urlscan.io logo urlscan.io
SecurityTrails logo

znaj.ua Open in urlscan Pro
2606:4700:20::681a:12a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://znaj.ua/
Effective URL: https://znaj.ua/
Submission: On March 28 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 12 countries across 37 domains to perform 220 HTTP transactions. The main IP is 2606:4700:20::681a:12a, located in United States and belongs to CLOUDFLARENET, US. The main domain is znaj.ua. The Cisco Umbrella rank of the primary domain is 501046.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 5th 2022. Valid for: 3 months.
This is the only time znaj.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:20:... 13335 (CLOUDFLAR...)
20 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 193.239.68.97 39468 (BIGMIR-IN...)
1 4 146.59.10.80 16276 (OVH)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
1 146.59.30.104 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
9 137.74.6.209 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
1 84.17.46.53 60068 (CDN77 ^_^)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1148:db0... 47764 (MAILRU-AS...)
2 37.157.6.252 198622 (ADFORM)
1 8 185.33.221.91 29990 (ASN-APPNEX)
5 2602:803:c003... 26667 (RUBICONPR...)
2 178.250.2.131 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 52.18.8.201 16509 (AMAZON-02)
1 4 52.18.137.235 16509 (AMAZON-02)
4 12 142.250.185.226 15169 (GOOGLE)
3 5 2.21.141.232 16625 (AKAMAI-AS)
2 2a02:2638::3 44788 (ASN-CRITE...)
5 2600:9000:214... 16509 (AMAZON-02)
24 52.55.129.5 14618 (AMAZON-AES)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 142.250.185.230 15169 (GOOGLE)
1 178.250.2.146 44788 (ASN-CRITE...)
28 2a00:1450:400... 15169 (GOOGLE)
1 1 169.50.137.182 36351 (SOFTLAYER)
1 15.197.193.217 16509 (AMAZON-02)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.155.156.184 1299 (TWELVE99 ...)
1 35.227.252.103 15169 (GOOGLE)
2 2 192.82.242.209 62713 (AS-PUBMATIC)
2 2 216.52.2.48 29791 (VOXEL-DOT...)
2 142.250.184.194 15169 (GOOGLE)
2 2.21.141.148 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
2 3 52.95.126.160 16509 (AMAZON-02)
2 4 69.173.144.139 26667 (RUBICONPR...)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
2 3 52.46.154.242 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
220 52
13    2606:4700:20::681a:12a (United States)

ASN13335 (CLOUDFLARENET, US)
znaj.ua
20    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2606:4700:3031::ac43:b689 (United States)

ASN13335 (CLOUDFLARENET, US)
aixcdn.com
c.aixcdn.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
4    146.59.10.80 (France)

