml

GET
H2 200 GN.svg
vsim.ua/html/20min-page/web/img/sub_image/ 5 KB
5 KB 207ms
204ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/GN.svg?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
accept-ranges: bytes
etag: "5e4d36b2-145a"
content-length: 5210
content-type: image/svg+xml

GET
H2 200 0728b5d.js Show response
vsim.ua/js/ 879 KB
239 KB 100ms
100ms Script
application/javascript 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/0728b5d.js?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: e248ccf39aee781866abb6a97023d16144fb3394017395b0594174c9f1904a2b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:24 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 08:02:14 GMT
server: nginx
etag: W/"62835686-dbba4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 504 aGeq.js
leokross.com/vAW/ 0
0 7045ms
6055ms Script
text/html 79.171.117.17
VARITI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://leokross.com/vAW/aGeq.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/459104/ 386 KB
118 KB 186ms
57ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/459104/hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: e2fa9f11d8500691a31d8d2c4edcdcce235325f668ec0540de3c7a988d44ca92

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 05:33:36 GMT
server: nginx
etag: W/"626632b0-608ff"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 19 May 2022 08:40:25 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 212ms
80ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

7f4f5cc9b91a08322dc060f418817a0ddc3698f5ff94508ee177e810e0aa0ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28351
x-xss-protection: 0
server: sffe
etag: "1217 / 558 of 1000 / last-modified: 1652738785"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 17 May 2022 08:40:25 GMT

GET
H2 200 wrapper_hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/459104/ 786 B
744 B 326ms
198ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/459104/wrapper_hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: aef231caad9876f19aba7e2abc99353c2a2f45b4fee982fd2ca7edc59978a8f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 06:47:32 GMT
server: nginx
etag: W/"62834504-312"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 19 May 2022 08:40:25 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 5 KB
1 KB 183ms
68ms Fetch
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=d9345397765ace7e36f5036f718db82e
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
x-correlation-id: 4f69ab06c7d60505536e5b75aeee5cb4
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache: MISS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 171ms
53ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3939
date: Tue, 17 May 2022 07:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 17 May 2022 09:34:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 126 KB
45 KB 191ms
72ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d847e85cd96409f0fd7162aaaedfd2f9c6998616824fa91977c0151c951693d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45757
x-xss-protection: 0
last-modified: Tue, 17 May 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 May 2022 08:40:25 GMT

GET
H2 200 remplib.js Show response
vsim.ua/bundles/twentyminutuapaywall/js/ 193 KB
36 KB 206ms
204ms Script
application/javascript 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: fa790aa2667f45ccaceb5fdc2f784c856eb3d4ac5a3e8ba5b2aacec8c8b2722b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
last-modified: Fri, 10 Sep 2021 08:36:22 GMT
server: nginx
etag: W/"613b1906-30266"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 177ms
58ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: cUE2Dg28w6hmAyTBv96QlLAcx4SRXsoFyiKzEB0ae8p58pRdtV9iI947OM8iw2dRaQHH5QyXO1aQ7Gsy1e/9sg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 17 May 2022 08:40:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 70 KB
70 KB 203ms
203ms Font
font/woff2 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?8fd8bff1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://vsim.ua/css/3831ad9.css?8fd8bff1
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-118d8"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 71896
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 MaterialIcons-Regular.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 43 KB
43 KB 202ms
202ms Font
font/woff2 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/MaterialIcons-Regular.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?8fd8bff1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer: https://vsim.ua/css/3831ad9.css?8fd8bff1
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-ad0c"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 44300
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 viber-f.svg
vsim.ua/bundles/twentyminutuamain/img/ 3 KB
3 KB 158ms
157ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/viber-f.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?8fd8bff1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?8fd8bff1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-bff"
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3071
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 g_n_icon.svg
vsim.ua/bundles/twentyminutuamain/img/ 1 KB
1 KB 158ms
158ms Image
image/svg+xml 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/g_n_icon.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?8fd8bff1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?8fd8bff1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-478"
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1144
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 telegram-f.png
vsim.ua/bundles/twentyminutuamain/img/ 548 B
723 B 158ms
158ms Image
image/png 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/telegram-f.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?8fd8bff1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?8fd8bff1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-224"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 548
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iframe Show response
vsim.ua/site_login/ Frame DE26 5 KB
1 KB 227ms
227ms Document
text/html 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/iframe
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: b1af20804edbd10d239624e004016abd6145eefe0eb2cd61b80967d241288cfe

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 17 May 2022 08:40:25 GMT
server: nginx
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

GET
H2 200 / Show response
id.gravitec.net/ Frame B2F7 621 B
614 B 446ms
53ms Document
text/html 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 17 May 2022 08:40:25 GMT
etag: W/"5e9485b6-26d"
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AcO1ry8kIUb/bwDPAw
x-77-nzt-ray: E3mD99j1/Lk
x-77-pop: frankfurtDE
x-accel-expires: @1904239114
x-age: 63897711
x-cache: HIT

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 186ms
57ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 15 Aug 2022 08:40:25 GMT
cache-control: max-age=7776000
x-proxy-cache: HIT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 291 KB
84 KB 57ms
57ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=6af42509cbfbcffa730ade656e75ddc9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bbd2c89dea20c9f50a1d62c77b25b1e66a5b1cca76074f0b9927b3a47ddeb189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 4ILf4AfQHGfzCI7NbhRESg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85485
x-fb-rlafr: 0
x-fb-debug: I50EoDHyLCEEb5d4G+XXb6JQfGap5Sv+oZDjjj4dshUjl+/l+eGHkpBPKCfWwf8DWsajxBNmC7zXvQqZGstLnQ==
x-fb-trip-id: 2050670934
x-fb-content-md5: 989a1ecbc1c8c904c2d062ad5fa71c26
x-frame-options: DENY
date: Tue, 17 May 2022 08:40:25 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6fa6edee9a5128521c9b3db015c50dd0"
timing-allow-origin: *
expires: Wed, 17 May 2023 06:44:03 GMT

GET
H2 200 506134916849111 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 58ms
57ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/506134916849111?v=2.9.60&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7379d47cbf147b3d98794cfc82cbe49bc0bff579e48af5de2c3370f7df1192fe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88867
x-xss-protection: 0
pragma: public
x-fb-debug: Fds9hqsfKfoJ8svXgvMONF/5byzGrr/opwet76CoYVbxHX8pRXIoZ/+Y/KTKlRRROtvDIXwxsba7QpLlG9nVtQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 17 May 2022 08:40:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
526 B 192ms
61ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://vsim.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3 200 pubads_impl_2022051201.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 162ms
54ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:38:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127621
x-xss-protection: 0
last-modified: Thu, 12 May 2022 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 17 May 2023 08:38:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 104 B
115 B 173ms
64ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

5ee58d63b466de0f67a216954ad930f8cfa99fcb23b97c3c27e9c714520d2fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Tue, 17 May 2022 08:40:25 GMT

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 184ms
75ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a2fead16364785698fd4a36e23dce37841f3caabc19df6977283485816be51a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70005
x-xss-protection: 0
expires: Tue, 17 May 2022 08:40:25 GMT

GET
H2 200 fc40332.css
vsim.ua/css/ Frame DE26 177 KB
30 KB 182ms
181ms Stylesheet
text/css 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/fc40332.css?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 270afa1b13087c609baef1d8a4f7652ac5be30b175ff7f78822f8a2d9be5dee1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 08:01:19 GMT
server: nginx
etag: W/"6283564f-2c584"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dba7e9c.js Show response
vsim.ua/js/ Frame DE26 246 KB
71 KB 190ms
190ms Script
application/javascript 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/dba7e9c.js?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 14e4699a9706867363ccdfcc60f64545b6529ff6eb4ce7b0072183b2acb20816

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 08:01:22 GMT
server: nginx
etag: W/"62835652-3d641"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 174498271fd93f7a7b2f8f031e84d38195d6ea90.webp
vsim.ua/img/cache/news_rtp_large/news/0027/43/ 46 KB
47 KB 204ms
203ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0027/43/174498271fd93f7a7b2f8f031e84d38195d6ea90.webp?hash=2022-05-17-09-46-03
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 59cec7a8dae8e7559d3aa7c902e6b5044f785aeab19876b05b4b34fdc1d19636

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Tue, 17 May 2022 07:22:08 GMT
server: nginx
accept-ranges: bytes
etag: "62834d20-b9ca"
content-length: 47562
content-type: image/webp

GET
H2 200 f6184abf81081a1a35d30bc8eaeb1bfe8f69b6e8.webp
vsim.ua/img/cache/news_rtp_large/news/0027/43/ 25 KB
25 KB 205ms
204ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0027/43/f6184abf81081a1a35d30bc8eaeb1bfe8f69b6e8.webp?hash=2022-05-17-09-41-29
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 217728f605bfda0948dfd79a630c382d14b50c6592b8d024f113c26f11281897

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Tue, 17 May 2022 07:22:08 GMT
server: nginx
accept-ranges: bytes
etag: "62834d20-6566"
content-length: 25958
content-type: image/webp

GET
H2 200 2639842-tserkva-u-ruzhichniy-pereyshla-do-ptsu-yak-tse-vidbuvalosya-foto.jpeg
vsim.ua/img/cache/news_rtp_large/news/0027/40/ 26 KB
26 KB 205ms
205ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0027/40/2639842-tserkva-u-ruzhichniy-pereyshla-do-ptsu-yak-tse-vidbuvalosya-foto.jpeg?hash=2022-05-14-19-42-25
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 1a33a2b15cd7456b22d3de882137248ceea7dad03ba85df84735744cabc36737

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Sat, 14 May 2022 16:47:41 GMT
server: nginx
accept-ranges: bytes
etag: "627fdd2d-66e6"
content-length: 26342
content-type: image/jpeg

GET
H2 200 2641374-u-hmelnitskomu-hochut-visaditi-kleni-na-411-tisyach.jpeg
vsim.ua/img/cache/news_rtp_large/news/0027/42/ 23 KB
23 KB 205ms
205ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0027/42/2641374-u-hmelnitskomu-hochut-visaditi-kleni-na-411-tisyach.jpeg?hash=2022-05-16-14-40-33
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 21a4ab10ad6c5865500e91771ec0ec1e9b7879f0942820c06b99f9218fe4ae66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Mon, 16 May 2022 11:48:37 GMT
server: nginx
accept-ranges: bytes
etag: "62823a15-5c34"
content-length: 23604
content-type: image/jpeg

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 174ms
58ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=506134916849111&ev=PageView&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1652776825311&sw=1600&sh=1200&v=2.9.60&r=stable&ec=0&o=30&fbp=fb.1.1652776825310.1400766762&it=1652776825118&coo=false&rqm=GET

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 17 May 2022 08:40:25 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
455 B 185ms
62ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://vsim.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 hbw_master_306660_6693.js Show response
player.adtelligent.com/prebidlink/459104/ 190 KB
32 KB 61ms
61ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/459104/hbw_master_306660_6693.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/wrapper_hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: ff8ee484702e9be09b4ec43650677da1ed18e0b9a939ed85b2e640da7203a67e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 06:47:32 GMT
server: nginx
etag: W/"62834504-2f630"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 19 May 2022 08:40:25 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 148ms
58ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=178301089580185&ev=fb_page_view&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1652776825337&sw=1600&sh=1200&at=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 17 May 2022 08:40:25 GMT

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 186ms
57ms Fetch 52.174.47.89
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=d9345397765ace7e36f5036f718db82e&user_id=ff361818-d899-467c-9bd3-5c7e1290b2eb&utmb=b99e077d-8420-4538-aa3e-d891a7c47a24&path=https%3A%2F%2Fvsim.ua%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.174.47.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:25 GMT
x-correlation-id: 598b2e10e4a0ab69bf98fcff1374f44b
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
expires: 0

OPTIONS
H2 200 pageview
tracker_beam.20minut.ua/track/ Frame 0
0 320ms
130ms Preflight 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://vsim.ua
access-control-max-age: 3600
content-length: 0
date: Tue, 17 May 2022 08:40:25 GMT
server: nginx/1.16.1

POST
H2 202 pageview Show response
tracker_beam.20minut.ua/track/ 0
135 B 151ms
151ms XHR
text/plain 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Requested by: Host: vsim.ua
URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?8fd8bff1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vsim.ua
date: Tue, 17 May 2022 08:40:25 GMT
access-control-allow-credentials: false
server: nginx/1.16.1
content-length: 0
access-control-max-age: 3600

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 133 B
396 B 506ms
65ms XHR
application/json 185.239.174.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.174.234 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 732c52ae44b0d451d65948ce6ec9ada9d7e6506a0dbf9cceea18f43d812f0e2f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 17 May 2022 08:40:25 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 133

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
424 B 507ms
65ms XHR
image/gif 185.239.174.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=306660&site_id=6693&full_page_url=https%3A%2F%2Fvsim.ua%2F&adid=9wncci.wf&features=16416&vpbv=N060&lifecycle_tte=1691
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.174.234 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 17 May 2022 08:40:25 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/306633/ 2 KB
1 KB 176ms
62ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/306633/config.json?cb=https%3A%2F%2Fvsim.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 61d9841a97769ae784dca9c49a2e473b6a205604ff0ca8e1eed5fb78950a1aaf

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 00:02:13 GMT
server: nginx
etag: W/"62819485-8f7"
content-type: application/json
access-control-allow-origin: https://vsim.ua
expires: Thu, 19 May 2022 08:40:25 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 184ms
62ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 184ms
62ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
35 KB 482ms
482ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2438363166328152&correlator=4487153429937649&eid=31065401&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=45035109%2Cvsim_main_(300x250)&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x400&ifi=1&adks=978356717&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1652776825537&lmt=1652776825&dlt=1652776824622&idt=871&biw=1600&bih=1200&adxs=1092&adys=228&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1087232765.1652776826&ga_sid=1652776826&ga_hid=829486378&ga_fc=false&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

18d8509d02245c258a26f079507a9d51aace7913eeca95f22181e7e712d5d7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35801
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3414 6 KB
4 KB 218ms
61ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 08:40:25 GMT
expires: Wed, 17 May 2023 08:40:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 171ms
60ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=829486378&t=pageview&_s=1&dl=https%3A%2F%2Fvsim.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAQCAC~&jid=1288360533&gjid=1431556549&cid=1087232765.1652776826&tid=UA-43975937-2&_gid=1977552066.1652776826&_r=1&_slc=1&cd1=NotAuthorizedUser&z=1584134605

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
341 B 183ms
61ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0CS1NTGGLB&gtm=2oe5g0&_p=829486378&_z=ccd.tfB&_gaz=1&cid=1087232765.1652776826&ul=en-us&sr=1600x1200&_s=1&sid=1652776825&sct=1&seg=0&dl=https%3A%2F%2Fvsim.ua%2F&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
341 B 184ms
61ms Ping
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0CS1NTGGLB&cid=1087232765.1652776826&gtm=2oe5g0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 194ms
78ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0CS1NTGGLB&cid=1087232765.1652776826&gtm=2oe5g0&aip=1&z=351178888

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 61ms
61ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43975937-2&cid=1087232765.1652776826&jid=1288360533&gjid=1431556549&_gid=1977552066.1652776826&_u=YAhAAEAAAAQCAC~&z=1860648942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 17 May 2022 08:40:25 GMT
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame DFB9 0
18 B 110ms
54ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://vsim.ua
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://vsim.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 08:40:25 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 303ms
109ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Tue, 17 May 2022 08:40:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
324 B 235ms
66ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2253a5564b8c27e5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fvsim.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22680a551ff3c3d8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news8(1200x250)%23div-gpt-ad-1632837984961-0%22%7D%7D%2C%7B%22id%22%3A%227a380e432e1185%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news9(1200x250)%23div-gpt-ad-1632838225160-0%22%7D%7D%2C%7B%22id%22%3A%228d29d77e371a72%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news10(1200x250)%23div-gpt-ad-1632838267602-0%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22929ad7e1-7dd8-487e-bace-2c5828ba728d%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 81850bb9584cdbc8629b557b0a24b4e5ce04dabd7bba9bf2920403bf336b033a

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:26 GMT
x-ak-initial-geo: CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.44], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://vsim.ua
x-cs-client-geo: 27
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 27
expires: Tue, 17 May 2022 08:40:26 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
54 B 345ms
154ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Tue, 17 May 2022 08:40:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.4058016626740524&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F...
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.4058016626740524&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=h...

415 B
825 B

52ms
51ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.4058016626740524&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=929ad7e1-7dd8-487e-bace-2c5828ba728d
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Server: 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: b2a65a1e0a463a3071bc44279ce150a460a3ec8c69615776403706da3f00d001

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:26 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://vsim.ua
expires: Tue, 17 May 2022 08:40:26 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 415
x-sid: AMS-746

Redirect headers

date: Tue, 17 May 2022 08:40:26 GMT
server: openresty
location: /hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.4058016626740524&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&e_pubcid=929ad7e1-7dd8-487e-bace-2c5828ba728d
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://vsim.ua
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-746

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
679 B 66ms
66ms XHR
application/json 185.239.174.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.174.234 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: b269748b830ddb7c653459121a0b7735b1f2fd707c6e0e795676f378a855974e

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 17 May 2022 08:40:25 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 377

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 549 B
566 B 581ms
65ms XHR
application/json 185.83.69.178
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.69.178 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: a53ffff63d9ca78980d1dcd0d05654fa21696c7fae3f32aa1e830fba3669a23e

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 17 May 2022 08:40:25 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 264

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 73 B
373 B 194ms
64ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fvsim.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1b6b9219-6835-4a48-8617-8c23ec0f1b6b%2Ca9ecb21c-d344-4a62-9e70-0d9cc0513bf1%2Cb1cc36bd-6645-4f46-9894-6b462d96925e&nocache=1652776825953&pubcid=929ad7e1-7dd8-487e-bace-2c5828ba728d&schain=1.0%2C1!adtelligent.com%2C306660%2C1%2C%2C%2C&aus=1200x250%2C1200x400%7C1200x250%2C1200x400%7C1200x250%2C1200x400&divids=div-gpt-ad-1632837984961-0%2Cdiv-gpt-ad-1632838225160-0%2Cdiv-gpt-ad-1632838267602-0&aucs=%252F45035109%252F20minut_news8(1200x250)%2523div-gpt-ad-1632837984961-0%2C%252F45035109%252F20minut_news9(1200x250)%2523div-gpt-ad-1632838225160-0%2C%252F45035109%252F20minut_news10(1200x250)%2523div-gpt-ad-1632838267602-0&auid=541177132%2C541177132%2C541177132
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 9b0698e13a35d935ffba4fbc436471383a1ef29c3246fee5bd73c3941999b349

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:26 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://vsim.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 376 B
1 KB 292ms
176ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2b5bdcda72eef5aa75de8bea3d4bbda4a50cb68632532068745b5369bcec1ef7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 May 2022 08:40:26 GMT
X-Proxy-Origin: 82.199.130.44; 82.199.130.44; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 85f1675e-099c-4bab-a314-402211144a44
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 376
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 379 B
1 KB 256ms
140ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a4b1a285d6553b5c380568c68a98210c6a028f6231ec63cc69c13e681f1c10be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 May 2022 08:40:26 GMT
X-Proxy-Origin: 82.199.130.44; 82.199.130.44; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fbb769ee-fb04-4d18-821f-74165e82c081
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 379
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
169 B 160ms
55ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Tue, 17 May 2022 08:40:26 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 302 B
526 B 120ms
65ms XHR
application/json 185.239.174.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=517710&aid2=517711&aid3=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.174.234 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 67656b202a63c834a0a072643bad67ecd2b25edf681a8ec7e762d734af2a14fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 17 May 2022 08:40:25 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 224

GET
H3 200 container.html Show response
910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B3BA 6 KB
3 KB 164ms
54ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 08:40:25 GMT
expires: Wed, 17 May 2023 08:40:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=8e72e8ea-6a1e-4b3b-bad0-fced2d4b3693

0
407 B

822ms
314ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=8e72e8ea-6a1e-4b3b-bad0-fced2d4b3693
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 17 May 2022 08:40:26 GMT
Server: VertaMedia 1.0
Etag: d08bb9014538e166
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=8e72e8ea-6a1e-4b3b-bad0-fced2d4b3693
date: Tue, 17 May 2022 08:40:26 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8479 624 B
976 B 189ms
66ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGNznq8oBMAE&v=APEucNWEsvwMt5qcJJFqdxZBUP0BNkwaUStFnT3KCRmY5eSjT2ldvath3d9gvq1-6jE4Z4fXT4Vfglm2TWC_sbFrd_gdUGa5Fnxl23zCEv2H8maZhAOJoO2_4jwdVsZep1dmw8ABmmcmGGmcm6wuEzWecez5_syMvBlMB35nxt3kSCVQtDnviuI

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 08:40:26 GMT
expires: Tue, 17 May 2022 08:40:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B3BA 106 KB
38 KB 211ms
54ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Origin: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 17 May 2022 08:57:18 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame B3BA 6 KB
3 KB 206ms
68ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 06:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 06:48:20 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame B3BA 19 KB
8 KB 195ms
60ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 06:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 11406487492938680093
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 06:41:14 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B3BA 42 B
173 B 226ms
92ms Image
image/gif 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C43tJeODec-y6WyVLdlUIMbXYZoZwkGIvOZu9W6MUtM8r_RjEATkQ9jaT6HpbzDfOaqVz5oYPUCk7gksPIFAsbiMkIdK9L5RidQOe0_ARJl9p87D0

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame B3BA 3 KB
1 KB 175ms
58ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 08:38:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B3BA 121 KB
37 KB 249ms
120ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 17 May 2022 08:40:26 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame B3BA 15 KB
7 KB 171ms
54ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 08:39:26 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8479
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFoO8lSTY7E9C4RVoDNAqxI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFoO8lSTY7E9C4RVoDNAqxI&google_cver=1&C=1

43 B
1013 B

85ms
85ms

Image
image/gif

104.92.100.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFoO8lSTY7E9C4RVoDNAqxI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGNznq8oBMAE&v=APEucNWEsvwMt5qcJJFqdxZBUP0BNkwaUStFnT3KCRmY5eSjT2ldvath3d9gvq1-6jE4Z4fXT4Vfglm2TWC_sbFrd_gdUGa5Fnxl23zCEv2H8maZhAOJoO2_4jwdVsZep1dmw8ABmmcmGGmcm6wuEzWecez5_syMvBlMB35nxt3kSCVQtDnviuI
Protocol: HTTP/1.1
Server: 104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-100-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 May 2022 08:40:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 May 2022 08:40:26 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 May 2022 08:40:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFoO8lSTY7E9C4RVoDNAqxI&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 17 May 2022 08:40:26 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8479
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoNfemSCDeloK6hftBYy8QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFoO8lSTY7E9C4RVoDNAqxI&google_cver=1