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu
gaua.hit.gemius.pl
4    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
s.getstat.net
1    2606:4700:3030::6815:2157 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.getpush.net
10    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu
ls.hit.gemius.pl
1    2a00:1450:400c:c01::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro
a4p.adpartner.pro
5    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com
cdn-b.notsy.io
3    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
7    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
2    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
adx.adform.net
8    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
5    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    52.18.8.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-8-201.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
4    52.18.137.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-137-235.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
12    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
5    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    2600:9000:214f:7800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
24    52.55.129.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-129-5.compute-1.amazonaws.com
dt.adsafeprotected.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
28    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2a05:d018:d29:3602:db48:771c:2f3c:bf0a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    213.155.156.184 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    192.82.242.209 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2.21.141.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-148.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
35 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 660
pixel.adsafeprotected.com — Cisco Umbrella Rank: 521
static.adsafeprotected.com — Cisco Umbrella Rank: 500
dt.adsafeprotected.com — Cisco Umbrella Rank: 458
226 KB
35 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
357 KB
29 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
ad.doubleclick.net — Cisco Umbrella Rank: 181
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
286 KB
28 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
838 KB
15 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 412
eus.rubiconproject.com — Cisco Umbrella Rank: 503
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
token.rubiconproject.com — Cisco Umbrella Rank: 595
18 KB
13 znaj.ua
znaj.ua — Cisco Umbrella Rank: 501046
315 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
acdn.adnxs.com — Cisco Umbrella Rank: 523
61 KB
9 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 49976
10 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 57
2 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1352
s.amazon-adsystem.com — Cisco Umbrella Rank: 260
5 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
4 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 689
gum.criteo.com — Cisco Umbrella Rank: 347
mug.criteo.com — Cisco Umbrella Rank: 3185
7 KB
5 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3345
adservice.google.co.uk — Cisco Umbrella Rank: 5368
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
122 KB
5 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 38887
ls.hit.gemius.pl — Cisco Umbrella Rank: 11780
15 KB
5 aixcdn.com
aixcdn.com — Cisco Umbrella Rank: 424800
c.aixcdn.com — Cisco Umbrella Rank: 485324
12 KB
4 getstat.net
s.getstat.net — Cisco Umbrella Rank: 439262
9 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ads.yahoo.com — Cisco Umbrella Rank: 816
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
40 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
1 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 571
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4364
726 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
63 KB
2 adform.net
adx.adform.net — Cisco Umbrella Rank: 4064
960 B
2 mail.ru
ad.mail.ru — Cisco Umbrella Rank: 8938
761 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 434
709 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 565
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1359
351 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
265 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 707
711 B
1 gstatic.com
www.gstatic.com
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
643 B
1 notsy.io
cdn-b.notsy.io — Cisco Umbrella Rank: 99101
102 KB
1 getpush.net
cdn.getpush.net — Cisco Umbrella Rank: 157430
18 KB
1 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 102340
425 B
220 37
Domain Requested by
28 s0.2mdn.net znaj.ua
s0.2mdn.net
24 dt.adsafeprotected.com 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
20 pagead2.googlesyndication.com znaj.ua
pagead2.googlesyndication.com
6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
tpc.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
tpc.googlesyndication.com
13 znaj.ua znaj.ua
12 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
9 a4p.adpartner.pro znaj.ua
a4p.adpartner.pro
cdn-b.notsy.io
8 ib.adnxs.com 1 redirects cdn-b.notsy.io
googleads.g.doubleclick.net
acdn.adnxs.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
znaj.ua
6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
www.googletagservices.com
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
5 static.adsafeprotected.com 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
pixel.adsafeprotected.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 fastlane.rubiconproject.com cdn-b.notsy.io
5 www.googletagservices.com aixcdn.com
googleads.g.doubleclick.net
6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
fw.adsafeprotected.com
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 2 redirects
4 pixel.adsafeprotected.com 1 redirects 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.co.uk pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 s.getstat.net znaj.ua
4 gaua.hit.gemius.pl 1 redirects znaj.ua
gaua.hit.gemius.pl
4 aixcdn.com znaj.ua
aixcdn.com
3 s.amazon-adsystem.com 2 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 www.google.com znaj.ua
6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 www.google-analytics.com znaj.ua
www.google-analytics.com
a4p.adpartner.pro
2 eus.rubiconproject.com cdn-b.notsy.io
eus.rubiconproject.com
2 acdn.adnxs.com cdn-b.notsy.io
2 googleads4.g.doubleclick.net znaj.ua
2 ap.lijit.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net cdn-b.notsy.io
static.criteo.net
2 fw.adsafeprotected.com 1 redirects 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
2 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bidder.criteo.com cdn-b.notsy.io
2 adx.adform.net cdn-b.notsy.io
2 ad.mail.ru cdn-b.notsy.io
1 px.ads.linkedin.com
1 id.rlcdn.com
1 ads.yahoo.com
1 rtb.openx.net 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
1 match.adsrvr.org 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 mug.criteo.com
1 ad.doubleclick.net www.googletagservices.com
1 c.aixcdn.com znaj.ua
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 cdn.jsdelivr.net cdn-b.notsy.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.co.uk znaj.ua
1 cdn-b.notsy.io aixcdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 cdn.getpush.net znaj.ua
1 c.bigmir.net znaj.ua
220 59
Subject Issuer Validity Valid
znaj.ua
Cloudflare Inc ECC CA-3		 2022-03-05 -
2022-06-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
c.bigmir.net
R3		 2022-02-07 -
2022-05-08		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
adpartner.pro
R3		 2022-01-10 -
2022-04-10		 3 months crt.sh
cdn-b.notsy.io
R3		 2022-03-22 -
2022-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh

This page contains 26 frames:

Primary Page: https://znaj.ua/
Frame ID: B74D6A08A9188237C8EF110E3D6CEFA2
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html
Frame ID: 6AC87A22297D46DF5D5B4E16DEC11E34
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: FE32B0EA6D127162F22787B1DCB20644
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9456088057484970&output=html&adk=1812271804&adf=3025194257&lmt=1648434017&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fznaj.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648434953099&bpp=2&bdt=252&idt=238&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3613222913015&frm=20&pv=2&ga_vid=205890853.1648434953&ga_sid=1648434953&ga_hid=987497702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065832%2C31065787%2C31065551%2C31065654%2C31064019&oid=2&pvsid=2418174385814951&pem=335&tmod=1349050498&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=251
Frame ID: 8E68D8E9451075FD2FAF5838243D4052
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=2c2cf7fb-ed1f-4238-a855-e389992d1f3e&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F&referer=
Frame ID: BE108ACF0B0886E1448AF60AD8E695B8
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=22249427655074204&apuid=05fa5243-bd9b-439c-91c0-eb0c149c11a6&session_pageview=1&session_id=2c2cf7fb-ed1f-4238-a855-e389992d1f3e&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Frame ID: B568D03CBDBB19C4A365D09F074D72CB
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252205fa5243-bd9b-439c-91c0-eb0c149c11a6%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Frame ID: ED6E20300AA304238912621FCF3F1968
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252205fa5243-bd9b-439c-91c0-eb0c149c11a6%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Frame ID: 6930A77318298CFE16DA93CA8937484C
Requests: 1 HTTP requests in this frame

Frame: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CEA5074393064ED508C5E92ED780418D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
Frame ID: 80840F060FA3A9D401A9826C0DE6FC93
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Frame ID: C5948D98A7A574009C4A4CD48CBE7BAA
Requests: 1 HTTP requests in this frame

Frame: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D5DE93C18DDFA64BB5A7E9B27AAB9667
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhjT7ve0ATAB&v=APEucNV6cMrWEW5HxIlu7Ba5DXcZwpM4506R-FNlar8V_KyDrvkrLAfv6AEZymSDvlSeofYr36AAj000SKwYxlvVSvKNtRuGBQgohW4BHBqb05zOPhmAsOcIlUr05bjdPdkbO5tIIjN6D9tHs-gmTnSwQy9_QS1de6HUyQ0luQG8pkjFepG1iQ0
Frame ID: 95C82564AFB376DB645C6961D787BCDF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 745B2917018767FAD84C5B7ED6196922
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0FE250DE0567A959E0A9B01E555181BC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E6AC571E93F4A3CDF30D8CD795E414FC
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 03EA9B4C45AED032866DEA7506F9A953
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=znaj.ua
Frame ID: 25A4441ABAC02BE8322C67DC52381351
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A9858E5CFDAB8C635CC9EFE8BE4FB36D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 11B9AC9A2F46727EA6160903D36CF7A8
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 6406FEE923447AD235316AACA15B0C91
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 1774CB2B3DE2AAF6E01C69933C7DA9D3
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Frame ID: 47C5AE6DEAB9D8C4DA435D21BB48D448
Requests: 27 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B697B591E7A8658C15DB721B0194EC2E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EF13BA13B0337775C3739E99E8DF538C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8021BF6A0FC6F69C306461A27C77CDE9
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Свіжі та актуальні новини України, Києва та світу. Znaj.ua

Page URL History Show full URLs

  1. http://znaj.ua/ HTTP 307
    https://znaj.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