43 B
1013 B

70ms
70ms

Image
image/gif

104.92.100.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFoO8lSTY7E9C4RVoDNAqxI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGNznq8oBMAE&v=APEucNWEsvwMt5qcJJFqdxZBUP0BNkwaUStFnT3KCRmY5eSjT2ldvath3d9gvq1-6jE4Z4fXT4Vfglm2TWC_sbFrd_gdUGa5Fnxl23zCEv2H8maZhAOJoO2_4jwdVsZep1dmw8ABmmcmGGmcm6wuEzWecez5_syMvBlMB35nxt3kSCVQtDnviuI
Protocol: HTTP/1.1
Server: 104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-100-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 May 2022 08:40:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 May 2022 08:40:27 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFoO8lSTY7E9C4RVoDNAqxI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8479
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELCyezmgAgpy4f8a6IcXMn0&google_cver=1

43 B
1016 B

56ms
56ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELCyezmgAgpy4f8a6IcXMn0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGNznq8oBMAE&v=APEucNWEsvwMt5qcJJFqdxZBUP0BNkwaUStFnT3KCRmY5eSjT2ldvath3d9gvq1-6jE4Z4fXT4Vfglm2TWC_sbFrd_gdUGa5Fnxl23zCEv2H8maZhAOJoO2_4jwdVsZep1dmw8ABmmcmGGmcm6wuEzWecez5_syMvBlMB35nxt3kSCVQtDnviuI

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 May 2022 08:40:26 GMT
X-Proxy-Origin: 82.199.130.44; 82.199.130.44; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5b9c690c-a3ac-49c2-aef7-07f957e20a97
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELCyezmgAgpy4f8a6IcXMn0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8479
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk3OTEyMDA0ODI2NzkxMTY5Mw%3D%3D

170 B
243 B

127ms
65ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk3OTEyMDA0ODI2NzkxMTY5Mw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 May 2022 08:40:26 GMT
X-Proxy-Origin: 82.199.130.44; 82.199.130.44; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8f0d11b2-758c-4d1b-866d-3a57c0f0eaf5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk3OTEyMDA0ODI2NzkxMTY5Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B3BA 41 KB
15 KB 166ms
54ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 19:11:20 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4513369066257921189/ Frame D5A3 6 KB
2 KB 165ms
55ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4513369066257921189/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77192ec9a9016241441eb9b10647456b581601d9a3591ddea9225a62911a7898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 45480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2414
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 20:02:26 GMT
expires: Tue, 16 May 2023 20:02:26 GMT
last-modified: Wed, 11 May 2022 12:09:46 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B3BA 0
622 B 229ms
98ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstR3IZ27qsP52wLduZNHfL-A8HfnQJNopt3X3H7m1HwKnHRGxBNFqcdj1zWkVvw-t40rzU4mcfTjKBD-nZJ7MdfjCSzFIly7D3D_IuLhQVH0NQjRius_vouKwnQXo9eelsUw77CgBCcQY43R0C_j41HK3zrr9OWkuos4qxLieuLwtDHsx0JZdbZwCriNraCO5T5XGf2adz5DBM5phuuIf2L144gMuXUVsU_kJPFV8jy5TrgMSwI4dGtJlTr8WYzdfkTBO4WFVMwnzGmqJDMgto6qWPmD1jnvq6UkU8Hq7jK2g_xrV2vMgu2tq2KihqAyrWC7oryahMFDWMsxaibhJZWRS1yhMXvzvlFhUPiW3rdIasXhMX5pGFcmOpRBemGzIU-PGKZBfrvKS444zjDze4fPDI5qfEMouunUa3KR-sIEvftM_923jY1ZlWaDH2X2OxASt43nRqaMvSF0tdaJVJY_RZhUEtAsahbmYZFCa1SaVsut-7hPzaRpN4sL43fyTVCpGt-8dyVWONk9LlOYnAUe7yvhKrVXIjqSQjR1_IsCX-5_FndVUYabWjIgfKWrWGD_MczV74ASRvT4tYgEK8bUpCK-UeuiTQoKYzXFXnLvJcnpx3EI73SEJ7a58qYQDTAeHBpHWok2j8AXEWkjKAj30I7yJ98nrGKGibUK0hIfirHr2YjTFudX-dzkSbHQLvNMua4djGL1FuxzJLL5NnHF8XwXdUhhyfyi6msGaSgJULmnaHopB-xCHXD5DDnn5r3Vk1p9c_08O_-IIAmzHD4z8-lVzZkcMFzYAGRz7ZWe8aOxxCuNsrnkNpLJ8HBCYcnWbhlFCH8aDfLenCmMn0vfcCVPZKfoImuWAkh-KXQwoROuK0Wd7QHHJIZ0JCghtKcsQ1G4ENBvmfXqbEjRDAyA4vtaq3nqSR5flFqifbM6W-S5y91mYbPiNOgdinZJjO6_EzGTvgOvqnoQMXUcYUSh2cneE_0a5KiNoJj6zwBSsnMd_tU61Sqh6Hinyug3gyHyOFITrkwMTD-p_vNFMwJeiLVt75eq_13uo4wm6OAxMQUAPYsNQ-vhxDz3zc4TMB_2k4z7hCyYZBYKE2_ddJG5cKiIBEKaTKApDQkHeDDqeKGTkHirfNBeHYbqARAb4KZa32vPdC6mxM_YMp02gbKnQbv4IU45IC5YXNZppYSHsk2qY34ShB9YXE1pc9kaIjtoZt7d92-pfS3-5DCo-18aymOLAXG0w&sai=AMfl-YSq8CU3X1TKw_0sv62RvsRhGSrY2pDqh1WVoC12Z8W0wnzGM7vXM3kyllWftvg37RIuBRumyfsdnGvaT4RoNgct__yr09qAAXSryvj2r_17Pg9-ysr3qvRGv3PsVFBlV1ntVM-JJ8XgmQ2VIr6eT8-qI0i_JOnRC43sIhIEYG7af0Q2EiyXpbxISqPS_mBDc9o0H0J5lcDhb78AHo7pDN_eaPG3mCO7UKdFx8ovJrvR5aTiLAXjAJQnVqmmRBCd4qaCoeKAr0t_TYNIMoT79FMg_2MiZYnBe-IaXIDygST_oAQR7SetMhE9d6ZnDnXxixuAudm_SQkTXqSS7yvgEQkNtyWLAUv5cPMMu0IXiWiew9PhpEHR9fLyx-Oqe-T984r2oKUMWtlpBRGzGuXnpQ&sig=Cg0ArKJSzELxuJGMibybEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=290&cbvp=1&cstd=287&cisv=r20220511.66878&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 17 May 2022 08:40:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 175ms
63ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 08:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 173ms
63ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 08:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
31 KB 823ms
823ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2438363166328152&correlator=364142617778186&eid=31065401&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=45035109%2C20minut_news8(1200x250)%2C20minut_news9(1200x250)%2C20minut_news10(1200x250)&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1200x250%7C1200x400%2C1200x250%7C1200x400%2C1200x250%7C1200x400&ifi=2&adks=2483578089%2C4059114074%2C1842437250&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=city_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Da3786148bddd8064-22fc0bc596cd009d%3AT%3D1652776825%3AS%3DALNI_MbmpXQWeiLN2HmSfFqL0BUacRrOAw&abxe=1&dt=1652776826540&lmt=1652776826&dlt=1652776824622&idt=871&biw=1600&bih=1200&adxs=204%2C204%2C204&adys=1056%2C3264%2C4265&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1192x250%7C1192x250%7C1192x250&msz=1200x250%7C1200x250%7C1200x250&fws=4%2C4%2C4&ohw=1192%2C1192%2C1192&ga_vid=1087232765.1652776826&ga_sid=1652776826&ga_hid=829486378&ga_fc=true&btvi=0%7C1%7C2&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

a04a09f6240b05134d4d6819f8c5beb55a5f8ca9ab95e16988ca54f45f0e8ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31996
x-xss-protection: 0
google-lineitem-id: -1,5986713334,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138388533608,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B3BA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00e5171602a902da6359ec7688c8037bf78381c63aff7c36feb6a4ef6f09c632

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BB29 22 KB
8 KB 55ms
55ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 147613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 15 May 2022 15:40:13 GMT
expires: Mon, 15 May 2023 15:40:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D5A3 236 KB
63 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4513369066257921189/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4513369066257921189/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 17 May 2022 08:40:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame D5A3 6 KB
1 KB 179ms
63ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4513369066257921189/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3414d844b632dcc5982746172c2039ae21fd9b974b6ba754c6b9ecbc3dabce2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 May 2022 06:49:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 17 May 2022 08:40:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 May 2022 08:40:26 GMT

GET
H3 200 avoury-300x250.js Show response
s0.2mdn.net/sadbundle/4513369066257921189/ Frame D5A3 47 KB
11 KB 55ms
54ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4513369066257921189/avoury-300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4513369066257921189/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b3c97fb5302afc874872d168b5a41aeb0840e53a4614e391e078d1139cc414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4513369066257921189/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 23:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10731
x-xss-protection: 0
last-modified: Wed, 11 May 2022 12:09:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 23:21:26 GMT

GET
H3 200 NhRng2ZenZRcaPRuU0zAmqgyTOhBGXWeehn8uWk0bEI.js Show response
pagead2.googlesyndication.com/bg/ Frame BB29 35 KB
13 KB 182ms
61ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NhRng2ZenZRcaPRuU0zAmqgyTOhBGXWeehn8uWk0bEI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36146783665e9d945c68f46e534cc09aa8324ce84119759e7a19fcb969346c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:29:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13698
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 08:29:48 GMT

GET
H3 200 avoury_300x250_atlas_P_1.png
s0.2mdn.net/sadbundle/4513369066257921189/images/ Frame D5A3 57 KB
57 KB 55ms
55ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4513369066257921189/images/avoury_300x250_atlas_P_1.png

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609dd27e01cc07fbce250c080ed569c792b407e4bd8f4076e7f1f5407cd9aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4513369066257921189/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:01:25 GMT
x-content-type-options: nosniff
age: 67141
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58445
x-xss-protection: 0
last-modified: Wed, 11 May 2022 12:09:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:01:25 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B3BA 0
26 B 201ms
91ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstR3IZ27qsP52wLduZNHfL-A8HfnQJNopt3X3H7m1HwKnHRGxBNFqcdj1zWkVvw-t40rzU4mcfTjKBD-nZJ7MdfjCSzFIly7D3D_IuLhQVH0NQjRius_vouKwnQXo9eelsUw77CgBCcQY43R0C_j41HK3zrr9OWkuos4qxLieuLwtDHsx0JZdbZwCriNraCO5T5XGf2adz5DBM5phuuIf2L144gMuXUVsU_kJPFV8jy5TrgMSwI4dGtJlTr8WYzdfkTBO4WFVMwnzGmqJDMgto6qWPmD1jnvq6UkU8Hq7jK2g_xrV2vMgu2tq2KihqAyrWC7oryahMFDWMsxaibhJZWRS1yhMXvzvlFhUPiW3rdIasXhMX5pGFcmOpRBemGzIU-PGKZBfrvKS444zjDze4fPDI5qfEMouunUa3KR-sIEvftM_923jY1ZlWaDH2X2OxASt43nRqaMvSF0tdaJVJY_RZhUEtAsahbmYZFCa1SaVsut-7hPzaRpN4sL43fyTVCpGt-8dyVWONk9LlOYnAUe7yvhKrVXIjqSQjR1_IsCX-5_FndVUYabWjIgfKWrWGD_MczV74ASRvT4tYgEK8bUpCK-UeuiTQoKYzXFXnLvJcnpx3EI73SEJ7a58qYQDTAeHBpHWok2j8AXEWkjKAj30I7yJ98nrGKGibUK0hIfirHr2YjTFudX-dzkSbHQLvNMua4djGL1FuxzJLL5NnHF8XwXdUhhyfyi6msGaSgJULmnaHopB-xCHXD5DDnn5r3Vk1p9c_08O_-IIAmzHD4z8-lVzZkcMFzYAGRz7ZWe8aOxxCuNsrnkNpLJ8HBCYcnWbhlFCH8aDfLenCmMn0vfcCVPZKfoImuWAkh-KXQwoROuK0Wd7QHHJIZ0JCghtKcsQ1G4ENBvmfXqbEjRDAyA4vtaq3nqSR5flFqifbM6W-S5y91mYbPiNOgdinZJjO6_EzGTvgOvqnoQMXUcYUSh2cneE_0a5KiNoJj6zwBSsnMd_tU61Sqh6Hinyug3gyHyOFITrkwMTD-p_vNFMwJeiLVt75eq_13uo4wm6OAxMQUAPYsNQ-vhxDz3zc4TMB_2k4z7hCyYZBYKE2_ddJG5cKiIBEKaTKApDQkHeDDqeKGTkHirfNBeHYbqARAb4KZa32vPdC6mxM_YMp02gbKnQbv4IU45IC5YXNZppYSHsk2qY34ShB9YXE1pc9kaIjtoZt7d92-pfS3-5DCo-18aymOLAXG0w&sai=AMfl-YSq8CU3X1TKw_0sv62RvsRhGSrY2pDqh1WVoC12Z8W0wnzGM7vXM3kyllWftvg37RIuBRumyfsdnGvaT4RoNgct__yr09qAAXSryvj2r_17Pg9-ysr3qvRGv3PsVFBlV1ntVM-JJ8XgmQ2VIr6eT8-qI0i_JOnRC43sIhIEYG7af0Q2EiyXpbxISqPS_mBDc9o0H0J5lcDhb78AHo7pDN_eaPG3mCO7UKdFx8ovJrvR5aTiLAXjAJQnVqmmRBCd4qaCoeKAr0t_TYNIMoT79FMg_2MiZYnBe-IaXIDygST_oAQR7SetMhE9d6ZnDnXxixuAudm_SQkTXqSS7yvgEQkNtyWLAUv5cPMMu0IXiWiew9PhpEHR9fLyx-Oqe-T984r2oKUMWtlpBRGzGuXnpQ&sig=Cg0ArKJSzELxuJGMibybEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=656&vt=11&dtpt=366&dett=3&cstd=287&cisv=r20220511.66878&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 08:40:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
218 B 65ms
65ms XHR
text/plain 185.239.174.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.174.234 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://vsim.ua
Date: Tue, 17 May 2022 08:40:26 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 avoury_300x250_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/4513369066257921189/images/ Frame D5A3 94 KB
94 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4513369066257921189/images/avoury_300x250_atlas_NP_1.jpg

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20b2333b53836cf14a2dafa5bfdc32d066d0b5a8b6049035298cea4d07de8a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4513369066257921189/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 21:07:37 GMT
x-content-type-options: nosniff
age: 41569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96418
x-xss-protection: 0
last-modified: Wed, 11 May 2022 12:09:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 21:07:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB29 0
20 B 96ms
95ms Image
image/gif 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5F2_eV-DYv3-JIG83gO9nJ3wBgAAAAA4AeAEAg&bg=!WFulWx_NAAZL3OSAa9w7ACkAdvg8WkKzpSG7Ei6cS5GuTXEubFnP2t_3KijFVV2HLeds4_NO-fGpYgIAAABVUgAAAAJoAQeZAvJP41_MSuXv_Muk7U-lmb6LfCz_EH3e-o6-BEKTVkle-_eZn9r6Pk8HiRG0L71qzELLfdq5txmckhDzL6_8VJei2oFONdQd9Q5KYDc-BKShTbpiPR3VEcy_13d_ka4WckfUHVwLHACudYPonWoyBY5dBtDQSoOeMdg7ZWv1sC2M6zxPb-CHpQAWnyRaBpprh5G-movGaRKpxRCcsKY6YpjLq4wUsuRv9k4_hALLw_tm51ruZKdbwwyj17yKc0l066HwBwCvZV7WCfibdMrU6eP41pTN7k8XE70KMEhjfWp56rlwpGwkq71bBiRAfgdQ9dbQpHNPS-2QrZtqWjGf9SVj80zYxQix-heKJ8OCJ1JcrnRxFAJGhx8ZmIo7CIyFrSVDnk_Aufbv0upQkDavWkjHJbm26h_G-mzzJvVALfpbtkLxWYOpysqKVpsDiEiqq-vXZ-Z9Xiv7dNCRMnSc3RSYUD7BQefPYAIZsxZ3ZAeiExRundfTdvlW4x-reCH9WqWXjNYnBnDgpiIMqoOYdyp05GpvRhaTTVOs61ClnfnnNEOlu3GAHTSegrtOsGkE9QQQg5tv7M5yTXa4y9g8EvZXYfNg58JLlgpmf0ie7jQ9Y8u27iaD-gKQTcy3jdIaSR6oTzYcAgLKaCVyqow34zOKEwD508gou56gojV9rB4T6MJfq90I79Um4-PhSCRwj8dOcKChaf3llS4tZtcAUbua0yldH7o5XcK9iwnLR7zvMWwHsmeNBlctRgKSdQR55qVAEW72pLEXX-4kDeXd7NFlOZrcdTY6t_KkEFrrFd2O387R4UtWY2EZvQUiCh1cyXhGk2Itjt_FxlNvEaYzIXh8q2t9ouhCnF7HFS96yU2dfyRZvqOmTTknxAcvZCSIswboJFS2ss1MhSwvSwRKx_vrHX8CNM9KVvbo0PaWTk-0XbUlTrLHz0yDvlw5c0MFrDg5dsgWxzitGoAglWxskmLJ7yEbn3is0cgv9oY7jmGwES-D

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D5A3 15 KB
16 KB 170ms
54ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 48752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 19:07:55 GMT

GET
H3 200 container.html Show response
910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5743 6 KB
3 KB 54ms
54ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 08:40:25 GMT
expires: Wed, 17 May 2023 08:40:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E5E0 0
0 90ms
89ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvst-FvlYv-ysl6QQTWbJOH2rdhjUrHkUItK5AhxAbMzBmuWU8NmRcY3YocZ1XiDHUbkORi7wxZXGOzT96OL6PGrSlGxGUydmgmASg5axZaG2L5RSclwVkcc60LQWb-5EI9fvGFDSc7B_L47OVreXm8ANLW3niCbrBt5UKKUX3w86_vDLWsaVLbuEoCw8Zxl1om7kNoKrbr2S6DM850Ul76uSF4apB-0eJoCOeJUxWSlfXAc4xTpJpfwZlHqprFCNhtS0XczIXKM3eNvi6TIfVqEGRcSGjKY7kad1SCKJNRMfwfTlp8yY2GzQ&sig=Cg0ArKJSzOGCqHSTbR7cEAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 08:40:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame E5E0 19 KB
8 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 11406487492938680093
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 08:37:42 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame E5E0 3 KB
1 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 08:38:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5E0 121 KB
37 KB 237ms
126ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 17 May 2022 08:40:27 GMT

GET
H3 200 2847436980449868097
tpc.googlesyndication.com/simgad/ Frame E5E0 52 KB
52 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2847436980449868097

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b9d55d1c0ae9b9197dcc675fd800d36df2ec219e883eed8386c8232b591c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 14 May 2022 18:45:16 GMT
x-content-type-options: nosniff
age: 222911
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53489
x-xss-protection: 0
last-modified: Fri, 15 Apr 2022 09:19:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 May 2023 18:45:16 GMT

GET
H3 200 container.html Show response
910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5FC3 6 KB
3 KB 54ms
54ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 08:40:25 GMT
expires: Wed, 17 May 2023 08:40:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A02C 640 B
316 B 68ms
66ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNWlXAklv1-dkKSpvcNI32MNHgeA1xcc9hdzB411nUqCh81vKsQr_h7X4topDFr4mKhN6zORrKQ1kLqW7XHwRmWNTxgHYxNYRK4NHYWUiUEU19HAKX64TF09maMWCLr8RduzFjNqUFRnNzvGFajpV1DApwMgHc8PD54geQemZqPjnC4oi-k

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 08:40:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5743 90 KB
35 KB 97ms
95ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOXUTRCTU_iCWEqyXkZmkQOP7-gaqOSj1kB9BtKCyQlH91kQ9l4BP8LbS10Q16qQFr0_rpddMQp1wNDQeUfV4qzFpBg5X_Km9gEiAtivm-BEdiybuSNff7WjK1c7oewP5vsbqEzrpRArSf-wNrbN1w14U1Wg&dbm_d=AKAmf-A8D2bT33WAZOOB-2VI93inX4YLLpo9MJ7a0JUJfJSME4-S7C085oTPSta5r1Ci2KrKW4pS8vmlhx6Um6cXbJMQkXkZsUklig1kRSUSkDkEJHMMi4l05mhoYnB_veYGPYXZNwuu1IoJESFUHiTNft84tf-kjpVQ_w01_SAp0gfxZusUOHfFvOCnnmUe0nyjluWtOSQF-zEZyEBlazN49uRdamcXYI1SAL_TQICwFYquDPn9EOw2V8sQlNMhz24o1EnQsGaOnDvq1RtfwgV18JnUH-IM8Wjhx6rZQ-JiGXW0LeQGEKOe4lyo1bpPkd0A8mdnyIbbnyx385UUhfc4EfQY4DR8jpNnEgoYUKx4TRnnPNhJc565v2H5HvHiwRKqoQ8pt3yGysee7P1BUd4FYqPTVA8fc3bUC7SreC7_VYJX-hktw-2DN74UAzMiDSalwdlgKe2HX3ViM_ED5yDaPvqnMC2QsMApJHiF8bOsTDAqSCZwjPlLYc_619SCAZYK8lXG2COEXd5jTvrE6e9ZN1SjOlhL0yd4B0x6CWR0TQc-HrsGHR0x5szyEWHYlGJtNugIP8cYw8u4qkPBfjaNaPZVNoYeDtmGDnkObeAvVRHnUIA8u3PiL4uYDMST4yoqNLny2oMeOMlSOwY6VXtUsNqK_O86DV14Qh-In6bMEvl2uJB7r72EKxuy2TOumuOyVK7pkPvRza30mk8mdO2qz5viFbSoKV_1IdGOcNAc8NFUz22M4_IoG9ENipB6aeTHChQqQnHxD70i2OHO7cax0Qf7ikyNl5GfVWn_T9NSRATCKx9fWl3PRKUHOn1vx2ocYpbZzJaxw2yt9pCphOE8Hm3i-EGKqtKqIdt9GjPptalersNd88D9HaQRIMFvrfpIFsh1-34bGlBCs3o7tY9oMNV-UoPhkBXT-xE-NnjhL7Ig9-Ssb-fMmhUOrRmkx-7Q3GK1fV_lQL8OHKAwEVplJkAveC1wGuK3TtT6TJUNTdhZ5A3kaiFej72FC4YeNASoe2u9aSwnxCcfoSvGSEdH59BISER7HSU3i93UaxnRBUPCxjer4u0vd0k6vMGa6DQlkmh8kOwAeSSD2s0MO3F4TWr35DYnik70KTFls5WCj8WfQMPDqpBAF5UmSW4IzQiA-PKAond44TJug5I7FAJzIEtaRH9ybvSnRAyAkoIsRTb-NXE8u1ryXN6gcFI-8rdW9rctOQrCnPCB_zcuvt4QfhgIT-s0dY2k6LRoN_iB46AkO-m5umwLmeAiGUIfpwyP6FrofoVjM52ZpgsWMNpboGQc00Z2RfNDnaTYt7wU36fvGecNw0GwwBkzSxZ3J8i3mBeduEDQO3DZ98tL8MyMwSA6F9RI9I90HafyZl5sLErL9FHIRc9eXJEQwv2dll7vwLy92aWGJc6dAPuFeuYbYRgelPNhqc_xnGns-yisWG2hSEb24UwJlVxa0mdGjXmIU1PDYnErLJvifvb_fbTg93b-QSXIgp1OpPZh_5jjmvnsLWahZMj9RyVatWTioU6yFXnMJUzWxc9HBZtLjiHx2BhZD1hX7yPqytP6gFu_ike2v756dHRPfannwgmbSq8f9ARoCDHCUsccRDcMoLyjmlj77xUEJnrlNjTT6P4jo4PgEMA0ekNoCxILFcUyG6lF3qDumLqj-DeMITsNDUbYAPbJaJVXVKFeADrmRNTjByRWwFdJo--dgx0j3Ir7a7Q8a7xXreYIWkNroRvm9ljFnQAtYe-rdjdcosyYm3MFnV6TxqADCIpfaFjTbFy-D8zERme18bJBPh-jYBdFSXCiKj6O4oKw7cbpAPea5dshUCiJsjVY8IHOifjegjHSWH0sMJEDJQ2Rp-Ai_DeJgybSGEYv3dsT57S3szo5esxbkIVOQZTyBOKu0APan670PulJgCICUFu2S2BRLJaFP5Ik1RHtku0RSX64i7DOt4i3hky4le6J8baCdqZD1l19AfI86dPMJR4P3Z9mMfF1ZUWpA0NO_Imlza-KQ7CtUNtnKT0r6avVPL99bHZQjVJr5GtZXhtcuM9VmgkXmG-H2tKOVpYgJyAbcUWS3ZXxyB33ewXtbD36Bw8hctpUk7WZM_V_oLSHo2ur59ZKZbnq8MXR_x1Hdao44kqt2PvwYF3NOUTHd9LyUsUnijVP_ndp_YNPoVd2Gynn212ldwS49X0wk0SGHy9WdZ0PXbW4-qPtuObuTK7yTIGBkyETJecr6Zx7m7bTfCmuWTPARqgCC5fo3KuQHYx_5VVdjJBlfv81Px7EF8onokywMdmFgv46cC94mNunT5zHstf6HCwu_nsa-9B3j3d9mt3Acn43EMnqQr_a2dSeuwRja8qj9bLB7hbhQ4Gkj9YS4r5UhSpaO-socF6Fq78jRDUgPMxSVNfHqOI6jeFIPklnzFuNCGV8uyWJIeSw1SY2DpcFnE3qG_JD2Ay-m5j04fLmEw0AdAQag4orNg1XnxfMgra2jsRjMtPNfD5rXiidrVlieC-OAuPz3hfrTtijj5x8BBWse76GkdbWxnsVip_0yqyrkOr6kqDlOijKSKlxerSYM4vuapuq0u792M01x7DYhO92aSyksJvlXY1LTdDf_6MmCP4Ep2sigMSyvrCfgyQL15NBYqw3CXDt7KqY0zC8YZ0PKoVDo-3U_1Fok94zMeIYH2zrbE14tTieBo3NMyySgozl4dXKdp0yYsbjpJ1Jxa9n0VlUOyYH3v0R0_fzzg3uSzSbcS19eGBTsK1OjPQT2PVXSz8LK6g54VtTjqSQmDDrdz_I-5P9FW7opUs26kl9uZ13P8_9i5BfGgwDL1g9SGH4LypEW2O1WUFUGOOZ7GMXzCB6WJgmedr5a6VW73H15Wygar9wMMkghcHXM1dcwvW1cJn5GdZD8Iev96gz2pkQUAdgVsB-jXTA4Z7TVhr9oJ8_cPJtOiEKDlyyBdtmDSOnLyFJK3DqjSb--gPZQ1-WXJVFc7vIoodKf6mC1DLSefdxgEEZ92PgIqnigrd5J-7ZDJSIeslzj6VRETFrKnCobL0uBzyaMewYtxgAlSndFlGsF7WmCHTaJxNz6TbeoN9Q-l1DxCUNVtKLLMDv-c_nMHohfAvs5qJsiRJQGKWmptSsvTFWVYbYbwxGW3TlPjMX8b5KnU4waAxz5YXOxz_0ncaL1uPwoFvmdPyhV-a4MlwtZ55IGWjQUQU2ZoHzuhI5GmWXyCCP_BagKQnDLZzn6NnPYEATP7C0M9o8ki0vlkyKYxy0wccAyNIE&cid=CAASJeRopFiPtRhGLYdDdPHuE9G5cBLXZcDWqXWzxjpyDwCwsddN1_U&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b886004cb28daff05dafdbc4267077298a878ca4baac91202e9a5c82314c2a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35695
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5743 42 B
63 B 93ms
92ms Image
image/gif 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BX2QD91ovof2H2pHygl5fpNGIudWQjxsW3MxRRp9cOgInenKb_Jmil93ZLa11hNKK8nDxR5o-Tu0t3vy-HSPxAKQGg2T3qi_-UtE-H7VamuIyyTT0

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 5743 3 KB
1 KB 76ms
74ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 08:38:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5743 121 KB
37 KB 160ms
106ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 17 May 2022 08:40:27 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 5743 15 KB
6 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 08:39:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5743 0
0 179ms
62ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9weqvnqSnpB9VQZL6TOjxIbDHa4SBKckRaoTQ2SvqWGxszc7v2VvFyHQlC2UMLEWFtDTo2RDpRooYSkWz5IHek4nxyQ
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C01B 586 B
315 B 69ms
68ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYzJyMyQEwAQ&v=APEucNUKc5ZVX0C6P92Btd9LYLNa2pGcZROJLnr9HY48ol3NpZF9axvpk90jBMVNA4LJPSpxnW3lhlj7KQOpgDgUE0z_b_OS2GTnV6IcWoYRYnp9gG4Ej8eJBMsSwRCO-cMo3v5wHnEYFYPn6q6ulhUgfWf0cl2G3SjMq2bNYjXw1EXCf3GlX1M

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 294
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 08:40:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5FC3 79 KB
33 KB 122ms
121ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZMrR1HEVmP6RLrt-BuF42peeSc_vOc9Ss94G6jkMTZF-jImyjrnktIZwaw8guzGb5Eh1GPnxXeVzqrLltB1vyIGBS8bXf6bxDlx_qliZp_VVkgpPY97RRzjQs17hxH85GFMl2KxOsEbnqrwnZUNPU_jN8GA&dbm_d=AKAmf-CsggESuJtKjhGRDqWcBVPY1tnfQ2vG9OmjIgAGKVKjU-4UPQiAZaC3HoZZbHJlWuTTlxZA5OnZ3p8PjMh1ISW7_AxEGT0nC4xZ9YeK0Tg8dmcbXrCWC-ma-j419xPdNtZXXenCiHAEvRIW39cKuPgxQF6FtOI5WhW9IUSeJj_fiB4XsFDuVKt58tJl2GFPoalDPkv8blkELnsG87ZGXVN_XgS9Qa2zvzc7mOPj-ZukHwS00Ww46d8ONTAX0ApzPiY89QdS1bE9hd1YGEzhYerkDY-xNxN5EYJMqtrN2w9ZqCU_-FxfYbjodpzGLNdm_zozZNS8VH7HSPxcemxN11L1-HZwkMM0m4K0Sf-VKkxmjjOhY821qy5Flv_tXfQS-yFCbGgNrnNGYsTJk8EpvuNWHqjDgky4ivHrSzyrSxJgYwKPWZkadljzVLrRHMRFrHhQAAZyVd_Rs5m2ndiGnCaAu2xarVcv6jCzwBImvKCIoFsM7N0Vpe_d9xcubzmBL7xcCX0B5iSUxaOpZcnoUBGLAcFqGYl6e3toaDnFcGvQ5KUfDMUd7nyp1gMNCUzt3bIwMB-5b0ymA_jppDupQNNFLkREAwG4VjW5z5o2t6oZzCbBHsRTrVek6ewX-CykWHZTYcNuf72Nx5jA_4rgTdeIsl5rHUAmLUc6uVngLCBnEoGtNSHrWYnYclPmL0Sqp_50MquB_uwJta_qx4T2XQ3haj0fjBR-CvGQ8BrKPx8E7OLMJYDWSvbnoAC37TUrLTsUHQ5bj-REcwOBaClLXJVJAtkrRP2ALWGRclVl30b8tCbIn9LzS6jr7_tLgWyIMyeKh9P4jqyDWAvTAw4pLKyPKVlAx3sw00-ULEYnGdlTMrLldKKXnxw79IEoonhJixfPBpG-MNSvIrXR3IWjLBzKxZTzm76Q6XEn9zSYbZLTwlGVeqyOVirom9W9H4XVqD0OO5vW2JKc4evZAwt8dzuNC4Wt05wiq30nFBruRbZQXp1PzQbGcDhBINn7HCG6PbMDvTFSjSu6AvT1elOwxT6-Kpuv8nMVMYkIgL4BS6wwzLXEk7YvhIxHBFWtBcaQhUmPQctplpvo2hQf8oPmmnaA4XJRo4qiA4UH53nU1NP9InAhhhs9KHu2L59PmrngmQpZdVNIaXwIkIAgnnCeT-v6FdDzx3iAayyBn1zqTyoUrqWnHi8wG41vMRsC_RzDA8zWhYFQvWrbsYAKBRU8CB62ClTSOJfqtAZw_mt0KQoJYxIKOlrWwwhF_NOgQx5FtFoI7mZnEFmAF9tMXK4Zt3Jxc1kikEIYNe4w6xlJxhV2V928KrT4nmCYCEQIZGmiCJBlfVM2IR4jx0RFcFiiXTxVY3euRvVoXb-1ncnI-ewqwqqKsL2j_4A0OniLq8iNEueWMwMAYeuS5W6lgZDKpcwjTRZmMvFG5tZq9Zota6RZR0IrbRsj5q_AuFM4U45s_n05cl6Sd6w1U8CIp0i3UJXggwlL0iOYheoEBDm8w85_iKlcmXeOkcuDUSOM5-EVQphOYRpqqQkpXUJ5AbfIdgcdJQzHYR-bdXa5-YyXdWj6DOTynC6ie9ZtO1zcE4HBsxQulJGl8hikZcGtcG-XDGoNMJ_ONCSMYCeOjv2XgXEl__itGFGVP3TGwDs2g1ofOJhWtzuoatRXMH7wtLi2yZh9ndYphF7Wz-oDvBnwyorNF29t34Ibwcxoci6vzjz4ou0Nm4C5o-ztqh_zU46umNNUo-6i5CEW1GuAHUUMKyNSmlrwYJS1JApdcuUTX5LNcSelHxjqz2466gXB5z-WBte_HIpFRcqrvlTm5kscAEnNMZES34pCifxBJrAU6vySn2xAXZF6bhnMqSSKDpdQ5uANjmaDlpR3TZ32asaInt5QLnggIrfhtZLc3WDKOeN0e-ScdTrnYHJ0_8SbJhM65_ZdlmCtyAGlzfXploQ40_sOChY73ALW_lWF6TuNTEwPgOm9_QSV5tAD76sJKuykF3uAhZV1j40Eee4jyID4KLEC1ZJInyVLSc0sr3_QFAQtSW-cI7XLackUEO4roBUhNYRShKN8PpcifRAg1Tqmsjr7jt9lotvNAKJdGqm2CFGh4P6WdoceCR0YB4jYCqC1HNHdI2xiXqfgHr-tHhkyuD4xdybqXi-vkdWXZ5RPSD6jhdQFE-PA_WtOE5xIwvzOK0KQyPD_sEMPzc2GOExs9UXcP3E4ORLJLQemyrODMwd1Vxi0mzAOiHiSfKaT6jOqg8yvpF60fDJBoi09W8cuxagane0-rWkK33b-3aSyMrhx-kzMBzjjYtOWpnCK0j0YNBAr3VZ6WY3_xKBE7HrGg_ja1Uuvn3KIfS2wvQCmjNjFckYLsPIt2ideP09CkNDUi8x2nwUuQ_ofR6B7jac_SP5-if8wS_NF6bA3AQCb6jkAW9QfQ7zDBycz0vb6Pq2-bvc_uAY_9vgrhQcnm-_Vpdfc7VBFJ5pLjDE9kwtGsE3gTLW1R8QNoCvcfrIIitZE-sefaBKPegOHpMcOznWE2HP7Yw-ko6OLTx2TWsejM1Y2qwyb2f_GrQJKMzdGkZTi68EU5kilsNSh__4F9TGa7NHxkrZgt1bKPkXeLjBqCC3oI7xJE6zbmHxc1a_64iOsiulnUDyi5AJ7BiU1ILp2AcCTzEkgJBR_5ixTbzBY-qsvn21191PjBVwGqQZD2dmRdk4TPZNud82MeZEv8nwTVrN9sGNj41gj8h61akOiz9DKnUFaLuzZTYqtBimVPg4muBBvBL5ovYWzxPBuQoEs40YeKnZNRGHLH0WsggO1LunHNCVVqQrxTsjVVKxIzhUtVsLwj0D037r2ss_hXH2TbaYQefXkJGSD-iH6rDvOJuKjZWBSIlUwGtE73p6SImXkbsAm28YWDvGx1Ec_rn28s_cKeXYel80-TAHFS7KSPXsNNk2MlTBcAF_AEW51sk1ZOI1ujrIlRn7PmJLnaPAIJUymx226n2u9LEcPeEQrev0LNNkuDL1nZ8hfGYF_Q2K6CJpUlx1ug882RhpTybQAdy4rc1OlpGiOQkWRrksRD0MLUbO0fVfNPvfRFRlJwkN6fvLIDnEiF6i0-y2qGKVk2zRLeIibcwZlNnWEAmkfES3_CsNK0DdBz9-Bz4IQRbmxzACJZtmVFs6rf-O-CrXBHJdgDh9kwTmJe3_Rl_Ai7_FdOzyQ_AgeZLk3gAys-Z7uEEqGq0skpIE2eVtmqPu3-LCsuHwX6mIBwlR7LrqOvv9ZkURelv5v4u6LSwLEAWNRgrz8zNHcCD-LiJ2RTmb6t8WsBCHwBCHqh7NqBSYt3goA_yW52AXCL_vG1ynv2-WhoDyb8yC50d8gce2X42bxki2NLyZzcOpu7AeTMQgnxMe4ltskzu1AWxAiwOV5LbVvZWXVtZcKobHxZIuUqqXTOBpD7HijY6fnACBsaMfAXWvojiLx9xvsMoRDOtkXjtVyoCKYGiz7d-Wbfts-7QYuHx-iJN3I3J60NxIMj8Y83hb8tZ6C_W8lm3LwkfwMaoTiXPy1BfRBTUHd1HaoAnjcRiJBUWFnwBgi8kmdpHA4DCWZRN_q918BuJ81ySkn11j-DB8dRF7I8cf0lVbPkzYyDFujRXAh8NxHg7nr1_-j8ZNhcTvGBU78&cid=CAASJeRo5kzBeGSDJAAaF0ihTdYW7Mm2Gw8XQwHm7YzzB28E_j4TNao&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

3ff86819995fbf8a21a0f47d80e21a6b6bdbbf1215b47a831f54778eaa563b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33447
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FC3 42 B
63 B 94ms
93ms Image
image/gif 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cc2hnLMoXfXz8cN2wKeXIxjobgcThobBTX9M9wMxhFcFHluKj-K02ylewIWz8v4h2DYRA4hYlrvtP9sPHAZB0Jh3NXKzbaIRpMVBAe-VNVNxIdbt4

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 5FC3 3 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 08:38:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FC3 121 KB
37 KB 114ms
73ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 17 May 2022 08:40:27 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 5FC3 15 KB
6 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 08:39:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5FC3 0
0 166ms
61ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRl4F6rjJ8LhEZ4ftSDJMug72eR06EcRaRvIohqSaC0rUZR_zb3TqMzxvEwnSeNa1cp31UYX1ayDcqm8dLMHJhZhKWvQ
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame A02C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMv6nblELRlo0fVZGKBOr0E&google_cver=1

43 B
61 B

121ms
63ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMv6nblELRlo0fVZGKBOr0E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNWlXAklv1-dkKSpvcNI32MNHgeA1xcc9hdzB411nUqCh81vKsQr_h7X4topDFr4mKhN6zORrKQ1kLqW7XHwRmWNTxgHYxNYRK4NHYWUiUEU19HAKX64TF09maMWCLr8RduzFjNqUFRnNzvGFajpV1DApwMgHc8PD54geQemZqPjnC4oi-k
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
via: 1.1 google
server: OXGW/18.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMv6nblELRlo0fVZGKBOr0E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame A02C 43 B
131 B 70ms
63ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNWlXAklv1-dkKSpvcNI32MNHgeA1xcc9hdzB411nUqCh81vKsQr_h7X4topDFr4mKhN6zORrKQ1kLqW7XHwRmWNTxgHYxNYRK4NHYWUiUEU19HAKX64TF09maMWCLr8RduzFjNqUFRnNzvGFajpV1DApwMgHc8PD54geQemZqPjnC4oi-k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame A02C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEObr5B9DR_f4Wbfn9UvV3vU&google_cver=1

23 B
172 B

176ms
91ms

Image
image/gif

104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEObr5B9DR_f4Wbfn9UvV3vU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNWlXAklv1-dkKSpvcNI32MNHgeA1xcc9hdzB411nUqCh81vKsQr_h7X4topDFr4mKhN6zORrKQ1kLqW7XHwRmWNTxgHYxNYRK4NHYWUiUEU19HAKX64TF09maMWCLr8RduzFjNqUFRnNzvGFajpV1DApwMgHc8PD54geQemZqPjnC4oi-k
Protocol: H2
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 17 May 2022 08:40:27 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEObr5B9DR_f4Wbfn9UvV3vU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame A02C 23 B
172 B 280ms
91ms Image
image/gif 104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNWlXAklv1-dkKSpvcNI32MNHgeA1xcc9hdzB411nUqCh81vKsQr_h7X4topDFr4mKhN6zORrKQ1kLqW7XHwRmWNTxgHYxNYRK4NHYWUiUEU19HAKX64TF09maMWCLr8RduzFjNqUFRnNzvGFajpV1DApwMgHc8PD54geQemZqPjnC4oi-k
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 17 May 2022 08:40:27 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame C01B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEF43hW6uS4kMCcACxsiBoSQ&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEF43hW6uS4kMCcACxsiBoSQ&google_cver=1&__user_check__=1&sync_id=00a53553-d5bd-11ec-ad1e-152b84bd0406

43 B
548 B

52ms
52ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEF43hW6uS4kMCcACxsiBoSQ&google_cver=1&__user_check__=1&sync_id=00a53553-d5bd-11ec-ad1e-152b84bd0406
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYzJyMyQEwAQ&v=APEucNUKc5ZVX0C6P92Btd9LYLNa2pGcZROJLnr9HY48ol3NpZF9axvpk90jBMVNA4LJPSpxnW3lhlj7KQOpgDgUE0z_b_OS2GTnV6IcWoYRYnp9gG4Ej8eJBMsSwRCO-cMo3v5wHnEYFYPn6q6ulhUgfWf0cl2G3SjMq2bNYjXw1EXCf3GlX1M
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 17 May 2022 08:40:27 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 11
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 17 May 2022 08:40:27 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEF43hW6uS4kMCcACxsiBoSQ&google_cver=1&__user_check__=1&sync_id=00a53553-d5bd-11ec-ad1e-152b84bd0406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 80
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C01B
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDA5ZjEzZjQtZDViZC0xMWVjLTgwOWItMTM2NWVhYWYwNTA2

170 B
188 B

65ms
65ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDA5ZjEzZjQtZDViZC0xMWVjLTgwOWItMTM2NWVhYWYwNTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYzJyMyQEwAQ&v=APEucNUKc5ZVX0C6P92Btd9LYLNa2pGcZROJLnr9HY48ol3NpZF9axvpk90jBMVNA4LJPSpxnW3lhlj7KQOpgDgUE0z_b_OS2GTnV6IcWoYRYnp9gG4Ej8eJBMsSwRCO-cMo3v5wHnEYFYPn6q6ulhUgfWf0cl2G3SjMq2bNYjXw1EXCf3GlX1M

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 17 May 2022 08:40:27 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDA5ZjEzZjQtZDViZC0xMWVjLTgwOWItMTM2NWVhYWYwNTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 105
Connection: keep-alive
Content-Length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55946/ Frame C01B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEHTuFDa9Ja7tr7Lr6yThXbI&_origin=1&google_cver=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEHTuFDa9Ja7tr7Lr6yThXbI&_origin=1&google_cver=1&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEHTuFDa9Ja7tr7Lr6yThXbI&_origin=1&google_cver=1&apid=UP0097db10-d5bd-11ec-bf71-06c845b44618
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEHTuFDa9Ja7tr7Lr6yThXbI&_origin=1&google_cver=1&apid=UP0097db10-d5bd-11ec-bf71-06c845b44618&verify=true