220
Requests

91 %
HTTPS

47 %
IPv6

37
Domains

59
Subdomains

52
IPs

12
Countries

2518 kB
Transfer

5612 kB
Size

47
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://znaj.ua/ HTTP 307
    https://znaj.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://gaua.hit.gemius.pl/_1648434953352/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=231&lsdata=VZB2mHGI7NDx8Yx6mBEns42wrOsO4jy8t_FsR6Z5gjr.i7R9MEBHaKzWrC8os5Rr.b8ItmU5m9GLhXWXfh2q4l57RAaK/VaXIo9DJ4oYD8/&fpdata=Cj0sFXoDVHLw858KPBb6l0Vn18fqMaOFaQZcCCPaj9n.s7&vis=1&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1648434953352/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=231&lsdata=VZB2mHGI7NDx8Yx6mBEns42wrOsO4jy8t_FsR6Z5gjr.i7R9MEBHaKzWrC8os5Rr.b8ItmU5m9GLhXWXfh2q4l57RAaK/VaXIo9DJ4oYD8/&fpdata=Cj0sFXoDVHLw858KPBb6l0Vn18fqMaOFaQZcCCPaj9n.s7&vis=1&fpcap=
Request Chain 107
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbW3dYs-rajIaxWfuW2GyU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbW3dYs-rajIaxWfuW2GyU&google_cver=1&C=1
Request Chain 108
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkEfCnGGfxFxcBxShgQTywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbW3dYs-rajIaxWfuW2GyU&google_cver=1
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOkfXVz7z3IBMS5rqx0YfTM&google_cver=1
Request Chain 110
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTU5NTIxODM4MjUwMDIwOA%3D%3D
Request Chain 119
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/823392/57133300/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fznaj.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8d7c4181-d4f3-ab9e-4b82-387c39fb3950,c:87us3i,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67cb66fbd5-28d5w,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.823392-57133300%7C191%7C192%7C1a1%7C1b,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:ca85032c-ae3f-11ec-b9e2-863b8a642467,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 132
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=znaj.ua&sn=ChromeSyncframe&so=0&topUrl=znaj.ua&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ZdBIW3w2cG1DZTFnc2xPQWxUQ1VaUGFGK3kzUXVwMEluWmk1U0lJTnhsZCtqUGJCNnhIQmtOVkVkRG5qK3FFMUprRTFzbDVta0wvZlRpZUtvMytSdFpZaFpJWmxpZkErTTNjWkhJZUFJVDVZL0NhTDRGVk9RbjRXcnAzRzRpbnlxb0kvYXZmazBFRkY1a2tJM08vTGZVZWZERElINmF1Nm1kRGJ6QXdDak8wMG5uUlZRbHdJZTNhNmZsaUZTVTU1RUhBeDNYQWU5dTNrdzM5M0RMUnB5bHV5MEdaOWFYZjBKTEh2NUhLTEVvQ1luWGQ2T284ZG5aTURhbGdWcTBWVG1QSWRLd2ZYYTdxNzFxQzZPREpuN0gydGkvdz09fA&cppv=2
Request Chain 140
  • https://um.simpli.fi/gp_match?google_gid=CAESEOkhsYw-fyQl2D9IL4LFcoQ&google_cver=1&google_push=AYg5qPJ2UTi9YFMUdMToK5pWFbLsaMixZeVqz2F4KCTFe3_LQcxj1M5vDb5Cch__bsxhaYSkAny2h_TONWf0cZ9u9g0Sp8BF9En8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=985CAC98AAD5417597FA8D9FB3B918C0&google_push=AYg5qPJ2UTi9YFMUdMToK5pWFbLsaMixZeVqz2F4KCTFe3_LQcxj1M5vDb5Cch__bsxhaYSkAny2h_TONWf0cZ9u9g0Sp8BF9En8
Request Chain 142
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOICRJqMbyi2EHHRiSq7cNk&google_cver=1&google_push=AYg5qPKiHLOUrmjmYIfEliNNqWju2B1Ku6eAsIv2A-HCZij9lrFQYwqgykV4yIVual30h94aPmA6VqFmiG71hHD8EutyIPr6qB1UYQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKiHLOUrmjmYIfEliNNqWju2B1Ku6eAsIv2A-HCZij9lrFQYwqgykV4yIVual30h94aPmA6VqFmiG71hHD8EutyIPr6qB1UYQ&google_hm=NTM3NTMyODA4MTM2MDc3NDY4Ng%3D%3D
Request Chain 143
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFzGN_1hGf_kqfDZ_UjGjnU&google_cver=1&google_push=AYg5qPLIrqZa0eR3jTwUuzfJTWPCLUMaZ5iYsJGtFHkZteNpBP7-8x997eVN9rGfENi1rMPEyMtnl_AgJN_COj_22SExZauWUa75Mw HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFzGN_1hGf_kqfDZ_UjGjnU&google_cver=1&google_push=AYg5qPLIrqZa0eR3jTwUuzfJTWPCLUMaZ5iYsJGtFHkZteNpBP7-8x997eVN9rGfENi1rMPEyMtnl_AgJN_COj_22SExZauWUa75Mw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLIrqZa0eR3jTwUuzfJTWPCLUMaZ5iYsJGtFHkZteNpBP7-8x997eVN9rGfENi1rMPEyMtnl_AgJN_COj_22SExZauWUa75Mw
Request Chain 145
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ0QM_Qw1ElqlEldTaXoLuo&google_cver=1&google_push=AYg5qPJV7sMs8kZHmK6YXAfvXKfiv-s7WVt5AswAkWDNqL9MliCtjvAgBVISIWzHTUFuN3KA3OJrrByi-8udJ_6gLpIwQGt8B5Bw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ0QM_Qw1ElqlEldTaXoLuo&google_cver=1&google_push=AYg5qPJV7sMs8kZHmK6YXAfvXKfiv-s7WVt5AswAkWDNqL9MliCtjvAgBVISIWzHTUFuN3KA3OJrrByi-8udJ_6gLpIwQGt8B5Bw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Di99Fh7aSFORBIFRa6gcEg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJV7sMs8kZHmK6YXAfvXKfiv-s7WVt5AswAkWDNqL9MliCtjvAgBVISIWzHTUFuN3KA3OJrrByi-8udJ_6gLpIwQGt8B5Bw
Request Chain 146
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFUB4rsenI0NegcgeQ5_HAA&google_cver=1&google_push=AYg5qPJFBl0JqzGYi0mEoy6IYcj1aThzI17xMCtN1EVzvqubc5Ht39_mArkVBkeOR1SMjWb2WomQzINoxA0ah8m13Q_nrPcIxx3lig HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFUB4rsenI0NegcgeQ5_HAA&google_cver=1&google_push=AYg5qPJFBl0JqzGYi0mEoy6IYcj1aThzI17xMCtN1EVzvqubc5Ht39_mArkVBkeOR1SMjWb2WomQzINoxA0ah8m13Q_nrPcIxx3lig&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJFBl0JqzGYi0mEoy6IYcj1aThzI17xMCtN1EVzvqubc5Ht39_mArkVBkeOR1SMjWb2WomQzINoxA0ah8m13Q_nrPcIxx3lig&google_hm=29c061e90978d3610aef1b23
Request Chain 149
  • https://pixel.adsafeprotected.com/rfw/st/653659/57061276/skeleton.js?adsafe_url=https%3A%2F%2Fznaj.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:a7b373bb-6988-ac04-1edd-fcdabcfa46c1,c:87usbP,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-67cb66fbd5-5fqrl,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:95,fm:t1l74Wb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.653659-57061276%7C191%7C192%7C193%7C194%7C195%7C1a%7C1b%7C1c,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:110,oid:ca821d51-ae3f-11ec-baa1-3213c2ff0bf8,v:19.8.299,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 213
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iHIAjvuCR2eF4o9wJM35cQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iHIAjvuCR2eF4o9wJM35cQ
Request Chain 214
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2UxZTYxMTBmMTUxZWRlNTU5Y2Y1NTk4MTM4N2YyOGEwZTY1NjAxOA
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOET7KfkqHlDEmRnGlcsMJo&google_cver=1
Request Chain 216
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/e_DdN35-881KBYndfdqZG8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5375328081360774686
Request Chain 217
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1A3LYPR-14-1LCD&sigv=1&esig=2~d2b62936421cae98e6dd931c901788b91017d43b
Request Chain 219
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OvehF35TRySq1xD15Ofopg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OvehF35TRySq1xD15Ofopg
Request Chain 220
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1A3LYPR-14-1LCD