0
184 B

63ms
63ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEHTuFDa9Ja7tr7Lr6yThXbI&_origin=1&google_cver=1&apid=UP0097db10-d5bd-11ec-bf71-06c845b44618&verify=true

Requested by

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:28 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEHTuFDa9Ja7tr7Lr6yThXbI&_origin=1&google_cver=1&apid=UP0097db10-d5bd-11ec-bf71-06c845b44618&verify=true
date: Tue, 17 May 2022 08:40:27 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C01B
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP0097db10-d5bd-11ec-bf71-06c845b44618
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP0097db10-d5bd-11ec-bf71-06c845b44618&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwMDk3ZGIxMC1kNWJkLTExZWMtYmY3MS0wNmM4NDViNDQ2MTg%3D

170 B
188 B

64ms
64ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwMDk3ZGIxMC1kNWJkLTExZWMtYmY3MS0wNmM4NDViNDQ2MTg%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwMDk3ZGIxMC1kNWJkLTExZWMtYmY3MS0wNmM4NDViNDQ2MTg%3D
date: Tue, 17 May 2022 08:40:28 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B3BA 42 B
64 B 219ms
95ms Fetch
image/gif 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBARtJcdNpnrjNAWkKPJXnWcinpZlZ1bC8tdyPNBtTg3mCYlFJkd10MhXsaqPMP4WSnboJjNU-rBnJW315TwMVvbSO-CvohszMrWIu9td9n-XfYhj_S48uEPGQ&sai=AMfl-YTTzvPQvrkRawfO0HwDztfO_QaHPQDmaFlyv2_0vbwbESTP99S42C_t4cssbNNvnhVGATXNzmpGvz3sWaq1HQ6OVFl6AiNe8VYJMoNXODeBrWjwP-tYKGvpXMikJZln&sig=Cg0ArKJSzCdkdKxIqZjGEAE&cid=CAASKORoHmMsCgNNGwczeTpYhYGNpjG2TLOOyQTICwhu7oeFwQxQNOgFz5g&id=lidar2&mcvt=1002&p=228,1092,478,1392&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=978356717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652776826045&rpt=521&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/996673/61756196/ Frame 5743 46 KB
12 KB 214ms
58ms Script
application/javascript 52.213.107.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/996673/61756196/skeleton.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.107.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-107-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 73ebd64cadc393ad477076e841f83f895e77d68d0262e4c4727d9d7412ff8c34

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5743 106 KB
37 KB 163ms
54ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Origin: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 17 May 2022 08:57:18 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 5743 8 KB
3 KB 60ms
60ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOXUTRCTU_iCWEqyXkZmkQOP7-gaqOSj1kB9BtKCyQlH91kQ9l4BP8LbS10Q16qQFr0_rpddMQp1wNDQeUfV4qzFpBg5X_Km9gEiAtivm-BEdiybuSNff7WjK1c7oewP5vsbqEzrpRArSf-wNrbN1w14U1Wg&dbm_d=AKAmf-A8D2bT33WAZOOB-2VI93inX4YLLpo9MJ7a0JUJfJSME4-S7C085oTPSta5r1Ci2KrKW4pS8vmlhx6Um6cXbJMQkXkZsUklig1kRSUSkDkEJHMMi4l05mhoYnB_veYGPYXZNwuu1IoJESFUHiTNft84tf-kjpVQ_w01_SAp0gfxZusUOHfFvOCnnmUe0nyjluWtOSQF-zEZyEBlazN49uRdamcXYI1SAL_TQICwFYquDPn9EOw2V8sQlNMhz24o1EnQsGaOnDvq1RtfwgV18JnUH-IM8Wjhx6rZQ-JiGXW0LeQGEKOe4lyo1bpPkd0A8mdnyIbbnyx385UUhfc4EfQY4DR8jpNnEgoYUKx4TRnnPNhJc565v2H5HvHiwRKqoQ8pt3yGysee7P1BUd4FYqPTVA8fc3bUC7SreC7_VYJX-hktw-2DN74UAzMiDSalwdlgKe2HX3ViM_ED5yDaPvqnMC2QsMApJHiF8bOsTDAqSCZwjPlLYc_619SCAZYK8lXG2COEXd5jTvrE6e9ZN1SjOlhL0yd4B0x6CWR0TQc-HrsGHR0x5szyEWHYlGJtNugIP8cYw8u4qkPBfjaNaPZVNoYeDtmGDnkObeAvVRHnUIA8u3PiL4uYDMST4yoqNLny2oMeOMlSOwY6VXtUsNqK_O86DV14Qh-In6bMEvl2uJB7r72EKxuy2TOumuOyVK7pkPvRza30mk8mdO2qz5viFbSoKV_1IdGOcNAc8NFUz22M4_IoG9ENipB6aeTHChQqQnHxD70i2OHO7cax0Qf7ikyNl5GfVWn_T9NSRATCKx9fWl3PRKUHOn1vx2ocYpbZzJaxw2yt9pCphOE8Hm3i-EGKqtKqIdt9GjPptalersNd88D9HaQRIMFvrfpIFsh1-34bGlBCs3o7tY9oMNV-UoPhkBXT-xE-NnjhL7Ig9-Ssb-fMmhUOrRmkx-7Q3GK1fV_lQL8OHKAwEVplJkAveC1wGuK3TtT6TJUNTdhZ5A3kaiFej72FC4YeNASoe2u9aSwnxCcfoSvGSEdH59BISER7HSU3i93UaxnRBUPCxjer4u0vd0k6vMGa6DQlkmh8kOwAeSSD2s0MO3F4TWr35DYnik70KTFls5WCj8WfQMPDqpBAF5UmSW4IzQiA-PKAond44TJug5I7FAJzIEtaRH9ybvSnRAyAkoIsRTb-NXE8u1ryXN6gcFI-8rdW9rctOQrCnPCB_zcuvt4QfhgIT-s0dY2k6LRoN_iB46AkO-m5umwLmeAiGUIfpwyP6FrofoVjM52ZpgsWMNpboGQc00Z2RfNDnaTYt7wU36fvGecNw0GwwBkzSxZ3J8i3mBeduEDQO3DZ98tL8MyMwSA6F9RI9I90HafyZl5sLErL9FHIRc9eXJEQwv2dll7vwLy92aWGJc6dAPuFeuYbYRgelPNhqc_xnGns-yisWG2hSEb24UwJlVxa0mdGjXmIU1PDYnErLJvifvb_fbTg93b-QSXIgp1OpPZh_5jjmvnsLWahZMj9RyVatWTioU6yFXnMJUzWxc9HBZtLjiHx2BhZD1hX7yPqytP6gFu_ike2v756dHRPfannwgmbSq8f9ARoCDHCUsccRDcMoLyjmlj77xUEJnrlNjTT6P4jo4PgEMA0ekNoCxILFcUyG6lF3qDumLqj-DeMITsNDUbYAPbJaJVXVKFeADrmRNTjByRWwFdJo--dgx0j3Ir7a7Q8a7xXreYIWkNroRvm9ljFnQAtYe-rdjdcosyYm3MFnV6TxqADCIpfaFjTbFy-D8zERme18bJBPh-jYBdFSXCiKj6O4oKw7cbpAPea5dshUCiJsjVY8IHOifjegjHSWH0sMJEDJQ2Rp-Ai_DeJgybSGEYv3dsT57S3szo5esxbkIVOQZTyBOKu0APan670PulJgCICUFu2S2BRLJaFP5Ik1RHtku0RSX64i7DOt4i3hky4le6J8baCdqZD1l19AfI86dPMJR4P3Z9mMfF1ZUWpA0NO_Imlza-KQ7CtUNtnKT0r6avVPL99bHZQjVJr5GtZXhtcuM9VmgkXmG-H2tKOVpYgJyAbcUWS3ZXxyB33ewXtbD36Bw8hctpUk7WZM_V_oLSHo2ur59ZKZbnq8MXR_x1Hdao44kqt2PvwYF3NOUTHd9LyUsUnijVP_ndp_YNPoVd2Gynn212ldwS49X0wk0SGHy9WdZ0PXbW4-qPtuObuTK7yTIGBkyETJecr6Zx7m7bTfCmuWTPARqgCC5fo3KuQHYx_5VVdjJBlfv81Px7EF8onokywMdmFgv46cC94mNunT5zHstf6HCwu_nsa-9B3j3d9mt3Acn43EMnqQr_a2dSeuwRja8qj9bLB7hbhQ4Gkj9YS4r5UhSpaO-socF6Fq78jRDUgPMxSVNfHqOI6jeFIPklnzFuNCGV8uyWJIeSw1SY2DpcFnE3qG_JD2Ay-m5j04fLmEw0AdAQag4orNg1XnxfMgra2jsRjMtPNfD5rXiidrVlieC-OAuPz3hfrTtijj5x8BBWse76GkdbWxnsVip_0yqyrkOr6kqDlOijKSKlxerSYM4vuapuq0u792M01x7DYhO92aSyksJvlXY1LTdDf_6MmCP4Ep2sigMSyvrCfgyQL15NBYqw3CXDt7KqY0zC8YZ0PKoVDo-3U_1Fok94zMeIYH2zrbE14tTieBo3NMyySgozl4dXKdp0yYsbjpJ1Jxa9n0VlUOyYH3v0R0_fzzg3uSzSbcS19eGBTsK1OjPQT2PVXSz8LK6g54VtTjqSQmDDrdz_I-5P9FW7opUs26kl9uZ13P8_9i5BfGgwDL1g9SGH4LypEW2O1WUFUGOOZ7GMXzCB6WJgmedr5a6VW73H15Wygar9wMMkghcHXM1dcwvW1cJn5GdZD8Iev96gz2pkQUAdgVsB-jXTA4Z7TVhr9oJ8_cPJtOiEKDlyyBdtmDSOnLyFJK3DqjSb--gPZQ1-WXJVFc7vIoodKf6mC1DLSefdxgEEZ92PgIqnigrd5J-7ZDJSIeslzj6VRETFrKnCobL0uBzyaMewYtxgAlSndFlGsF7WmCHTaJxNz6TbeoN9Q-l1DxCUNVtKLLMDv-c_nMHohfAvs5qJsiRJQGKWmptSsvTFWVYbYbwxGW3TlPjMX8b5KnU4waAxz5YXOxz_0ncaL1uPwoFvmdPyhV-a4MlwtZ55IGWjQUQU2ZoHzuhI5GmWXyCCP_BagKQnDLZzn6NnPYEATP7C0M9o8ki0vlkyKYxy0wccAyNIE&cid=CAASJeRopFiPtRhGLYdDdPHuE9G5cBLXZcDWqXWzxjpyDwCwsddN1_U&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 08:34:50 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 5743 25 KB
10 KB 60ms
60ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:34:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9773
x-xss-protection: 0
server: cafe
etag: 14407402762925951128
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 08:34:23 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5FC3 106 KB
37 KB 130ms
56ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Origin: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 17 May 2022 08:57:18 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 5FC3 8 KB
3 KB 60ms
60ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZMrR1HEVmP6RLrt-BuF42peeSc_vOc9Ss94G6jkMTZF-jImyjrnktIZwaw8guzGb5Eh1GPnxXeVzqrLltB1vyIGBS8bXf6bxDlx_qliZp_VVkgpPY97RRzjQs17hxH85GFMl2KxOsEbnqrwnZUNPU_jN8GA&dbm_d=AKAmf-CsggESuJtKjhGRDqWcBVPY1tnfQ2vG9OmjIgAGKVKjU-4UPQiAZaC3HoZZbHJlWuTTlxZA5OnZ3p8PjMh1ISW7_AxEGT0nC4xZ9YeK0Tg8dmcbXrCWC-ma-j419xPdNtZXXenCiHAEvRIW39cKuPgxQF6FtOI5WhW9IUSeJj_fiB4XsFDuVKt58tJl2GFPoalDPkv8blkELnsG87ZGXVN_XgS9Qa2zvzc7mOPj-ZukHwS00Ww46d8ONTAX0ApzPiY89QdS1bE9hd1YGEzhYerkDY-xNxN5EYJMqtrN2w9ZqCU_-FxfYbjodpzGLNdm_zozZNS8VH7HSPxcemxN11L1-HZwkMM0m4K0Sf-VKkxmjjOhY821qy5Flv_tXfQS-yFCbGgNrnNGYsTJk8EpvuNWHqjDgky4ivHrSzyrSxJgYwKPWZkadljzVLrRHMRFrHhQAAZyVd_Rs5m2ndiGnCaAu2xarVcv6jCzwBImvKCIoFsM7N0Vpe_d9xcubzmBL7xcCX0B5iSUxaOpZcnoUBGLAcFqGYl6e3toaDnFcGvQ5KUfDMUd7nyp1gMNCUzt3bIwMB-5b0ymA_jppDupQNNFLkREAwG4VjW5z5o2t6oZzCbBHsRTrVek6ewX-CykWHZTYcNuf72Nx5jA_4rgTdeIsl5rHUAmLUc6uVngLCBnEoGtNSHrWYnYclPmL0Sqp_50MquB_uwJta_qx4T2XQ3haj0fjBR-CvGQ8BrKPx8E7OLMJYDWSvbnoAC37TUrLTsUHQ5bj-REcwOBaClLXJVJAtkrRP2ALWGRclVl30b8tCbIn9LzS6jr7_tLgWyIMyeKh9P4jqyDWAvTAw4pLKyPKVlAx3sw00-ULEYnGdlTMrLldKKXnxw79IEoonhJixfPBpG-MNSvIrXR3IWjLBzKxZTzm76Q6XEn9zSYbZLTwlGVeqyOVirom9W9H4XVqD0OO5vW2JKc4evZAwt8dzuNC4Wt05wiq30nFBruRbZQXp1PzQbGcDhBINn7HCG6PbMDvTFSjSu6AvT1elOwxT6-Kpuv8nMVMYkIgL4BS6wwzLXEk7YvhIxHBFWtBcaQhUmPQctplpvo2hQf8oPmmnaA4XJRo4qiA4UH53nU1NP9InAhhhs9KHu2L59PmrngmQpZdVNIaXwIkIAgnnCeT-v6FdDzx3iAayyBn1zqTyoUrqWnHi8wG41vMRsC_RzDA8zWhYFQvWrbsYAKBRU8CB62ClTSOJfqtAZw_mt0KQoJYxIKOlrWwwhF_NOgQx5FtFoI7mZnEFmAF9tMXK4Zt3Jxc1kikEIYNe4w6xlJxhV2V928KrT4nmCYCEQIZGmiCJBlfVM2IR4jx0RFcFiiXTxVY3euRvVoXb-1ncnI-ewqwqqKsL2j_4A0OniLq8iNEueWMwMAYeuS5W6lgZDKpcwjTRZmMvFG5tZq9Zota6RZR0IrbRsj5q_AuFM4U45s_n05cl6Sd6w1U8CIp0i3UJXggwlL0iOYheoEBDm8w85_iKlcmXeOkcuDUSOM5-EVQphOYRpqqQkpXUJ5AbfIdgcdJQzHYR-bdXa5-YyXdWj6DOTynC6ie9ZtO1zcE4HBsxQulJGl8hikZcGtcG-XDGoNMJ_ONCSMYCeOjv2XgXEl__itGFGVP3TGwDs2g1ofOJhWtzuoatRXMH7wtLi2yZh9ndYphF7Wz-oDvBnwyorNF29t34Ibwcxoci6vzjz4ou0Nm4C5o-ztqh_zU46umNNUo-6i5CEW1GuAHUUMKyNSmlrwYJS1JApdcuUTX5LNcSelHxjqz2466gXB5z-WBte_HIpFRcqrvlTm5kscAEnNMZES34pCifxBJrAU6vySn2xAXZF6bhnMqSSKDpdQ5uANjmaDlpR3TZ32asaInt5QLnggIrfhtZLc3WDKOeN0e-ScdTrnYHJ0_8SbJhM65_ZdlmCtyAGlzfXploQ40_sOChY73ALW_lWF6TuNTEwPgOm9_QSV5tAD76sJKuykF3uAhZV1j40Eee4jyID4KLEC1ZJInyVLSc0sr3_QFAQtSW-cI7XLackUEO4roBUhNYRShKN8PpcifRAg1Tqmsjr7jt9lotvNAKJdGqm2CFGh4P6WdoceCR0YB4jYCqC1HNHdI2xiXqfgHr-tHhkyuD4xdybqXi-vkdWXZ5RPSD6jhdQFE-PA_WtOE5xIwvzOK0KQyPD_sEMPzc2GOExs9UXcP3E4ORLJLQemyrODMwd1Vxi0mzAOiHiSfKaT6jOqg8yvpF60fDJBoi09W8cuxagane0-rWkK33b-3aSyMrhx-kzMBzjjYtOWpnCK0j0YNBAr3VZ6WY3_xKBE7HrGg_ja1Uuvn3KIfS2wvQCmjNjFckYLsPIt2ideP09CkNDUi8x2nwUuQ_ofR6B7jac_SP5-if8wS_NF6bA3AQCb6jkAW9QfQ7zDBycz0vb6Pq2-bvc_uAY_9vgrhQcnm-_Vpdfc7VBFJ5pLjDE9kwtGsE3gTLW1R8QNoCvcfrIIitZE-sefaBKPegOHpMcOznWE2HP7Yw-ko6OLTx2TWsejM1Y2qwyb2f_GrQJKMzdGkZTi68EU5kilsNSh__4F9TGa7NHxkrZgt1bKPkXeLjBqCC3oI7xJE6zbmHxc1a_64iOsiulnUDyi5AJ7BiU1ILp2AcCTzEkgJBR_5ixTbzBY-qsvn21191PjBVwGqQZD2dmRdk4TPZNud82MeZEv8nwTVrN9sGNj41gj8h61akOiz9DKnUFaLuzZTYqtBimVPg4muBBvBL5ovYWzxPBuQoEs40YeKnZNRGHLH0WsggO1LunHNCVVqQrxTsjVVKxIzhUtVsLwj0D037r2ss_hXH2TbaYQefXkJGSD-iH6rDvOJuKjZWBSIlUwGtE73p6SImXkbsAm28YWDvGx1Ec_rn28s_cKeXYel80-TAHFS7KSPXsNNk2MlTBcAF_AEW51sk1ZOI1ujrIlRn7PmJLnaPAIJUymx226n2u9LEcPeEQrev0LNNkuDL1nZ8hfGYF_Q2K6CJpUlx1ug882RhpTybQAdy4rc1OlpGiOQkWRrksRD0MLUbO0fVfNPvfRFRlJwkN6fvLIDnEiF6i0-y2qGKVk2zRLeIibcwZlNnWEAmkfES3_CsNK0DdBz9-Bz4IQRbmxzACJZtmVFs6rf-O-CrXBHJdgDh9kwTmJe3_Rl_Ai7_FdOzyQ_AgeZLk3gAys-Z7uEEqGq0skpIE2eVtmqPu3-LCsuHwX6mIBwlR7LrqOvv9ZkURelv5v4u6LSwLEAWNRgrz8zNHcCD-LiJ2RTmb6t8WsBCHwBCHqh7NqBSYt3goA_yW52AXCL_vG1ynv2-WhoDyb8yC50d8gce2X42bxki2NLyZzcOpu7AeTMQgnxMe4ltskzu1AWxAiwOV5LbVvZWXVtZcKobHxZIuUqqXTOBpD7HijY6fnACBsaMfAXWvojiLx9xvsMoRDOtkXjtVyoCKYGiz7d-Wbfts-7QYuHx-iJN3I3J60NxIMj8Y83hb8tZ6C_W8lm3LwkfwMaoTiXPy1BfRBTUHd1HaoAnjcRiJBUWFnwBgi8kmdpHA4DCWZRN_q918BuJ81ySkn11j-DB8dRF7I8cf0lVbPkzYyDFujRXAh8NxHg7nr1_-j8ZNhcTvGBU78&cid=CAASJeRo5kzBeGSDJAAaF0ihTdYW7Mm2Gw8XQwHm7YzzB28E_j4TNao&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 08:34:50 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 5FC3 25 KB
10 KB 61ms
60ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:34:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9773
x-xss-protection: 0
server: cafe
etag: 14407402762925951128
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 May 2022 08:34:23 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5743 41 KB
15 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 19:11:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AE51 1 KB
749 B 63ms
62ms Document
text/html 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 69391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 13:23:56 GMT
etag: 48472445140208031
expires: Tue, 17 May 2022 13:23:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E5E0 0
0 90ms
89ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvztvZMIYtbpJHi0B6EQ7jIJlYn5SqDuY8hGUVYVe4uYPAe_iS9knh3DRSuTCqQpjifM34IsMh7IggWp4J8gCRW2iugeamvkTjbVRnCJvi495tgrlyDL_L1Qkd4gRy8_wu7VKpLxqj2vI3gNyofn75x9LEtkr_nxS9wWqlrcT3Tg3YuhjGOeNmv4StuSYGF0DvIUrQYZJzsfdzBtBOIbYXkrZJqfy4mtREkVi4XBn0MBjbChdwvftmCfZBEAhVQ6WVuBPZ-Z_yEAtnym9SH_Yoo6VCYXArp9y2R6VYC18XqLxWAcD2lFsde9DnO&sig=Cg0ArKJSzBppyn8YxZPvEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 08:40:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 17 May 2022 08:40:27 GMT

GET
DATA 200
OK truncated
/ Frame E5E0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8a3d05871e4165d83238a392471e0c4309d6ac09e37b91aed712593e7a727c5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5743 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f3f5fb04c2fd0f66e26278b8fae9f776bf4cc98310cc3623eebc06320389501

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5FC3 41 KB
15 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 19:11:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 19A8 1 KB
749 B 60ms
60ms Document
text/html 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 69391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 13:23:56 GMT
etag: 48472445140208031
expires: Tue, 17 May 2022 13:23:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5FC3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2bb39a297c41b95e937f63c4ed02994be8baa73eb0aa6b70e0a932966916b82

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C4D1 22 KB
8 KB 55ms
55ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 147614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 15 May 2022 15:40:13 GMT
expires: Mon, 15 May 2023 15:40:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame AE51 35 B
464 B 192ms
60ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHV5_rstWwobBHtZy7IeR7U&google_cver=1&google_push=AYg5qPL8YKzIqbNZS5HfRJw-s_QWopvZfncckYV0owcK4-_jXcYcUmDOWeFPZehWwQF989kPlOsU_Qcv08f0Tmk2nkCZkZdri7J_

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame AE51 43 B
351 B 193ms
62ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEID6f4YyNv5PHWCDmrOzfZM&google_cver=1&google_push=AYg5qPJMdU7zNsOlR-UeD2okOHZ6V6msxn2-1BLb0a_-Y5o9eAb1B9Nk7LP1uHweICPtCdyClsQ4US6RlCuuEcF92fhuDIa-jJ4M
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: v8ecubvbvsmj4cofbrsjl31sgigfkmvr

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE51
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2Gbh2iJWSVmojcP-DWjwvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

67ms
67ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2Gbh2iJWSVmojcP-DWjwvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJaGG_XIEOijQ__BTCprSu1fOjB-uwpSBCcWraXZt8tc1FekwjdhaLIYeCjH28roSFFm_cypCJ-jSTxSIHptjjn1Ry4A6k

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2Gbh2iJWSVmojcP-DWjwvg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJaGG_XIEOijQ__BTCprSu1fOjB-uwpSBCcWraXZt8tc1FekwjdhaLIYeCjH28roSFFm_cypCJ-jSTxSIHptjjn1Ry4A6k
date: Tue, 17 May 2022 08:40:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE51
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBqxonJPMMet42YADkKTb-0&google_cver=1&google_push=AYg5qPISWB_aytcy40mJ4nlLll7v0qRu9GXPlWMXCpqdTS4eyrQyFvwEjRGnY70G3ljfRDp5xxT...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM5V05FQjUtMTAtTDdQOA==&google_push=AYg5qPISWB_aytcy40mJ4nlLll7v0qRu9GXPlWMXCpqdTS4eyrQyFvwEjRGnY70G3ljfRDp5xxTCv4Nxuii4C0_G2fgGr_UwYkVc

170 B
188 B

69ms
69ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM5V05FQjUtMTAtTDdQOA==&google_push=AYg5qPISWB_aytcy40mJ4nlLll7v0qRu9GXPlWMXCpqdTS4eyrQyFvwEjRGnY70G3ljfRDp5xxTCv4Nxuii4C0_G2fgGr_UwYkVc

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM5V05FQjUtMTAtTDdQOA==&google_push=AYg5qPISWB_aytcy40mJ4nlLll7v0qRu9GXPlWMXCpqdTS4eyrQyFvwEjRGnY70G3ljfRDp5xxTCv4Nxuii4C0_G2fgGr_UwYkVc
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE51
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG1JTCmhsBfs3ZwpzIEoPDc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoNfejwo-faGyoqOaHnN5gAAAS4AAAIB&google_push=AYg5qPInTMwFuUJu_NziR9MXYavBcKO0sbyAS3abCV0xqjgQZ71bI86G8Bs6hcie262TuEy_c-hGDpb4lzB45k_vur...

170 B
188 B

69ms
69ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoNfejwo-faGyoqOaHnN5gAAAS4AAAIB&google_push=AYg5qPInTMwFuUJu_NziR9MXYavBcKO0sbyAS3abCV0xqjgQZ71bI86G8Bs6hcie262TuEy_c-hGDpb4lzB45k_vur2H7OROVOCT&google_cver=1&google_gid=CAESEG1JTCmhsBfs3ZwpzIEoPDc

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 May 2022 08:40:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoNfejwo-faGyoqOaHnN5gAAAS4AAAIB&google_push=AYg5qPInTMwFuUJu_NziR9MXYavBcKO0sbyAS3abCV0xqjgQZ71bI86G8Bs6hcie262TuEy_c-hGDpb4lzB45k_vur2H7OROVOCT&google_cver=1&google_gid=CAESEG1JTCmhsBfs3ZwpzIEoPDc
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Tue, 17 May 2022 08:40:27 GMT

GET
H2 200 trk
ag.innovid.com/ Frame AE51 43 B
297 B 240ms
46ms Image
image/gif 2a05:d01c:1d8:8101:37a8:11c6:83f7:6fb7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBR3iTy7s0WleX7avthCAm0&google_cver=1&google_push=AYg5qPJmcipvcR22nt5QgmY3tqixsuAd-3BiNM4cUVHv1rK8Z0NpBlo_JJHjzsRMXx-BGFGe1T4BhR62FAUJyl2wFfJ7-d9pUWo
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:37a8:11c6:83f7:6fb7 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame AE51 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AE51 0
12 B 63ms
62ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jn3CasWKwScM83KJOSnaUMix1tDVM45WNJmT8IsLvI8vPBAgUUawV-RTcigUsjTeRxWS3Cjg

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5FE1 22 KB
8 KB 54ms
53ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 147614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 15 May 2022 15:40:13 GMT
expires: Mon, 15 May 2023 15:40:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 19A8 35 B
463 B 142ms
61ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHV5_rstWwobBHtZy7IeR7U&google_cver=1&google_push=AYg5qPJPrbD4sP5DPUNHhdcmo9Sct87bDYgzLc-xKYEHQep5A-ZSnGh775uhj6cIgBHf6yMOmNgQL929IaqtFOKUhjrVHT4Gg64

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 19A8
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLPPISApzI4Nsc1KLMf3_HEeBT2QE--4J489aD...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9OZmV3QUFBQmJ2ZHdQNA&google_push=AYg5qPLPPISApzI4Nsc1KLMf3_HEeBT2QE--4J489aDM5Esz1OMru2R7LR-wuIriFhlbp2ERuyWbnnGjj2wJVajDXulbvXS2xw

170 B
188 B

65ms
65ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9OZmV3QUFBQmJ2ZHdQNA&google_push=AYg5qPLPPISApzI4Nsc1KLMf3_HEeBT2QE--4J489aDM5Esz1OMru2R7LR-wuIriFhlbp2ERuyWbnnGjj2wJVajDXulbvXS2xw

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9OZmV3QUFBQmJ2ZHdQNA&google_push=AYg5qPLPPISApzI4Nsc1KLMf3_HEeBT2QE--4J489aDM5Esz1OMru2R7LR-wuIriFhlbp2ERuyWbnnGjj2wJVajDXulbvXS2xw
Date: Tue, 17 May 2022 08:40:27 GMT
Server: Apache
Connection: keep-alive
Content-Length: 389
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 19A8
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKMBhedXuGzISHdnwRL4RdRpegqSQkp2bv7QG1bQ7nz4Ac4E9FoRwgd3bu2GE1RWRqQw4lmRTlGXsIOQV92kexYM_e9MQ&google_gid=CAESEF8NJUtOvNc3ZAzAyQ507aQ&googl...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPu-jZQGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBLTUJoZWRYdUd6SVNIZG53Ukw0UmRScGVncVNRa3AyYnY3UUcxYlE3bno0QWM0RTlGb1J3Z2QzYnUyR0UxUldScVF3NGxtUlRsR1hzSU9RVj...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwblMtVEtmUXhQd0lCQzA3d0s2NDBSdl9xa24zbDZvUlpfXzFXb3dDSUxDNA==&google_push

170 B
188 B

65ms
64ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwblMtVEtmUXhQd0lCQzA3d0s2NDBSdl9xa24zbDZvUlpfXzFXb3dDSUxDNA==&google_push

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 17 May 2022 08:40:28 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwblMtVEtmUXhQd0lCQzA3d0s2NDBSdl9xa24zbDZvUlpfXzFXb3dDSUxDNA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 19A8 43 B
135 B 140ms
63ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEID6f4YyNv5PHWCDmrOzfZM&google_cver=1&google_push=AYg5qPLTcWj7Fmgew_OdDsmyOovgCksHAgPPsFXaivzQyXcQpBn2Oc9enPHv2OvzbxSUy2TEiDq8w18cMJ1a_L7UbTLoY73OLw
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:27 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 0iprrnei98n96u6uft0gu6k06n53kblp

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 19A8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V08EVccIQrOuHdC6TAi6Qg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

64ms
63ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V08EVccIQrOuHdC6TAi6Qg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJJKDa2tJIyoHwG5LgfJfqjoIAaUPZ6xXaL0oZ6a1gxilibf6lNcCF6Vg5nj_Q3mO6ne7-tJB5vo1v1F5rkCLa-v8JBlA

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V08EVccIQrOuHdC6TAi6Qg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJJKDa2tJIyoHwG5LgfJfqjoIAaUPZ6xXaL0oZ6a1gxilibf6lNcCF6Vg5nj_Q3mO6ne7-tJB5vo1v1F5rkCLa-v8JBlA
date: Tue, 17 May 2022 08:40:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 19A8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBqxonJPMMet42YADkKTb-0&google_cver=1&google_push=AYg5qPIz2K7tC3-wPTqydUUwpo3VmJaZapAngY9R1TNwARq36qEntqldcZntZ_HkjA8t1_rHHyR...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM5V05FQ0YtMTctQzlPSA==&google_push=AYg5qPIz2K7tC3-wPTqydUUwpo3VmJaZapAngY9R1TNwARq36qEntqldcZntZ_HkjA8t1_rHHyR4ylfK_8Te_dirICqZoT6zITI

170 B
188 B

66ms
66ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM5V05FQ0YtMTctQzlPSA==&google_push=AYg5qPIz2K7tC3-wPTqydUUwpo3VmJaZapAngY9R1TNwARq36qEntqldcZntZ_HkjA8t1_rHHyR4ylfK_8Te_dirICqZoT6zITI

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM5V05FQ0YtMTctQzlPSA==&google_push=AYg5qPIz2K7tC3-wPTqydUUwpo3VmJaZapAngY9R1TNwARq36qEntqldcZntZ_HkjA8t1_rHHyR4ylfK_8Te_dirICqZoT6zITI
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 19A8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG1JTCmhsBfs3ZwpzIEoPDc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoNfejwo-faGyoqOaHnN5gAAAS4AAAIB&google_push=AYg5qPIIOPjkb1FdfYqdq1Nd1A_uH-hFdsOssGLXBg0L86ZpbJ0aGrP8TghfxSpNPm-VwRaB4hpVS8H_SbK0kQ8jJV...

170 B
188 B

65ms
64ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoNfejwo-faGyoqOaHnN5gAAAS4AAAIB&google_push=AYg5qPIIOPjkb1FdfYqdq1Nd1A_uH-hFdsOssGLXBg0L86ZpbJ0aGrP8TghfxSpNPm-VwRaB4hpVS8H_SbK0kQ8jJV7OYUTaXD0&google_gid=CAESEG1JTCmhsBfs3ZwpzIEoPDc&google_cver=1

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 May 2022 08:40:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoNfejwo-faGyoqOaHnN5gAAAS4AAAIB&google_push=AYg5qPIIOPjkb1FdfYqdq1Nd1A_uH-hFdsOssGLXBg0L86ZpbJ0aGrP8TghfxSpNPm-VwRaB4hpVS8H_SbK0kQ8jJV7OYUTaXD0&google_gid=CAESEG1JTCmhsBfs3ZwpzIEoPDc&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Tue, 17 May 2022 08:40:28 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 19A8 0
12 B 65ms
63ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISzulqWtUh6xPtN9Su60Ddxt_EJhg4Dt1Gd80gb2U1lmu1eju6K64mORdBg-kQw9j02jLm

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 NhRng2ZenZRcaPRuU0zAmqgyTOhBGXWeehn8uWk0bEI.js Show response
pagead2.googlesyndication.com/bg/ Frame C4D1 35 KB
13 KB 60ms
60ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NhRng2ZenZRcaPRuU0zAmqgyTOhBGXWeehn8uWk0bEI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36146783665e9d945c68f46e534cc09aa8324ce84119759e7a19fcb969346c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:29:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13698
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 08:29:48 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8175421740786782563/ Frame EC11 4 KB
1 KB 56ms
55ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2d7b8e516d05fe8101b125622e38dcf3c32e36f453562b4201cfbceba7eac69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 435395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1337
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 12 May 2022 07:43:52 GMT
expires: Fri, 12 May 2023 07:43:52 GMT
last-modified: Wed, 04 May 2022 08:53:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5FC3 0
27 B 99ms
98ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4q4QxNC-BKXd9GKEhOEWEDiqKjpOsLJHY0nBhYCzxPzNKR55HrdL4I7i9JgnGOcowuptI9E8_jkz4KQ2f9VM-XvbJED6jCybEWU31xPApZOHrokHs9hRhi5tXGMBwE6Ufv5sL3boJbpt6k5e0NUd4RUpPMqwTVDlGbw4vjQJafJwGD1TwOEYaZIZDjxYNqatylvmssnNjeRabpEnlYQrb9pxjJ7EpAulcVtYW3___gXuRREpWe6HRYo1mG9cuulP7K5w8jTiFSPMmau7uOxv6NQeP1rEA0KpjzLuMtXMpSmuIUzUOhDxfDNaZxAL1zfzX0ihLMAHAU6qBw1dIqhi8ZmmLmT0Az1bV2MHXcQwQna49mXuX7OovIKJ8mCGvv2PlUK_7A1HzXNK2SDEzElPgsVIESqOWnzinZAuNh4hvWldYlRJiuhDI4_p5TG5EBBXG3eoMuQJfAQ35aNBUbqOkWKFhh_4fXYKs2JPRSxjM1AAGM9kOrnbpff3UIVNxhaTqAfc19Dtcb7iygex_HxlvtnQuVn83eyv9-HYUX6EXC2ySR2GOgGqHbsxjmwM-LSWe2dGByyzlfHDx44XHnpBUxXr1f9REXD6cx5NyhDlk4gJuIbSXbGirsaWlPTJd2-XMrcMIjKBb8oqG-ygPF2NJC47iE4mxWA8xu_zBmSXN0_3cv_xzv8DW1eyA4LDY2_QSEgD-5OX0-ISHwvBLJznZHpEgpnqXNPbePyqV8ZA-83Abn4HX_0Lv5UqOPpczo3Qso7XMvokzPxy1XRlfArEx8_H985w_NfTQhyq57kUlMqy4Tmb8Cm3j3pNTPH1xrDCRLu0VMkLyqu-cH6dNeDBMfzExa4IJw4gPKPeCLw2PTGljl_yda6DhZRv2Yg_aMNZskqdDvLLgzykis3AZzH8uBiv0HoUFYgl2Sp9BCmoLeLnCr9FaZSi-Nv_TAxd9qIKg22kYIKEDfrOXlmwcAOUvQ4xPXTEswmlbQxcjMAqXKkqbyt9U6UTYCKqkJSLR1P48VZjtYVpKy8xZ6ObQPPuEHWhcO4PO_w-lOcF42v-XwepHt3vWbHqZAmHAiYuFL1xNJgNOzCgr05fNF9jE9Gjo6oAB38-6oXRQqjILvGJQb5MLB-LWRa4WJ7YDqrmeSzihL0WZg5mLmXQtbFEFCTM_KlgX7pbn5rlnR0FfU-BPBhFHzb36SM3LgmacsJyQ1Ch2XKoGuLFOlw&sai=AMfl-YS9IuZyl9X-qMplbbHXHEBonPy_yIPrjdJDf5to5Ojf9yHT9XvM_NsZVhM-zKgu3vNxna6EBi-7F7JhuE6ZzrZr0rP60dQsKb8umjyWoOqQ08VOMYuI5PxFiGVLeg_HtY4tRbzUbyjMQOFPxUFxDZkjQKoPaKeOEJxMDSswxWeRzdbqof-zV8pDVC3SEfzR6h59noafJpk2tN15POp_--7w&sig=Cg0ArKJSzGkZs5P7UnPlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=219&cbvp=1&cstd=218&cisv=r20220511.98297&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 17 May 2022 08:40:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK tag.tr
red.vtracy.de/ Frame 5FC3 16 KB
16 KB 303ms
120ms Image
text/javascript 3.125.222.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://red.vtracy.de/tag.tr?tr_adid=k27721755_s3021957_p335200588_c170797280&tr_mid=0&tr_sync=true&tr_uid1=DC&t=1429531063&gdpr_consent=&gdpr=
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.222.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-222-121.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 17 May 2022 08:40:28 GMT
Server: Apache
Connection: keep-alive
Content-Length: 16825
Content-Type: text/javascript;charset=UTF-8

GET
H3 200 index.html Show response
s0.2mdn.net/10176755/1628770995716/ Frame 2583 6 KB
2 KB 55ms
54ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10176755/1628770995716/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a964d3ee57d64c5dfc1c04cadb738f8f6f87ede99e443201afa1715ac196b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3749
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1888
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 07:37:58 GMT
expires: Wed, 18 May 2022 07:37:58 GMT
last-modified: Thu, 12 Aug 2021 12:23:15 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5743 0
27 B 128ms
128ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKLUL2KIHG2NrwroIZz9lD-7ySgauaLfTZFY4PXCkO_GiHWKbmalBBlC6r4vFfT6rJNJI6B45u4osLc-ldhvqlyf6NjtomljoRvbivtFlO3E6PHkc8IS-gqjClZu0K7a_f9EWUqBaZEAE0znK0baKIzxGV5SF_ixCvJ0pWOgeJkleUQGpKgHalNuG6HmY0aOHogRgF_HX05hBWYHo3I1bodhIG7AVvK5D_YxA7hiKmBLt0MFBEK6lFVbbT9ag2mNWJbfe-QXcT13gsSe30aeWgPtXTluk07ISdfzBWhmzyDRbKXMnKZju4TbQ3pSGH2pLC1Eup7XPuVcEuxQopb2kH7kEpa1odButbUsBNxTR-yN7GdJd1oEDPor2PsXqnC2geYF7-LQfenxJmdAiu82wQ5m4ApDyS2YrkrunmTWV11o5P9OPpLWAyEZW7beIziqb023uvC5dq1nDdetl2cHFoG8AuwHoZ_s1WKCyJcvvFgxJSGHNMK77om2o6BD5PpXXmvQa_vMK32gap9YnM5bQ6BHlFZnsURQufEdLXnie-ESaf8_X0aRCGw04dG4nlMLz9ow0hWJTB_pPx9ZDE7IbPVaw6Hsi2FMgrKeuEWeaXReF0Ckb2ywQj0lr4PeZMRuanOvI100jO2bi8Mqs5qyTyCas6nuvzL084us2wTk4kPXNGj1fyVIcBfOZ_qufk0wT5qxjKCE4M5ezEJx10DAK38dDM8FD8wVSSwLIc7-ICvtBSXppoT33K8me4cyZbxKJgGIV8NTk2rhQhJmtns3e13ZP_6G9aJK7xgzuZgwPVulDu7Fv8SBGIz_VeOCIwi5v1CaNvnBja4sbBy6myM9_CjX9f_xm0VCUHjEN16uuv1NTOSMI1lHy87hvmlnw2yLr0djqNAf4iT0AZgR5oxfwxylcA77MKQpXmcQxeDYtZvWGwYpmx98KkNBctiX_NNotztIZ_56LZj-TOcpK9UR5yuYPlSUgHQUlFh-Ojh5_KB35vikxPaEP5xm9MQZEPlOAd2EV5UfEpuL03HOzgSliNlFdf4B9kEmmsrDbo8Bwtawh_mjcp1sabS7uCWlU-L2G3iQWBNxqntY-PzT_qXELWKHN6WoV9vExnDxqhsVUjvMlWdS-3Puhr4Xby5do9Zr0wToVCEBB6yuB6Ladu2Aw6EslGPZAhqRbwRHLJatA1KWeymwuRycF0YTPLWs3jKtLdMm07t0Tg2V1lyRc4F9P2Sh7U6ZJY43HMItYxsexxcmVylQ8f1RgveJIPX4RFKg&sai=AMfl-YTHkVW2I0LRF8JV32X7nevhuVRgGjRU8FPwf8QOF1GjKE3uTnu0F8pcSnkilTqP37wXHVxd-HBh-T_yQlueR2MfrAZP5djErB9VSUOmUGHZgL4GpCVcVj8Ux21-ZQlaXQG93bUxy26Ep8iy0RP-mqltumrZoW_FQWCvnVhGkZHJ5RC8e51edQ6KgU4lQn1-y5GJzxNwe-G_WUFgng_ZANDE&sig=Cg0ArKJSzKMaurSsb-yUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=260&cbvp=1&cstd=259&cisv=r20220511.43369&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 17 May 2022 08:40:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 main.gr.19.8.309.js Show response
static.adsafeprotected.com/ Frame 5743 191 KB
61 KB 186ms
61ms Script
application/javascript 2600:9000:2491:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.309.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/996673/61756196/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2e24b95c962fffb41eede228d0c5c7681cf9bc3dd3ece2440412ec4246d84e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 20:42:44 GMT
content-encoding: gzip
age: 993465
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 05 May 2022 17:31:51 GMT
server: AmazonS3
etag: W/"25d0c2239b60642eaeddad303e621bd4"
vary: Accept-Encoding
x-amz-version-id: mjEd7PtHn1L574wGfHZ2vjRyhTR.v7IU
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P7
content-type: application/javascript
x-amz-cf-id: PtmNJxneN-13ev_rMU3X5mL1yD94lSR3jzHrdTp_wLR-sZxtiyzJGw==

GET
H3 200 NhRng2ZenZRcaPRuU0zAmqgyTOhBGXWeehn8uWk0bEI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FE1 35 KB
13 KB 60ms
60ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NhRng2ZenZRcaPRuU0zAmqgyTOhBGXWeehn8uWk0bEI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36146783665e9d945c68f46e534cc09aa8324ce84119759e7a19fcb969346c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:29:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13698
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 08:29:48 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/ Frame EC11 2 KB
536 B 54ms
54ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a0eef1b7d7586e1370b06194e85464271313ae775816d5cb062241bc8f615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 507
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:52 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame EC11 105 KB
35 KB 1161ms
1160ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 17 May 2022 08:40:29 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/8175421740786782563/javascripts/ Frame EC11 3 KB
671 B 55ms
55ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/javascripts/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dfc772abe5631af71b6fec7e21694ab8235dfecb5a2dab259180fdcf2abe3ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 642
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:52 GMT