220 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
znaj.ua/
Redirect Chain
  • http://znaj.ua/
  • https://znaj.ua/
302 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7d0e001e72449df8469b767d4d13470ac5cde61f7ca4d732bc774935f82e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Mon, 28 Mar 2022 02:35:52 GMT
content-type
text/html; charset=UTF-8
cf-ray
6f2cf996ca2b374f-MXP
cache-control
no-cache, private
last-modified
Mon, 28 Mar 2022 02:20:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache-status
MISS
x-content-type-options
nosniff
x-xss-protection
1; mode=block
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DS%2FTLJvCkjzcwgH3f%2B4kNaIsNLfBEzVOhgg6pqmC%2F1eGmmPEI5J2Bm9OkPR3HXy1n%2Bvd7QaiivP%2BF%2FXi8skHph702IXfZ3qpZHY7x9U70kxGwbbNVBhpPyK5DTJEw4qnjvXigPI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location
https://znaj.ua/
Cross-Origin-Resource-Policy
Cross-Origin
Non-Authoritative-Reason
HSTS
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9456088057484970
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2582def473c384f21e7f488398e48a2b07e615b559f21c197f225d78a7755f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://znaj.ua/
Origin
https://znaj.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53830
x-xss-protection
0
server
cafe
etag
11625719304466911266
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Mar 2022 02:35:52 GMT
YB3E7pyg2MmxpBLNSYkt2d7WhyOKEA37kFNAMvjW.jpeg
znaj.ua/crops/423455/150x100/2/0/2021/12/25/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://znaj.ua/crops/423455/150x100/2/0/2021/12/25/YB3E7pyg2MmxpBLNSYkt2d7WhyOKEA37kFNAMvjW.jpeg
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8e3eca57ab39a3daa2a809c15c2675cbd120f0bd64cb82f89180f9a50f16563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=5912, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5806
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Sat, 25 Dec 2021 09:41:52 GMT
server
cloudflare
etag
"61c6e760-1718"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BY%2FMgMSrIn4874Yrqm1gCcQc8Sa57lM%2BGurvOvRvzCe12TdGNBa2ySwnDnJ2HIGPgMFo15WI2sr1%2FbK3RQRKMBQRhzVvzxjpw5TSv%2BdRB334XJrD%2Fvvt%2F8p1OYEeIKBtZugDw8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6f2cf9979a8a374f-MXP
cf-bgj
imgq:100,h2pri
ukraine.png
znaj.ua/img/ 		702 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://znaj.ua/img/ukraine.png
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be73820642834b6bb64d9a5f252aa97581c362366dc129e650d8c6f19a428979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1599442
cf-polished
origFmt=png, origSize=992
content-disposition
inline; filename="ukraine.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
702
pragma
public
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Wed, 09 Mar 2022 13:29:35 GMT
server
cloudflare
etag
"6228abbf-3e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFRRL3f4tr2WYOkAhSkHY8RlispvZ%2FVa2sTRWsoAGS9rI1JtYI7iHuU8rDws0f0XRR2OGDupLUCbCDrAUohE1Ex2L%2FFXsPIwm%2F0RdVZ6KwOjYT1hGja%2BDEUisYGN2U1uFSextRw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
Accept
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6f2cf9979a8c374f-MXP
cf-bgj
imgq:100,h2pri
truncated
/ 		125 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7822ab0c944ab5defc5a0af4abd345fde1b54118332d943da596c3d3dbeb2dfe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		125 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c47d0e9361abb627329fb9187d30d3647a38c2ef9908b7f2a49fc5219028937

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
app.js
znaj.ua/desktop/js/ 		90 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://znaj.ua/desktop/js/app.js?id=f13d9d3b121596546fe3
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13f878522940cf9d1cdabbee896f915a0c232ee234e7617c3ac0b9e21d9b9c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
990862
cf-polished
origSize=92589
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Tue, 22 Feb 2022 19:51:17 GMT
server
cloudflare
etag
W/"62153eb5-169ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rmit5L5AWa%2BYv%2BXwb%2BGCe9YswZ3hG7C99tH08QZ2y1JCMFwFbb8vav7q0aW7CbqvEIhp3arB8EXKkXkDC7%2BxUxZeovg97xY0Ul4soLvOgL%2B5M3mZECF8gLc1WxHDEJj%2BkeaNWFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
max-age=315360000, public
cf-ray
6f2cf997eac4374f-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
client.js
aixcdn.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aixcdn.com/client.js?164844
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5152
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 29 Dec 2020 15:59:22 GMT
server
cloudflare
etag
W/"5feb525a-5a3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FICev6GpF52w82HWIl3S6iX53VDqcozdfaKaOhhfQCO5EWQnIrRhBElEyJusto%2B2lqjCcNhLjhRFHEm7vMLElO2oCwxt7xDlkJMuSkn0r2yErcq80i8ADtFhv7UVOKxd4ug5iiTjlEF2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
6f2cf998dd6a59a1-MXP
expires
Mon, 28 Mar 2022 03:12:22 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1867
date
Mon, 28 Mar 2022 02:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 28 Mar 2022 04:04:46 GMT
/
c.bigmir.net/ 		134 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bigmir.net/?o1&v16952272&s16952728&t0&c1&n985729&w0&y0&d24&r1600
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
b70842d1c59f123765a155d67887ed488808473a0dfdd119b4947593b542b948