GET
H3 200 style.css
s0.2mdn.net/10176755/1628770995716/stylesheets/ Frame 2583 3 KB
813 B 55ms
55ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4e05219a918031b351cbbf52978d47b5bb356d33ed2a84e783b76d54159c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 787
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame 2583 113 KB
34 KB 151ms
52ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1068498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33534
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c274"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsufKUQXYJ0nt38sqWqNStGwZFY1YCxM0LYcxxj2yXUYsZEpYVZ6pnybK4bn66ah9JhmlkEzZ4m5%2BQFBduBugqbjFRapxNXIEfnXlN4qX%2FKBUCmtkwee3CiPqGmTg%2F2wMCrLRNGjU5J7cpTLOOYE2Crw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70cb0c674e3f75a1-LHR
expires: Sun, 07 May 2023 08:40:28 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/10176755/1628770995716/javascripts/ Frame 2583 4 KB
1 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10176755/1628770995716/javascripts/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81366b8d555eac429c5b14198573523f55757a94d93d60c83980d38c00225e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1088
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 315 KB
315 KB 58ms
58ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad3020772c580601a51fa9053ce4ca8155c12db4fc08d125852f951d30596fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 322422
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4D1 0
20 B 95ms
94ms Image
image/gif 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmZhre1-DYoLXHY_PgAfRg7ywAwAAAAA4AeAEAg&bg=!0NOl05fNAAZL3OSAa9w7ACkAdvg8Wl-tMHMCRjy7w43wrDs04pv6mvWi0UcsOPkQulnG109GBBfPaAIAAABnUgAAAAJoAQcKADznbVu-hEoATp2b2T87ciw6v1Z_Oafh4ifU2vbdbiqOWwYnIBX5GjZSEePboCAbyYq6xga44Ait7iQNhEmZAud9JIMJx3P43eNu71hTTci5bM1NjT36-27iLMNOguuAORNogwdokIgA-1cB5PN102ipkHBwyGkRI5KX_iTBP0sHKXYUgqyvE-sSm3do8GXjamlSZBd1qBVMfBWHT0pv0nE3nqnOyCGaX4EJSJZG8eX7k9rqua-HawLmIxc8TutdKiY8oVRoW7IElDhwln72Md_Lzd0FvOO5aba7-JVypsG3x7eqGdVRt76BQT5nVg8nwcl3yjvc5uNq96ub6FmKiOoiPkcMYaycJkjcf3ftFxIvsQ70FM8swb30Tg_qOnU4eN5rcYAVl9vLiDeM7ApiyzNQYbmOxxu058aS4KtIUN3fh_JJMmJtODNaa2Timy8uOLFYAxJvyu0uHhsgw4TLXLUVIIB_3V6naZ2vAf-9E9cm8PbqeYQyv-bSBEV2DH3fSCj8kgPhIPIeUzX4cJypxuSl8GdGSx7zT3IN3Tm9b8hc0JLXvVGzN4H5WxDzvaZdwgdEAt7febq4JklOzVlqvTqFzteX4hpdHd7xTyUHCPhVIoHpczzHSMLYZlh3b63_iRmlScn4syIBKUTT6ocFvJs1g04PHDyI9ZwH0GPZhOYKDtSS54LGCo62M-B0T6xYS996WORO81gCXk2FP5cTn-TxXQNkREOjG9CnN6aqYUo4Y5MAjqzcMlrfu0Js2cHl0p6S8hwLhwwvwfu-7OO_8fWNrZh4SRBU2HLl8A3rV2ZiRkopFtUExjf7JNopZKM_95fQXqKn8NcYPMENsO4Lb-Q6GXX9VMZKiw016XSavv1qQo9e6TQ7jYQzXJAuw1rpQsHRX_NGA5OoDl-OzQHFrpfZnCKicfhSaDUM4MJOQg5Cw4NviKSLrgdeDRy6NKtZe-KLfu8OeJNA8NkdXVZByzr0Wk6aLJl_rBhzCgeaDYhgUnbRewg4TuvIcFSjESEU6Ot9tQk3A4TdlxI-u3opKSXyMUmC4N6uvcemUnUmFxU0PWQQPGiXEw

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 push0.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 3 KB
3 KB 61ms
60ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/push0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2488b6c3e67b8ec04994779823578a5d7b74a0d814bdee7049a62e9ec97166cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3175
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 push1.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 3 KB
3 KB 62ms
61ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/push1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd7df5c99615e79a156eb2e81f6f6f0ff72ed5085b80d95c2f88f7160f80304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3213
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 bg1b.jpg
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 196 KB
196 KB 149ms
147ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/bg1b.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e52b26b48dad0ceba58fabaa61a50167088c658243866f4356e85df897f5e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201134
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 push2.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 4 KB
4 KB 62ms
60ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/push2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c07c4280af0101109ac899ccd91d9b539d927fe58ae715fdb58617aa54ca2bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4191
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 logo_intro.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 7 KB
7 KB 154ms
152ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/logo_intro.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1671067cd3dbc4d9bd94120e1f24ce195123451fa87547713a272485f9c34a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 168 KB
168 KB 155ms
152ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9b946481c32f4369373d2e4a287d25404305f730eaf798f4355846d597f8f61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 171571
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 bg2b.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 174 KB
174 KB 165ms
162ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/bg2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f96c607e65e9265b8426aa1e30a0c7fa19dcfe5147a488c985df06787b10b61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178089
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 push3.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 4 KB
4 KB 164ms
161ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/push3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efeed59204d2eb15bc97b127681e3cfe55684a996433151d37dbe0550a89a505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3879
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 bg3.jpg
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 400 KB
400 KB 161ms
157ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/bg3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ea717cca2b878742523fac75fe0037c265e93eb6a96057e685bc411ff833046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 409724
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 bg3b.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 264 KB
264 KB 166ms
162ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/bg3b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a7e36aaa9181f128dfc877190a075b2bc236dbbd0662833b6def460e16d09fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 269855
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 push4.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 4 KB
4 KB 168ms
165ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/push4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6eb002be030feee5606908eda31af0f2fc5e9cfb811c12d233d42245606ea3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4171
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 push6.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 2 KB
2 KB 62ms
58ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/push6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0258b9d875d5ae4c5d76ccc1a60327957fb59c70a38528c4ed5c896f6caa78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2011
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 push6b.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 30 KB
30 KB 62ms
59ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/push6b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d355d98734b9724ce1261cf64834e3257c32c5130992c3aebdd84c8e4133aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30226
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 push6c.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 3 KB
3 KB 71ms
66ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/push6c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f0a2702bff0e0c90397d6d2e4f4aba9656e38bea1063ad88935ba676511df16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3296
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 push6d.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 2 KB
2 KB 91ms
86ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/push6d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adf5e7c37f8621ab815d3b78f9f7fe3da104218bac09111b06ece7e1e17b0230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2123
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 push7.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 3 KB
3 KB 92ms
87ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/push7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f11172b57df67c7b2e272803e6e949fafd06fc5aeabda8fb4c2563f67f3d645f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3225
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 cta.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 2 KB
2 KB 90ms
85ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4f4bcbfca2de071c3d74e3aae1ab2c4df2533bea9bc5cbf0d1059f8c0512af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2287
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 arrow.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 1 KB
1 KB 69ms
65ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/arrow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9c5debd991646f8914a934d73a168313f43a10e008c90543525f82c26071bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1414
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 cta_hover.png
s0.2mdn.net/10176755/1628770995716/images/ Frame 2583 99 B
123 B 68ms
64ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1628770995716/images/cta_hover.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:37:59 GMT
x-content-type-options: nosniff
age: 3749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:23:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 May 2022 07:37:59 GMT

GET
H3 200 image02.jpg
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 36 KB
36 KB 120ms
117ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/image02.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

255757ba2a4fe12802e822e6af4c79796febe88d160c8de9bd19d3232612c7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36649
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 image01.jpg
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 9 KB
9 KB 126ms
123ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/image01.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180e8cd76a9a234ca5c58eb8253be65b893ac7b4c04bdd9c86e1ae934c931d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9277
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 push01.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 16 KB
17 KB 105ms
102ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/push01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

186dd2f66e9a8fb751284e86776d06802fcd3c46760e00c6cd66f44c02dae64d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16878
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 push02.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 7 KB
7 KB 116ms
113ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/push02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8013b66e24a0010e55aeeb13b5b86c630e17928333b40ad89194f068a954a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6672
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 push03.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 6 KB
6 KB 124ms
122ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/push03.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d49e78fd43f07b43ad0e59ce73addc99e9d65b72ab63b802f94ba8da87de005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5837
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 push04.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 4 KB
4 KB 124ms
122ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/push04.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95216de95473b447c4734ea65bf9f8522a32c0685b041244f1d558952aad753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3898
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 push05.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 6 KB
6 KB 113ms
111ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/push05.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23105282f1b70364eb7aa3d481d5285bd18228ad72ff36da755ed699be5d9f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5901
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 push06.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 3 KB
3 KB 117ms
115ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/push06.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5afaaa47bfc8416a483cd88e4324dd4d87147bc9ad8a2acb5df0dadc2d2eb974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3009
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 push07.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 5 KB
5 KB 113ms
111ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/push07.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dea943b0e1e8c8f75024a39420b1449c0d9ccff493b4d2538ef6bf5a004d9b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5275
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 quote1.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 2 KB
2 KB 111ms
109ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/quote1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4be56378f088852b769323220eba98f29e53b97540f389527ed7e2678c903f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1984
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 quote2.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 2 KB
2 KB 110ms
108ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/quote2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a16341cfbb6c51e9be3af2ef3d3f4fbf348d496694fc2256c4b854dadf783552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1939
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 quote3.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 2 KB
2 KB 112ms
110ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/quote3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

617cf3f9bbeac06edce1540552e3cd1b96d4f0c6b3c0abc3d5b4e7ff916f2c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2158
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 8 KB
9 KB 95ms
93ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7638dfe37217455ef4d9cdbc22f81baa221a2214f4702906f83220057bb96a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8682
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 3 KB
3 KB 109ms
107ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f85caddd77715cef90be8f3e959314ab0e423416acd7536f65eb91296ddb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2946
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 icon1.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 10 KB
10 KB 98ms
96ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/icon1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb1e512901766c20e0fd5790076132833f7235aa03455bee3ba242641dd3309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9981
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 icon2.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 9 KB
9 KB 88ms
86ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/icon2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76b35838a5e9106de8fbd56ca152eb6e2aa5189e1e3c6448008c40ee41fb6df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9082
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 icon3.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 11 KB
11 KB 91ms
89ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/icon3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d76d0ab3dfedd12f711bb20c8f2807628b17872264636734617b156e3914a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10867
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 200 icon4.png
s0.2mdn.net/sadbundle/8175421740786782563/images/ Frame EC11 10 KB
10 KB 101ms
99ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8175421740786782563/images/icon4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cc7f9c67bf885b7fb26250ee5555a15bdac479e79b5e00ec9d4b513f3c237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8175421740786782563/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 12 May 2022 07:43:55 GMT
x-content-type-options: nosniff
age: 435393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10056
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:53:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 07:43:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FE1 0
20 B 95ms
95ms Image
image/gif 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRdX8e1-DYrO2Hpmw3gOfoISIDAAAAAA4AeAEAg&bg=!_P-l_7vNAAZL3OSAa9w7ACkAdvg8Wj2QLfq5pPmbmrXwP_k159mjAIJHQxClxpa3YbKjEfYOqR5oWAIAAAB6UgAAAAFoAQeZAt6noobxH6NEtxUXYTr2M-MbfigVy3beuue445cJvDRMV81L4vh34C6fFiyC4V154blC91TXqqNJ3HpckzmP52THrgez2n4M63K1xnzXEwUP9ER0CTX3qna_D50fi90WNpNjWzEuUhVhHb3uc6FiFo9TR8FjDcVBg9caUSxjMjN6RouxnopU-xbrAWom7x3yyk0vDvJNtnrO00L_L0lW_f2Q6in5_-l7DjxGJGUn4J6SQdpC5AYpF1-eExRfwKlg1mp905qWTogTCcIldB6WYeysay7BK1TlZcPXM0L_vAHhf2OBr6rXyKpPUYLlVcrcqsVfixtVS45VY6dUSAnPVsTJxpKNd_3sPMpvS5-hxlMUUB4Qjw5aOkGom5_6p0X59lqBkXMZ9ow_j2X4w865ROIaqpZsXKeEVpGaEW6wAUxO7mJFwrpA_X_TxiOPSE9ZCXXgG9Ui3XJG6bW5MrmbgdKW9eFXOrZPyx7M-zNEBuQILBSLKw3UCeqcQby5JIw9rCsRQjUJjaRpm_Squ-gjd3RUaJ3Cnj873vUQTCanMo1JZndUUMWxhj8UonLZV-HQBRFDrTYQ4C8GgyCMcimVSXN1jPO51KKOK-vYmbSN6WXtYQ4DIOrS6DjIyERTMIvgLw6cnfYV5w5p1K3efMd6mUN-mKkm-iNuaOrpCdfRHDOgBzq1KiMqRC8iTTWl-8uC_mUXRzbwiLzwZz_UhS684czMMfmcXIVFDqhkUmJmS3wEvxmY629blUMkCvqAmbeL-nnbUI8YSXRNkIiJ9mARtkadNiXit6253mcnXMJJ3R4If_UNjs8ccAJBt478GWyV5e_NItLKVZ7IwOJ1k27GeKPy67p_O-DUS2w-bWORQq1Lidw9iMcdX0hKZBW5aiZbgsNzFADTX0N2E6bDLtV8Ik4C0fmWTml536a4RpDarT5gQHUOrLV2QkrpWWzdAj3tz2AjQzIESaTrBNbZxJ9Usw

Requested by

Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 5743
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/996673/61756196/skeleton.js?adsafe_url=https%3A%2F%2Fvsim.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F910f36586688e0cfa971b11949fe548a.safeframe.googlesyndica...
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

53ms
53ms

Script
application/javascript

2600:9000:2491:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:2491:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
age: 7843345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: dibaonPnaOaqmtIxpqemISHeySl9bOp0lTn4AvM8103n4xeIGIf-zA==

Redirect headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame FB55 80 KB
21 KB 60ms
60ms Script
application/javascript 2600:9000:2491:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 7843345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P7
content-type: application/javascript
x-amz-cf-id: Tc3K9IJRhyYtrxdZNpZGnXVRSrpAHwJ4i8aymrX0vJr-0toPzfHpMQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5743 43 B
215 B 411ms
130ms Image
image/gif 2600:1f18:1aca:4282:23ee:9932:eba:4db7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=1dd79d14-61fc-4835-38c9-bd8c6d62c230&tv=%7Bc:cRkvH3,pingTime:-3,time:328,type:v,im:%7BpBlk:313%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1192,h:250,t:301%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:328,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~1192.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t64X8nT+11%7C12%7C13%7C141%7C142%7C143%7C15*.996673-61756196%7C151%7C152%7C153%7C154%7C16%7C171%7C172%7C173%7C174,idMap:15*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:23ee:9932:eba:4db7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5743 43 B
215 B 408ms
129ms Image
image/gif 2600:1f18:1aca:4282:23ee:9932:eba:4db7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=1dd79d14-61fc-4835-38c9-bd8c6d62c230&tv=%7Bc:cRkvH4,pingTime:-6,time:329,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:329,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~1192.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t64X8nT+11%7C12%7C13%7C141%7C142%7C143%7C15*.996673-61756196%7C151%7C152%7C153%7C154%7C16%7C171%7C172%7C173%7C174,idMap:15*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:vsim.ua*&br=c
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:23ee:9932:eba:4db7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5743 43 B
215 B 393ms
130ms Image
image/gif 2600:1f18:1aca:4282:23ee:9932:eba:4db7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=1dd79d14-61fc-4835-38c9-bd8c6d62c230&tv=%7Bc:cRkvHl,pingTime:-2,time:346,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:208,bdZ:470,beA:483,beZ:484,mfA:768,cmA:770,inA:770,inZ:775,prA:775,prZ:780,si:784,poA:785,bl:796,poZ:796,cmZ:796,mfZ:796,loA:812,loZ:813,ltA:829,ltZ:829%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:1192.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1192,h:250,t:301%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:346,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B56~0%5D,as:%5B56~1192.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t64X8nT+11%7C12%7C13%7C141%7C142%7C143%7C15*.996673-61756196%7C151%7C152%7C153%7C154%7C16%7C171%7C172%7C173%7C174,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:44,readyFired:true%7D&br=c
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:23ee:9932:eba:4db7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5743 43 B
215 B 455ms
254ms Image
image/gif 2600:1f18:1aca:4282:23ee:9932:eba:4db7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=1dd79d14-61fc-4835-38c9-bd8c6d62c230&tv=%7Bc:cRkvIk,time:407,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:407,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B118~0%5D,as:%5B118~1192.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t64X8nT+11%7C12%7C13%7C141%7C142%7C143%7C15*.996673-61756196%7C151%7C152%7C153%7C154%7C16%7C171%7C172%7C173%7C174,idMap:15*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:23ee:9932:eba:4db7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5743 0
26 B 91ms
91ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKLUL2KIHG2NrwroIZz9lD-7ySgauaLfTZFY4PXCkO_GiHWKbmalBBlC6r4vFfT6rJNJI6B45u4osLc-ldhvqlyf6NjtomljoRvbivtFlO3E6PHkc8IS-gqjClZu0K7a_f9EWUqBaZEAE0znK0baKIzxGV5SF_ixCvJ0pWOgeJkleUQGpKgHalNuG6HmY0aOHogRgF_HX05hBWYHo3I1bodhIG7AVvK5D_YxA7hiKmBLt0MFBEK6lFVbbT9ag2mNWJbfe-QXcT13gsSe30aeWgPtXTluk07ISdfzBWhmzyDRbKXMnKZju4TbQ3pSGH2pLC1Eup7XPuVcEuxQopb2kH7kEpa1odButbUsBNxTR-yN7GdJd1oEDPor2PsXqnC2geYF7-LQfenxJmdAiu82wQ5m4ApDyS2YrkrunmTWV11o5P9OPpLWAyEZW7beIziqb023uvC5dq1nDdetl2cHFoG8AuwHoZ_s1WKCyJcvvFgxJSGHNMK77om2o6BD5PpXXmvQa_vMK32gap9YnM5bQ6BHlFZnsURQufEdLXnie-ESaf8_X0aRCGw04dG4nlMLz9ow0hWJTB_pPx9ZDE7IbPVaw6Hsi2FMgrKeuEWeaXReF0Ckb2ywQj0lr4PeZMRuanOvI100jO2bi8Mqs5qyTyCas6nuvzL084us2wTk4kPXNGj1fyVIcBfOZ_qufk0wT5qxjKCE4M5ezEJx10DAK38dDM8FD8wVSSwLIc7-ICvtBSXppoT33K8me4cyZbxKJgGIV8NTk2rhQhJmtns3e13ZP_6G9aJK7xgzuZgwPVulDu7Fv8SBGIz_VeOCIwi5v1CaNvnBja4sbBy6myM9_CjX9f_xm0VCUHjEN16uuv1NTOSMI1lHy87hvmlnw2yLr0djqNAf4iT0AZgR5oxfwxylcA77MKQpXmcQxeDYtZvWGwYpmx98KkNBctiX_NNotztIZ_56LZj-TOcpK9UR5yuYPlSUgHQUlFh-Ojh5_KB35vikxPaEP5xm9MQZEPlOAd2EV5UfEpuL03HOzgSliNlFdf4B9kEmmsrDbo8Bwtawh_mjcp1sabS7uCWlU-L2G3iQWBNxqntY-PzT_qXELWKHN6WoV9vExnDxqhsVUjvMlWdS-3Puhr4Xby5do9Zr0wToVCEBB6yuB6Ladu2Aw6EslGPZAhqRbwRHLJatA1KWeymwuRycF0YTPLWs3jKtLdMm07t0Tg2V1lyRc4F9P2Sh7U6ZJY43HMItYxsexxcmVylQ8f1RgveJIPX4RFKg&sai=AMfl-YTHkVW2I0LRF8JV32X7nevhuVRgGjRU8FPwf8QOF1GjKE3uTnu0F8pcSnkilTqP37wXHVxd-HBh-T_yQlueR2MfrAZP5djErB9VSUOmUGHZgL4GpCVcVj8Ux21-ZQlaXQG93bUxy26Ep8iy0RP-mqltumrZoW_FQWCvnVhGkZHJ5RC8e51edQ6KgU4lQn1-y5GJzxNwe-G_WUFgng_ZANDE&sig=Cg0ArKJSzKMaurSsb-yUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=726&vt=11&dtpt=466&dett=3&cstd=259&cisv=r20220511.43369&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 08:40:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5743 43 B
216 B 244ms
129ms Image
image/gif 2600:1f18:1aca:4282:23ee:9932:eba:4db7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=1dd79d14-61fc-4835-38c9-bd8c6d62c230&tv=%7Bc:cRkvJI,time:493,type:e,im:%7Bimprf:%7Bttecl:699,ecd:121,tsecr:1%7D,pci:%7Btdr:160%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:493,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B203~0%5D,as:%5B203~1192.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t64X8nT+11%7C12%7C13%7C141%7C142%7C143%7C15*.996673-61756196%7C151%7C152%7C153%7C154%7C16%7C171%7C172%7C173%7C174,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:23ee:9932:eba:4db7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5743 43 B
215 B 197ms
197ms Image
image/gif 2600:1f18:1aca:4282:23ee:9932:eba:4db7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=1dd79d14-61fc-4835-38c9-bd8c6d62c230&tv=%7Bc:cRkvMu,pingTime:-10,time:665,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1652776828522%7C%7C85f1bb260eaa7f08b4968db6b3b54b9d%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C765433b1507111dc96e9163e1f497cda%7C%7Cb0e7b483e797522ddb45dec311dec32e%7C%7C7dcc1d392c4c69c49736b0d2f998928a%7C%7C251fa98ab33e296410ea82b56ebd58dd%7C%7C39c9028b67a1ba9b981c9980f5faa711%7C%7C1629390669%7D
Requested by: Host: 910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
URL: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:23ee:9932:eba:4db7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5743 42 B
64 B 100ms
100ms Fetch
image/gif 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzLCh5a9tKdqTaZDhpLNV89d9O6vSOmH_4w-MGWPvq-kY3PREoLN5y2YLWXnE9Wh3_6yljyVowBN024O_wVYLFt9V1LUFOyW8ZpSgf6oFDz0ABdcyxvwJHm6IX&sai=AMfl-YRCsqQqsbTw4lA6UA9F9pjZ4QM3HlwcJAH2YzPmpGYRQ8nMEeSZjvohIsvBvhUa926kCx8eNw_1ekO1MwczQdB38WWGWGfDIcUtAvKJ9yYLrHF53o1a5fiCPMnc&sig=Cg0ArKJSzFRmqUEimu6KEAE&cid=CAASJeRopFiPtRhGLYdDdPHuE9G5cBLXZcDWqXWzxjpyDwCwsddN1_U&id=lidar2&mcvt=1000&p=931,204,1181,1396&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2483578089&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652776827374&rpt=322&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5743 43 B
215 B 129ms
129ms Image
image/gif 2600:1f18:1aca:4282:23ee:9932:eba:4db7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=1dd79d14-61fc-4835-38c9-bd8c6d62c230&tv=%7Bc:cRkvQf,time:898,type:e,im:%7BpLoad:866%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:898,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B608~0%5D,as:%5B608~1192.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:200,fm:t64X8nT+11%7C12%7C13%7C141%7C142%7C143%7C15*.996673-61756196%7C151%7C152%7C153%7C154%7C16%7C171%7C172%7C173%7C174,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:23ee:9932:eba:4db7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:28 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5FC3 0
26 B 92ms
92ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4q4QxNC-BKXd9GKEhOEWEDiqKjpOsLJHY0nBhYCzxPzNKR55HrdL4I7i9JgnGOcowuptI9E8_jkz4KQ2f9VM-XvbJED6jCybEWU31xPApZOHrokHs9hRhi5tXGMBwE6Ufv5sL3boJbpt6k5e0NUd4RUpPMqwTVDlGbw4vjQJafJwGD1TwOEYaZIZDjxYNqatylvmssnNjeRabpEnlYQrb9pxjJ7EpAulcVtYW3___gXuRREpWe6HRYo1mG9cuulP7K5w8jTiFSPMmau7uOxv6NQeP1rEA0KpjzLuMtXMpSmuIUzUOhDxfDNaZxAL1zfzX0ihLMAHAU6qBw1dIqhi8ZmmLmT0Az1bV2MHXcQwQna49mXuX7OovIKJ8mCGvv2PlUK_7A1HzXNK2SDEzElPgsVIESqOWnzinZAuNh4hvWldYlRJiuhDI4_p5TG5EBBXG3eoMuQJfAQ35aNBUbqOkWKFhh_4fXYKs2JPRSxjM1AAGM9kOrnbpff3UIVNxhaTqAfc19Dtcb7iygex_HxlvtnQuVn83eyv9-HYUX6EXC2ySR2GOgGqHbsxjmwM-LSWe2dGByyzlfHDx44XHnpBUxXr1f9REXD6cx5NyhDlk4gJuIbSXbGirsaWlPTJd2-XMrcMIjKBb8oqG-ygPF2NJC47iE4mxWA8xu_zBmSXN0_3cv_xzv8DW1eyA4LDY2_QSEgD-5OX0-ISHwvBLJznZHpEgpnqXNPbePyqV8ZA-83Abn4HX_0Lv5UqOPpczo3Qso7XMvokzPxy1XRlfArEx8_H985w_NfTQhyq57kUlMqy4Tmb8Cm3j3pNTPH1xrDCRLu0VMkLyqu-cH6dNeDBMfzExa4IJw4gPKPeCLw2PTGljl_yda6DhZRv2Yg_aMNZskqdDvLLgzykis3AZzH8uBiv0HoUFYgl2Sp9BCmoLeLnCr9FaZSi-Nv_TAxd9qIKg22kYIKEDfrOXlmwcAOUvQ4xPXTEswmlbQxcjMAqXKkqbyt9U6UTYCKqkJSLR1P48VZjtYVpKy8xZ6ObQPPuEHWhcO4PO_w-lOcF42v-XwepHt3vWbHqZAmHAiYuFL1xNJgNOzCgr05fNF9jE9Gjo6oAB38-6oXRQqjILvGJQb5MLB-LWRa4WJ7YDqrmeSzihL0WZg5mLmXQtbFEFCTM_KlgX7pbn5rlnR0FfU-BPBhFHzb36SM3LgmacsJyQ1Ch2XKoGuLFOlw&sai=AMfl-YS9IuZyl9X-qMplbbHXHEBonPy_yIPrjdJDf5to5Ojf9yHT9XvM_NsZVhM-zKgu3vNxna6EBi-7F7JhuE6ZzrZr0rP60dQsKb8umjyWoOqQ08VOMYuI5PxFiGVLeg_HtY4tRbzUbyjMQOFPxUFxDZkjQKoPaKeOEJxMDSswxWeRzdbqof-zV8pDVC3SEfzR6h59noafJpk2tN15POp_--7w&sig=Cg0ArKJSzGkZs5P7UnPlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1480&vt=11&dtpt=1261&dett=3&cstd=218&cisv=r20220511.98297&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 08:40:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 183ms
61ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 17 May 2022 08:40:29 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1099
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=udopGHwrQUFqS1pXVFF2dDJCanQwMnZrUm5XakQvYUNTckc1WmttTTlGYXRlWHJRSWlJZWZ4b3BJV01mUW9tNnR0anJFYjhvcW9oS1lGQ2J6UEs3eC83a2ZwREJ5TTlNd2JFazlPSm5hdDlhTUZEVjVHcHBsbkJMek1aaG...

326 B
604 B

191ms
65ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=udopGHwrQUFqS1pXVFF2dDJCanQwMnZrUm5XakQvYUNTckc1WmttTTlGYXRlWHJRSWlJZWZ4b3BJV01mUW9tNnR0anJFYjhvcW9oS1lGQ2J6UEs3eC83a2ZwREJ5TTlNd2JFazlPSm5hdDlhTUZEVjVHcHBsbkJMek1aaGp6S0ZHa1JxeDcxWXM5VFBuVG1kQzdZK3RDM01PZVdOSk1xNXpXbkdrMGhQdGplZ2dqVGtSeWYxQkRjL0V4TndQWGJ5V2J4Q0FPUmhxeC9EaFB4M1RRRWZTS3JONHhLMGFrdUJEa1JLY1pEL1JTK3drb3RvPXw&cppv=2

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

27ae95ccd99b0a9c1ad3c8395d747bdd318276c369f3a8b4dbf0309082ef5860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:29 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2520
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:29 GMT
location: https://mug.criteo.com/sid?cpp=udopGHwrQUFqS1pXVFF2dDJCanQwMnZrUm5XakQvYUNTckc1WmttTTlGYXRlWHJRSWlJZWZ4b3BJV01mUW9tNnR0anJFYjhvcW9oS1lGQ2J6UEs3eC83a2ZwREJ5TTlNd2JFazlPSm5hdDlhTUZEVjVHcHBsbkJMek1aaGp6S0ZHa1JxeDcxWXM5VFBuVG1kQzdZK3RDM01PZVdOSk1xNXpXbkdrMGhQdGplZ2dqVGtSeWYxQkRjL0V4TndQWGJ5V2J4Q0FPUmhxeC9EaFB4M1RRRWZTS3JONHhLMGFrdUJEa1JLY1pEL1JTK3drb3RvPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1522
content-length: 482
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
614 B 192ms
61ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/459104/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

50c654b47d0aef4d6faa6a8a02ba9460ea674d7b039b939a1ef034beb62b609c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Tue, 17 May 2022 08:40:29 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 210ms
60ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 17 May 2022 08:40:29 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1118
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5743 43 B
215 B 130ms
129ms Image
image/gif 2600:1f18:1aca:4282:23ee:9932:eba:4db7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=1dd79d14-61fc-4835-38c9-bd8c6d62c230&tv=%7Bc:cRkwdC,pingTime:1,time:2347,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:1192,h:250,t:301%7D,%7Bpiv:100,vs:i,r:,t:1346%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1346,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1056~0,0~100%5D,as:%5B1056~1192.250%5D%7D%7D,%7Bsl:i,t:1346,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~1192.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:131,fm:t64X8nT+11%7C12%7C13%7C141%7C142%7C143%7C15*.996673-61756196%7C151%7C152%7C153%7C154%7C16%7C171%7C172%7C173%7C174,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:23ee:9932:eba:4db7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:30 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5743 43 B
215 B 129ms
128ms Image
image/gif 2600:1f18:1aca:4282:23ee:9932:eba:4db7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=1dd79d14-61fc-4835-38c9-bd8c6d62c230&tv=%7Bc:cRkwdD,pingTime:1,time:2348,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:1192,h:250,t:301%7D,%7Bpiv:100,vs:i,r:,t:1346%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1346,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1056~0,0~100%5D,as:%5B1056~1192.250%5D%7D%7D,%7Bsl:i,t:1346,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~1192.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:131,fm:t64X8nT+11%7C12%7C13%7C141%7C142%7C143%7C15*.996673-61756196%7C151%7C152%7C153%7C154%7C16%7C171%7C172%7C173%7C174,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:23ee:9932:eba:4db7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:30 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5743 43 B
215 B 130ms
130ms Image
image/gif 2600:1f18:1aca:4282:23ee:9932:eba:4db7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=1dd79d14-61fc-4835-38c9-bd8c6d62c230&tv=%7Bc:cRkwdD,pingTime:1,time:2348,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:1192,h:250,t:301%7D,%7Bpiv:100,vs:i,r:,t:1346%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1003,o:1346,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:301,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1056~0,0~100%5D,as:%5B1056~1192.250%5D%7D%7D,%7Bsl:i,t:1346,wc:0.0.1600.1200,ac:NaN.NaN.1192.250,am:sp,cc:0.0.1192.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~1192.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:131,fm:t64X8nT+11%7C12%7C13%7C141%7C142%7C143%7C15*.996673-61756196%7C151%7C152%7C153%7C154%7C16%7C171%7C172%7C173%7C174,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,metricId:publ1,cmr:t%7D&br=c
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:23ee:9932:eba:4db7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:30 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 bg-img--small.jpg
vsim.ua/bundles/twentyminutuamain/img/ 5 KB
6 KB 128ms
128ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/bg-img--small.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?8fd8bff1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?8fd8bff1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: nginx
etag: "5e4d36b1-1580"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5504
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 check Show response
vsim.ua/site_login/login/ 20 B
145 B 111ms
110ms XHR
application/json 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/login/check
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?8fd8bff1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9

Request headers

Accept: */*
Referer: https://vsim.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
cache-control: no-cache, private
server: nginx
content-type: application/json
x-dev: Desktop
x-cache: BYPASS
x-stat: 1

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 90ms
90ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 90ms
90ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?8fd8bff1
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

login_button.php Show response
www.facebook.com/v12.0/plugins/ Frame F88B
Redirect Chain

https://web.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbite...
https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbite...

31 KB
12 KB

104ms
104ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f49fa6016c2b8%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff36473cdf405dfc%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text&sdk=joey&size=medium&use_continue_as=true&width=250&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=6af42509cbfbcffa730ade656e75ddc9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97e69547c43269d87e6366c3b3b1733deb6998f0c62bf1a592a06d2911ad968e

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Tue, 17 May 2022 08:40:32 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: Xchoa4GVPvLnphiRbIdJFrBkJ4SUevMwnYs48kXNlv8XFirXumHisdlGqlzX8GeBzgRqHY+GMne1BzbWseSraA==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
date: Tue, 17 May 2022 08:40:32 GMT
location: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f49fa6016c2b8%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff36473cdf405dfc%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text&sdk=joey&size=medium&use_continue_as=true&width=250&_rdc=1&_rdr
strict-transport-security: max-age=15552000; preload
x-fb-debug: J/FSXMLbol9DFbSF1rWLqGPS80nkerQ32tDoxZjwECqeUfJARvhE8L+1aNliMkziVHj9thre0XOinXv+x+uZjw==
x-fb-zr-redirect: 02|1652863232|

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 426ms
303ms Stylesheet
text/css 2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eVSTwJTphrtXTzlwin3aPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-eVSTwJTphrtXTzlwin3aPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Tue, 17 May 2022 08:40:32 GMT

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 61ms
61ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 67ms
67ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 5144c74979805a7c98d675df19cba6e329b926a2.webp
vsim.ua/img/cache/news_rtp_small/news/0027/42/ 23 KB
23 KB 133ms
131ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/42/5144c74979805a7c98d675df19cba6e329b926a2.webp?hash=2022-05-16-21-53-07
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: b771de66266c1cf7afee45d537e5511a6a1ca03de024bdcc10601e736933861e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Tue, 17 May 2022 07:22:08 GMT
server: nginx
accept-ranges: bytes
etag: "62834d20-5bec"
content-length: 23532
content-type: image/webp

GET
H2 200 48e4b68a01fbea24151e7d434f7f60d3da3bdf70.webp
vsim.ua/img/cache/news_rtp_small/news/0027/43/ 28 KB
28 KB 194ms
192ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/43/48e4b68a01fbea24151e7d434f7f60d3da3bdf70.webp?hash=2022-05-17-10-48-58
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: ea961e5b976432d97794f2cda6959f69f329a9b48af249fdb0f4588e5a229503

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Tue, 17 May 2022 08:19:39 GMT
server: nginx
accept-ranges: bytes
etag: "62835a9b-6f1a"
content-length: 28442
content-type: image/webp

GET
H2 200 049de43c64ba0735211bf2ad5d368129e0656561.webp
vsim.ua/img/cache/news_rtp_small/news/0027/42/ 18 KB
18 KB 270ms
268ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/42/049de43c64ba0735211bf2ad5d368129e0656561.webp?hash=2022-05-16-17-45-50
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 0dc97951601e1860f7e7046bfc5e0e67cb790a996dfd6cef119020aedf5c8d3c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Tue, 17 May 2022 07:22:09 GMT
server: nginx
accept-ranges: bytes
etag: "62834d21-4968"
content-length: 18792
content-type: image/webp

GET
H2 200 8b22c7eecf106edceb629e3b149b3f0e099e714d.webp
vsim.ua/img/cache/news_rtp_small/news/0027/42/ 30 KB
30 KB 283ms
282ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/42/8b22c7eecf106edceb629e3b149b3f0e099e714d.webp?hash=2022-05-16-14-40-40
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 7f13aae4457f306d1bc52b3419331b3cdabc156840f4daabe8a89d1b97961423

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Mon, 16 May 2022 16:36:07 GMT
server: nginx
accept-ranges: bytes
etag: "62827d77-7706"
content-length: 30470
content-type: image/webp

GET
H2 200 b7834228dbe38b5c2f8a42fe43cea6f6f15db2ef.webp
vsim.ua/img/cache/news_rtp_small/news/0027/42/ 27 KB
27 KB 284ms
283ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/42/b7834228dbe38b5c2f8a42fe43cea6f6f15db2ef.webp?hash=2022-05-16-15-02-40
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: f68962710ecafb3b92553269029e303459a76ea97aa438c86190f1dbcf8afbe8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Tue, 17 May 2022 06:14:59 GMT
server: nginx
accept-ranges: bytes
etag: "62833d63-6a90"
content-length: 27280
content-type: image/webp

GET
H2 200 dc1e36fde2d46c46cba058ebbde7f0c041bdd226.webp
vsim.ua/img/cache/news_rtp_small/news/0027/42/ 16 KB
16 KB 311ms
310ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/42/dc1e36fde2d46c46cba058ebbde7f0c041bdd226.webp?hash=2022-05-16-15-23-50
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: ab44aedb67a6d649fa333bc831f41f28fb7913987207908caa2cc7ac28bc924d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Mon, 16 May 2022 14:10:33 GMT
server: nginx
accept-ranges: bytes
etag: "62825b59-408e"
content-length: 16526
content-type: image/webp

GET
H2 200 8acb5af2b7fb5ae01b33588d5224989ffc82144e.webp
vsim.ua/img/cache/news_rtp_small/news/0027/42/ 22 KB
22 KB 359ms
357ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/42/8acb5af2b7fb5ae01b33588d5224989ffc82144e.webp?hash=2022-05-16-14-28-17
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 412a06037684a8cfd633127a4aedf304445b3e090d3a584c8fda962fb1f97f4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Mon, 16 May 2022 13:11:57 GMT
server: nginx
accept-ranges: bytes
etag: "62824d9d-57ee"
content-length: 22510
content-type: image/webp

GET
H2 200 b9a9f8e4241b7834e1ed644f8e9d02c5f17c6561.webp
vsim.ua/img/cache/news_rtp_small/news/0027/41/ 23 KB
23 KB 372ms
371ms Image
image/webp 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0027/41/b9a9f8e4241b7834e1ed644f8e9d02c5f17c6561.webp?hash=2022-05-15-15-30-53
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 543a4e0d5d47bf0778c3c7b4cf0c14e4c963fa8b4fe9b850700ecd7b91362e8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Mon, 16 May 2022 13:11:57 GMT
server: nginx
accept-ranges: bytes
etag: "62824d9d-5d34"
content-length: 23860
content-type: image/webp

GET
H2 200 ps3LEjFUMch.png
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame F88B 441 B
716 B 57ms
56ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/ps3LEjFUMch.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f49fa6016c2b8%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff36473cdf405dfc%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text&sdk=joey&size=medium&use_continue_as=true&width=250&_rdc=1&_rdr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
x-content-type-options: nosniff
content-md5: bIdClDVUx2JypSkH1jl0jQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 441
x-fb-rlafr: 0
x-fb-debug: JcXw+/vcs0swDWvGBTO5SL79S6zSEoqrLaS/vwFq5Ru3TFyvWw+zaDSjoUy6HPueHLPnMyg5QV6NLnDdzC/fGw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 06 May 2023 09:28:42 GMT

GET
H2 200 QUXS7DOdKdi.js Show response
static.xx.fbcdn.net/rsrc.php/v3ixCr4/yp/l/uk_UA/ Frame F88B 526 KB
139 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ixCr4/yp/l/uk_UA/QUXS7DOdKdi.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df86c53a697dc444ab5a6ff5633e8234c2f970a3879b720c2725a950d7afaef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YrNIpwZ6ibzjI04Tfc97pw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 141647
x-fb-rlafr: 0
x-fb-debug: YyalPnCUHB9iL6S9hJlNx27YNg2LSRETm1TKaLierQKwtnzovdue3gFR5YRzsogN0rBN8TMjp2ZyeKeFE2i1iA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 17 May 2023 05:44:27 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/platform/ Frame F88B 67 B
99 B 79ms
79ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/platform/cavalry_endpoint.php?t_cstart=1652776832455&t_start=1652776832455&t_domcontent=1652776832463&t_layout=1652776832605&t_onload=1652776832605&t_paint=1652776832605&t_creport=1652776832605&t_tti=1652776832463&lid=7098622441321459484-0

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f49fa6016c2b8%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff36473cdf405dfc%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text&sdk=joey&size=medium&use_continue_as=true&width=250&_rdc=1&_rdr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: Em7X1e/kG1li0P+Dux1mkn+5QU+Nk3Y4dfXCOs6krcyFw/vrcLeE18VYMzMsn9eNpXGZIxAo3BwKJhYulkqv5g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 17 May 2022 08:40:32 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 84ms
83ms XHR
application/json 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0c709caf465bc5d5b8c471c8ed19fa25d74fce09000840e1809412347171929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 May 2022 08:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10666
x-xss-protection: 0

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 100ms
100ms XHR
application/json 2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=218226485810-uqk03eati6qp5glmb6e91f2u24152enh.apps.googleusercontent.com&as=QSTFolPBKek45eBTi2pe%2Bg

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06f7cd11c5df58d69f958dc918299dc474f227256128e4f75a6b822451624a75

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-u4zhnpdCgJa-G6g_Sp-lkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-u4zhnpdCgJa-G6g_Sp-lkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 77ms
76ms Font
application/octet-stream 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:28 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: HIT

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
461 B 92ms
92ms Image
image/jpeg 31.41.220.94
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?8fd8bff1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.220.94 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: nginx
etag: "5e4d36b2-11d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 285
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 69ms
69ms Font
application/octet-stream 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 17 May 2022 08:40:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0EC0 13 KB
5 KB 56ms
55ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 08:29:28 GMT
expires: Wed, 17 May 2023 08:29:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C665 783 B
537 B 176ms
64ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8611c5551b7dc1fff6237a89dffa29152d9f30f5ab82a02d6f585db3ed8accfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lLVlY4G9HPkROT5646a3Dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-lLVlY4G9HPkROT5646a3Dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 08:40:32 GMT
expires: Tue, 17 May 2022 08:40:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 362437226.jpeg
cdn.gravitec.net/images/users/1651162056492056576/ 4 KB
4 KB 60ms
60ms Image
image/jpeg 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1651162056492056576/362437226.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a7ba87ff08127253564f6d997be58f8e11109edf659f6677f6af8f8459a69d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 17 May 2022 08:40:32 GMT
last-modified: Wed, 05 Feb 2020 13:46:42 GMT
server: nginx
etag: "5e3ac742-e67"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3687
x-proxy-cache: HIT

GET
H3 200 NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EC0 35 KB
13 KB 62ms
60ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:29:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 08:29:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C665 0
0 100ms
99ms Image
text/html 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=2438363166328152&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0EC0 0
9 B 54ms
54ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2fXKzg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:40:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 103ms
103ms Image
text/html 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=2438363166328152&bg=!7-yl7KjNAAZX5TVhd-U7ACkAdvg8WvmnpNnqjYvgJAshcx5_naUw8joxCodr6n36s1YEF-lvprjKqQIAAABdUgAAAAFoAQeZAqLlfBxFSpm9eANLWWmfHdwW9-1FgQiTuGg9wVwYK7QWHlRDeKnIDUSlkrIGydqWXU4O9mWbX-3NSkx277HBq0OwN65eVHLf9hzeT68i8rfcwPzwMb3H3xtVmJ_bcsiUWRUD8HZTHtjKWYENciyrQrTO4KDOBH2oFP2qxiYTxu-rGM8Abe1GLjo9bC63bct57pyZO4n3fphdczkqlgiUfWRnh7wJ0InIFlHBBcl6gKunKDP9kabZ4Haqnequ53jyxWt_rAzo0LtFHzdPaQFc83CRi5COIdjs2H_2ZRtLkABaNMF6Dsloe3EYfOFMxWA4KY-EVG85AS5SQMouUAOBtI6BnkTYIsMcI80Z3zuQ1jw7H0SNJkIY2eU0zVfHzR5pHEJuN7nii0RzJ8ItNLmDtQQGcQ4DmsxfFBHMSwGrBbZ7nNvDmL4NtVUgvpz8o0TWbV2sIbxInBIU2HqviMn02cIbAIh4PqxqU5tmTmQbng9GljG9pA38TtyFxfr_ncr8F-z4wzMGgq8hQg9pqZB7KdCfT0EGgDH3CNUf6wO1HPsm3g5UBtf35hMESZR2T1C5nWdLTWNc138JW2u5n9Cup5puwmb9QAIADAqfE-GYFuC5lILEi01ftaIcyvgdfnFsDh3BYh_LxlivfDP54nDr6G1gWumOoskRl0ApxYBIVPXBh5_zBi-Nb7o4RWC2kU0TC_J7pEsbN2WRdd6BUoewncJJUSsZs6XsobPLwpWEOtcoZ0AurQCh6ylc-ULV2z-9yzZPEpy4R1QDtNTdnE9GfhZ3FgLj90-fwTbUDfjIN4zDRekv6yAteKt8K0RRu8VBQGo_5yGL5YV24IAd3w2HcjWiqUIoQ8E6RSJHx6ClJPznfujvuHf3R-ZWfbRxxxAl3V9FtQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dc_oe=ChMIvZ_VvJHm9wIVAZ53Ch09TgduEAEYACDusdVR;met=1;&timestamp=1652776837080;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame B3BA 42 B
494 B 220ms
90ms Image
image/gif 142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvZ_VvJHm9wIVAZ53Ch09TgduEAEYACDusdVR;met=1;&timestamp=1652776837080;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 08:40:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECs4rIecWhsLDB0ZUkRECKM&google_cver=1&google_push=AYg5qPL8TWp8IpT9KDnTBnAmcP-vKWvWs7iwvAY9TWtficnUZ1tNbxL73aBFe8RGdKs66c-R3g1S59qUQdKSdU0kIoQnBW4NjcvNcQ

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vsim.ua/	1970-01-20 03:06:17	Name: Value: undefined
.vsim.ua/	1970-01-20 05:15:52	Name: _fbp Value: fb.1.1652776825310.1400766762
vsim.ua/	1970-01-20 20:37:28	Name: GN_USER_ID_KEY Value: ff361818-d899-467c-9bd3-5c7e1290b2eb
vsim.ua/	1970-01-20 03:06:18	Name: GN_SESSION_ID_KEY Value: b99e077d-8420-4538-aa3e-d891a7c47a24
vsim.ua/	1970-01-20 03:06:17	Name: browser_id Value: 2a75395d-043d-43d1-a0e0-7a281af2be17
vsim.ua/	1970-01-20 03:06:17	Name: remp_session_id Value: 8e8fe25a-cd2d-4baf-aafe-92e0b960b274
.vsim.ua/	1970-01-20 03:06:20	Name: AMP_TOKEN Value: %24NOT_FOUND
.vsim.ua/	1970-01-20 03:07:43	Name: _gid Value: GA1.2.1977552066.1652776826
.vsim.ua/	1970-01-20 03:06:16	Name: _gat Value: 1
.vsim.ua/	1970-01-20 20:37:28	Name: _ga_0CS1NTGGLB Value: GS1.1.1652776825.1.0.1652776825.60
.vsim.ua/	1970-01-20 20:37:28	Name: _ga Value: GA1.1.1087232765.1652776826
vsim.ua/	1970-01-20 03:49:28	Name: _pbjs_userid_consent_data Value: 3524755945110770
.vsim.ua/	1970-01-20 11:51:52	Name: _pubcid Value: 929ad7e1-7dd8-487e-bace-2c5828ba728d
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-22 16:25:28	Name: E Value: AE5DwTBNQdV-w7Fq
.adnxs.com/	1970-01-20 05:15:52	Name: icu Value: ChgIq9pcEAoYASABKAEw-r6NlAY4AUABSAEQ-r6NlAYYAA..
.adnxs.com/	1970-01-20 05:15:52	Name: uuid2 Value: 6979120048267911693
a4p.adpartner.pro/	1970-01-20 04:32:40	Name: apuid Value: 8e72e8ea-6a1e-4b3b-bad0-fced2d4b3693
.doubleclick.net/	1970-01-20 12:27:52	Name: IDE Value: AHWqTUnmfuw-7wSiQi7M6tQ-5lTdKhbUlCXV9xGSDRUK3B-FvZ5LfIIBhJD0TJpw
.adnxs.com/	1970-01-20 05:15:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In6s$V9i!]tbPl1M>e)ZlrFUfJ+tGXxp$JO+iHVxB9+D2E:EC5dIjNE(NaaM?bn6U2bpRzqF1`baAMFJP=
.casalemedia.com/	1970-01-20 05:15:52	Name: CMPS Value: 1840
.casalemedia.com/	1970-01-20 11:51:52	Name: CMID Value: YoNfejwo.faGyoqOaHnN5gAA
.casalemedia.com/	1970-01-20 05:15:52	Name: CMPRO Value: 302
.casalemedia.com/	1970-01-20 11:51:52	Name: CMRUM3 Value: 2d62835f7b2760CAESEFoO8lSTY7E9C4RVoDNAqxI
.adtelligent.com/	1970-01-20 04:35:33	Name: vmuid Value: d08bb9014538e166
.adtelligent.com/	1970-01-20 04:35:33	Name: a307558 Value: 8e72e8ea-6a1e-4b3b-bad0-fced2d4b3693
.vsim.ua/	1970-01-20 12:27:52	Name: __gads Value: ID=a3786148bddd8064:T=1652776825:S=ALNI_MaS7v-FY7TE6dDA8GYorcn0coLwAw
.advertising.com/	1970-01-20 11:53:19	Name: APID Value: UP0097db10-d5bd-11ec-bf71-06c845b44618
.spotxchange.com/	1970-01-20 11:51:56	Name: audience Value: 00a53518-d5bd-11ec-ad1e-152b84bd0406
.quantserve.com/	1970-01-20 05:15:52	Name: d Value: ECoBCQGUJoEA
.quantserve.com/	1970-01-20 12:36:31	Name: mc Value: 62835f7b-dd6b8-dd327-5b110
.innovid.com/	1970-01-20 05:15:52	Name: uuid Value: 481576f0-8b73-47a6-9687-cf77ef7081be-20220517 04:40:27
.casalemedia.com/	1970-01-20 03:07:43	Name: CMST Value: YoNfemKDX3wA
.analytics.yahoo.com/	1970-01-20 11:51:52	Name: IDSYNC Value: 1762~24xk
.yahoo.com/	1970-01-20 11:52:14	Name: A3 Value: d=AQABBHtfg2ICECz3_F7B6nH5ByFmK1JgGz8FEgEBAQGwhGKNYgAAAAAA_eMAAA&S=AQAAApPJfB7s4sNigRcqeYk5_hI
.pubmatic.com/	1970-01-20 03:07:43	Name: KTPCACOOKIE Value: YES
.vtracy.de/	1970-01-20 05:15:52	Name: tr_id Value: vi-5b86e46e-2e84-4b75-a0be-7cf1ea605974
.vtracy.de/	1970-01-20 05:15:52	Name: tr_dt Value: 2022-05-17+10%3A40%3A28
.pubmatic.com/	1970-01-20 05:15:52	Name: KADUSERCOOKIE Value: 574F0455-C708-42B3-AE1D-D0BA4C08BA42
.rlcdn.com/	1970-01-20 11:51:52	Name: rlas3 Value: m3DQMAaTS10FDxQcvUWGd1EcIsqqCd62GbddLdw9I2I=
.rlcdn.com/	1970-01-20 04:32:40	Name: pxrc Value: CPy+jZQGEgUI6AcQABIGCOndKhAA
.vsim.ua/	1970-01-20 12:27:52	Name: cto_bundle Value: YISN_V9JWEFRRzhyZnREM3hySkwlMkJIYzlBWE5ibDhRdyUyQm13WGNseSUyRnNRTkY4bllvOUJ0azBINFIxNkhvRExtMzJkamdIdiUyQlRUOVBFSkNabjl5d0NYcjlZOFc4aEo5SnZ6YmtLRmd5RjBjdWhqTWZnJTNE
.vsim.ua/	1970-01-20 12:27:52	Name: cto_bidid Value: 6UK_T19TUTNzS3ZHQ3BQJTJGM2ElMkY2NmozMHdwZlpIVFZIUzBWUzUwNUc2b29WclYlMkI1QTJ3UnVyaE1RZWU5T3M2Z1puVnYyR1FhVWhUR095WWZ6ZW9pNHRTbVBQdyUzRCUzRA
vsim.ua/	1978-01-11 21:31:40	Name: subscriber_life Value: %7B%22order%22%3A%5B%22modal_mail%22%5D%2C%22modal_mail%22%3Afalse%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECs4rIecWhsLDB0ZUkRECKM&google_cver=1&google_push=AYg5qPL8TWp8IpT9KDnTBnAmcP-vKWvWs7iwvAY9TWtficnUZ1tNbxL73aBFe8RGdKs66c-R3g1S59qUQdKSdU0kIoQnBW4NjcvNcQ Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://leokross.com/vAW/aGeq.js Message: Failed to load resource: the server responded with a status of 504 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

910f36586688e0cfa971b11949fe548a.safeframe.googlesyndication.com
a4p.adpartner.pro
accounts.google.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
ag.innovid.com
ampcid.google.com
ampcid.google.de
analytics.google.com
api.gravitec.media
cdn.gravitec.media
cdn.gravitec.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
leokross.com
mug.criteo.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
player.adtelligent.com
prebid-eu.creativecdn.com
red.vtracy.de
rtb.openx.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.adtelligent.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
tracker_beam.20minut.ua
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
vsim.ua
web.facebook.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
googlecm.hit.gemius.pl
104.92.100.195
104.92.106.130
141.95.98.67
142.250.185.194
142.250.186.66
142.250.186.98
172.217.16.130
178.250.0.157
18.184.30.67
185.184.8.90
185.239.174.234
185.33.221.87
185.64.189.112
185.64.190.78
185.83.69.178
185.94.180.126
23.32.59.34
2600:1f18:1aca:4282:23ee:9932:eba:4db7
2600:9000:2491:9c00:8:48e:53c0:93a1
2606:4700::6810:7eaf
2606:4700::6811:180e
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::200d
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:828::2006
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9b
2a00:1450:4014:80f::2002
2a02:2638:1::13
2a02:6ea0:c700::2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:110:face:b00c:0:2
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d01c:1d8:8101:37a8:11c6:83f7:6fb7
3.125.222.121
3.126.56.137
31.41.216.82
31.41.220.94
34.98.64.218
35.227.252.103
35.244.159.8
35.244.174.68
45.133.44.3
46.249.52.249
51.83.220.94
52.174.47.89
52.213.107.111
62.149.0.72
63.33.35.114
69.173.144.165
79.171.117.17
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
00e5171602a902da6359ec7688c8037bf78381c63aff7c36feb6a4ef6f09c632
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
06f7cd11c5df58d69f958dc918299dc474f227256128e4f75a6b822451624a75
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc97951601e1860f7e7046bfc5e0e67cb790a996dfd6cef119020aedf5c8d3c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14e4699a9706867363ccdfcc60f64545b6529ff6eb4ce7b0072183b2acb20816
1609dd27e01cc07fbce250c080ed569c792b407e4bd8f4076e7f1f5407cd9aa1
1671067cd3dbc4d9bd94120e1f24ce195123451fa87547713a272485f9c34a1c
17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1
186dd2f66e9a8fb751284e86776d06802fcd3c46760e00c6cd66f44c02dae64d
18d8509d02245c258a26f079507a9d51aace7913eeca95f22181e7e712d5d7b2
1a33a2b15cd7456b22d3de882137248ceea7dad03ba85df84735744cabc36737
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935
20b2333b53836cf14a2dafa5bfdc32d066d0b5a8b6049035298cea4d07de8a73
217728f605bfda0948dfd79a630c382d14b50c6592b8d024f113c26f11281897
21a4ab10ad6c5865500e91771ec0ec1e9b7879f0942820c06b99f9218fe4ae66
23105282f1b70364eb7aa3d481d5285bd18228ad72ff36da755ed699be5d9f96
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
2488b6c3e67b8ec04994779823578a5d7b74a0d814bdee7049a62e9ec97166cf
2548b3c33485911111fe9e0f8a89a514b29812d5f27c2aef845ef4187a88b33f
255757ba2a4fe12802e822e6af4c79796febe88d160c8de9bd19d3232612c7b3
270afa1b13087c609baef1d8a4f7652ac5be30b175ff7f78822f8a2d9be5dee1
27ae95ccd99b0a9c1ad3c8395d747bdd318276c369f3a8b4dbf0309082ef5860
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29f85caddd77715cef90be8f3e959314ab0e423416acd7536f65eb91296ddb2d
2b5bdcda72eef5aa75de8bea3d4bbda4a50cb68632532068745b5369bcec1ef7
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2bd7df5c99615e79a156eb2e81f6f6f0ff72ed5085b80d95c2f88f7160f80304
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3414d844b632dcc5982746172c2039ae21fd9b974b6ba754c6b9ecbc3dabce2f
34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067
34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa
36146783665e9d945c68f46e534cc09aa8324ce84119759e7a19fcb969346c42
3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721
3ff86819995fbf8a21a0f47d80e21a6b6bdbbf1215b47a831f54778eaa563b01
412a06037684a8cfd633127a4aedf304445b3e090d3a584c8fda962fb1f97f4d
46cc7f9c67bf885b7fb26250ee5555a15bdac479e79b5e00ec9d4b513f3c237a
48876764c29f8d0fe52cf3ed564a88a1a5aa807395a35a45cfe69150653b0a13
4a2fead16364785698fd4a36e23dce37841f3caabc19df6977283485816be51a
4a7ba87ff08127253564f6d997be58f8e11109edf659f6677f6af8f8459a69d7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4be56378f088852b769323220eba98f29e53b97540f389527ed7e2678c903f0b
4dfc772abe5631af71b6fec7e21694ab8235dfecb5a2dab259180fdcf2abe3ca
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4f4bcbfca2de071c3d74e3aae1ab2c4df2533bea9bc5cbf0d1059f8c0512af
4e52b26b48dad0ceba58fabaa61a50167088c658243866f4356e85df897f5e7c
4f3f5fb04c2fd0f66e26278b8fae9f776bf4cc98310cc3623eebc06320389501
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50c654b47d0aef4d6faa6a8a02ba9460ea674d7b039b939a1ef034beb62b609c
543a4e0d5d47bf0778c3c7b4cf0c14e4c963fa8b4fe9b850700ecd7b91362e8a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b3c97fb5302afc874872d168b5a41aeb0840e53a4614e391e078d1139cc414
59cec7a8dae8e7559d3aa7c902e6b5044f785aeab19876b05b4b34fdc1d19636
5afaaa47bfc8416a483cd88e4324dd4d87147bc9ad8a2acb5df0dadc2d2eb974
5d847e85cd96409f0fd7162aaaedfd2f9c6998616824fa91977c0151c951693d
5ea717cca2b878742523fac75fe0037c265e93eb6a96057e685bc411ff833046
5ee58d63b466de0f67a216954ad930f8cfa99fcb23b97c3c27e9c714520d2fa6
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b
617cf3f9bbeac06edce1540552e3cd1b96d4f0c6b3c0abc3d5b4e7ff916f2c83
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d9841a97769ae784dca9c49a2e473b6a205604ff0ca8e1eed5fb78950a1aaf
6213cd0129652e667291c8eab50d09b789eabc9ba7c4fc973800c04546dd1318
67656b202a63c834a0a072643bad67ecd2b25edf681a8ec7e762d734af2a14fb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d49e78fd43f07b43ad0e59ce73addc99e9d65b72ab63b802f94ba8da87de005
732c52ae44b0d451d65948ce6ec9ada9d7e6506a0dbf9cceea18f43d812f0e2f
7379d47cbf147b3d98794cfc82cbe49bc0bff579e48af5de2c3370f7df1192fe
73ebd64cadc393ad477076e841f83f895e77d68d0262e4c4727d9d7412ff8c34
7638dfe37217455ef4d9cdbc22f81baa221a2214f4702906f83220057bb96a81
77192ec9a9016241441eb9b10647456b581601d9a3591ddea9225a62911a7898
7b9d55d1c0ae9b9197dcc675fd800d36df2ec219e883eed8386c8232b591c82f
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7d76d0ab3dfedd12f711bb20c8f2807628b17872264636734617b156e3914a04
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
7f13aae4457f306d1bc52b3419331b3cdabc156840f4daabe8a89d1b97961423
7f4f5cc9b91a08322dc060f418817a0ddc3698f5ff94508ee177e810e0aa0ff0
81366b8d555eac429c5b14198573523f55757a94d93d60c83980d38c00225e07
8180e8cd76a9a234ca5c58eb8253be65b893ac7b4c04bdd9c86e1ae934c931d3
81850bb9584cdbc8629b557b0a24b4e5ce04dabd7bba9bf2920403bf336b033a
84e3f698fdb534a505985d0eec4f6c9af15828703874cfb432147bfc34b5e003
8611c5551b7dc1fff6237a89dffa29152d9f30f5ab82a02d6f585db3ed8accfe
87a964d3ee57d64c5dfc1c04cadb738f8f6f87ede99e443201afa1715ac196b1
88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695
95216de95473b447c4734ea65bf9f8522a32c0685b041244f1d558952aad753d
9576eef29c62c781cbf8f09b52e8d8cabb6d722fcc401acb7066a26895b6fd05
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971
97e69547c43269d87e6366c3b3b1733deb6998f0c62bf1a592a06d2911ad968e
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9
9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6
9a7e36aaa9181f128dfc877190a075b2bc236dbbd0662833b6def460e16d09fb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0698e13a35d935ffba4fbc436471383a1ef29c3246fee5bd73c3941999b349
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9d355d98734b9724ce1261cf64834e3257c32c5130992c3aebdd84c8e4133aa1
9f0a2702bff0e0c90397d6d2e4f4aba9656e38bea1063ad88935ba676511df16
9f2e24b95c962fffb41eede228d0c5c7681cf9bc3dd3ece2440412ec4246d84e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04a09f6240b05134d4d6819f8c5beb55a5f8ca9ab95e16988ca54f45f0e8ee8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a16341cfbb6c51e9be3af2ef3d3f4fbf348d496694fc2256c4b854dadf783552
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b1a285d6553b5c380568c68a98210c6a028f6231ec63cc69c13e681f1c10be
a53ffff63d9ca78980d1dcd0d05654fa21696c7fae3f32aa1e830fba3669a23e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
a8fad7ea6d56c85bc473f0091aa9870e4a7db6609c037eac826ed00c68ea3fb3
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab44aedb67a6d649fa333bc831f41f28fb7913987207908caa2cc7ac28bc924d
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
ad3020772c580601a51fa9053ce4ca8155c12db4fc08d125852f951d30596fff
adf5e7c37f8621ab815d3b78f9f7fe3da104218bac09111b06ece7e1e17b0230
ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211
ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef231caad9876f19aba7e2abc99353c2a2f45b4fee982fd2ca7edc59978a8f4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1af20804edbd10d239624e004016abd6145eefe0eb2cd61b80967d241288cfe
b1f484070f3a01a04875ffb1e467f31eac8336a3456c807400b47f1c51f53a58
b269748b830ddb7c653459121a0b7735b1f2fd707c6e0e795676f378a855974e
b2a65a1e0a463a3071bc44279ce150a460a3ec8c69615776403706da3f00d001
b4e05219a918031b351cbbf52978d47b5bb356d33ed2a84e783b76d54159c5d7
b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e
b771de66266c1cf7afee45d537e5511a6a1ca03de024bdcc10601e736933861e
b886004cb28daff05dafdbc4267077298a878ca4baac91202e9a5c82314c2a8a
b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30
bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824
bbd2c89dea20c9f50a1d62c77b25b1e66a5b1cca76074f0b9927b3a47ddeb189
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c
bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1
bdb1e512901766c20e0fd5790076132833f7235aa03455bee3ba242641dd3309
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c0258b9d875d5ae4c5d76ccc1a60327957fb59c70a38528c4ed5c896f6caa78b
c07c4280af0101109ac899ccd91d9b539d927fe58ae715fdb58617aa54ca2bf5
c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762
c2bb39a297c41b95e937f63c4ed02994be8baa73eb0aa6b70e0a932966916b82
c6eb002be030feee5606908eda31af0f2fc5e9cfb811c12d233d42245606ea3f
c76b35838a5e9106de8fbd56ca152eb6e2aa5189e1e3c6448008c40ee41fb6df
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d55a0eef1b7d7586e1370b06194e85464271313ae775816d5cb062241bc8f615
d8a3d05871e4165d83238a392471e0c4309d6ac09e37b91aed712593e7a727c5
d9b946481c32f4369373d2e4a287d25404305f730eaf798f4355846d597f8f61
dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8
dea943b0e1e8c8f75024a39420b1449c0d9ccff493b4d2538ef6bf5a004d9b47
df86c53a697dc444ab5a6ff5633e8234c2f970a3879b720c2725a950d7afaef9
e248ccf39aee781866abb6a97023d16144fb3394017395b0594174c9f1904a2b
e2fa9f11d8500691a31d8d2c4edcdcce235325f668ec0540de3c7a988d44ca92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8013b66e24a0010e55aeeb13b5b86c630e17928333b40ad89194f068a954a50
e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7
e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8
e9c5debd991646f8914a934d73a168313f43a10e008c90543525f82c26071bb5
ea961e5b976432d97794f2cda6959f69f329a9b48af249fdb0f4588e5a229503
eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571
eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efeed59204d2eb15bc97b127681e3cfe55684a996433151d37dbe0550a89a505
f0c709caf465bc5d5b8c471c8ed19fa25d74fce09000840e1809412347171929
f11172b57df67c7b2e272803e6e949fafd06fc5aeabda8fb4c2563f67f3d645f
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f2d7b8e516d05fe8101b125622e38dcf3c32e36f453562b4201cfbceba7eac69
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68962710ecafb3b92553269029e303459a76ea97aa438c86190f1dbcf8afbe8
f96c607e65e9265b8426aa1e30a0c7fa19dcfe5147a488c985df06787b10b61e
fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0
fa790aa2667f45ccaceb5fdc2f784c856eb3d4ac5a3e8ba5b2aacec8c8b2722b
ff8ee484702e9be09b4ec43650677da1ed18e0b9a939ed85b2e640da7203a67e

vsim.ua Open in urlscan Pro 31.41.220.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

283 Requests

91 %HTTPS

46 %IPv6

43 Domains

70 Subdomains

57 IPs

9 Countries

4981 kBTransfer

10847 kBSize

44 Cookies

13 Outgoing links

Page URL History

Redirected requests

283 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vsim.ua Open in urlscan Pro
31.41.220.94 Public Scan

Screenshot
Live screenshot

Full Image

283
Requests

91 %
HTTPS

46 %
IPv6

43
Domains

70
Subdomains

57
IPs

9
Countries

4981 kB
Transfer

10847 kB
Size

44
Cookies

283 HTTP transactions
5 data transactions