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
xgemius.js
gaua.hit.gemius.pl/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 07:51:19 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10838
expires
Mon, 28 Mar 2022 14:35:53 GMT
client.js
s.getstat.net/cdn/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.getstat.net/cdn/client.js
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6063
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Sep 2021 10:04:24 GMT
server
cloudflare
etag
W/"6141c528-3e9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgCOtWP3TnxZZ9Ylvpy%2Bci3gRwDwYL7DC0h7aK%2FGiQcT%2FT%2BXYV8eOmwEMjoTAhQQNxHccq4bUwwzMgR63KaF7daeiM17DO5Y9P2fcGsglBqSK5Att5JbEV6BJ83se4TQjxaDK5LVpt%2BVXOnA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
6f2cf998de7f5a1f-MXP
cf-bgj
minify
client.js
cdn.getpush.net/s/a3wlzukx2m98q0dibqkeatbvdtkkd9sy/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getpush.net/s/a3wlzukx2m98q0dibqkeatbvdtkkd9sy/client.js
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc99e68ac6a91cd40f81ad5efb3029ab8304cf7785ae5bec124ccf6e79dd10fb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
EXPIRED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 28 Mar 2022 01:35:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tn4u7qqf%2BGlxxlLj9lm%2BQZ7sqULcYu63pfvOC21AWi5qO1dqK%2FM%2BN8MAdT9p4yjhNCK7WDZ5rF97l9wrqut1ZN5BFHTVUo%2BSzGCKjPNDMfXJugGOaFIPe9grCSmPIj3TqK6Jm3VSjf0ASRXoX5c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://znaj.ua
cache-control
max-age=14400, public
cf-ray
6f2cf998c9f80f56-MXP
cf-bgj
minify
ypMMRXZS6IYV8aU1y6BAlUYW2lj2GxIEau9SP0PG.jpeg
znaj.ua/crops/3575d4/150x100/2/0/2021/07/29/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://znaj.ua/crops/3575d4/150x100/2/0/2021/07/29/ypMMRXZS6IYV8aU1y6BAlUYW2lj2GxIEau9SP0PG.jpeg
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59cb6298a34f7cd13f987577761aa4c2ca71e7e57658361e5d3258d75751b30c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=4691, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4578
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Thu, 29 Jul 2021 10:04:11 GMT
server
cloudflare
etag
"61027d1b-1253"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42HB66tQxxJ%2FoLafbJQbjc88C1CAhUpqtUCEEjd0N1lUY3Hxh7WhZZ%2FlqBUceAF3W%2BrFkB%2BTN1on42jy2c5QcGFh4VLNOjgUtS6fuHwcdhc288oKEvTBMVWyoXy3Z1QcLopzQfg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6f2cf9988e690e02-MXP
cf-bgj
imgq:100,h2pri
8t9a0X2SN9dssCWOtJ2KrvzfuR6lUU6mhQiLfhjY.png
znaj.ua/crops/bc9f7c/150x100/2/0/2022/03/27/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://znaj.ua/crops/bc9f7c/150x100/2/0/2022/03/27/8t9a0X2SN9dssCWOtJ2KrvzfuR6lUU6mhQiLfhjY.png
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5589c281aa3a91bebf35ccf9d1db3e7aaae68202ec268e4468ae54d9b5552045
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=2710, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2511
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Sun, 27 Mar 2022 11:05:17 GMT
server
cloudflare
etag
"624044ed-a96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrtDhMcSxGc12T6BXGSNcJyj%2FiBV1DSsLILtO%2Bi80LyBA3ILSV3lxyqoR3uuB5UGfOAWcGBShtq9H%2FEr7eq530cxG4YpU8ny7YSpIgIuWFpWkpB6i25BTAJYhUEA5BywPYWmwGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6f2cf9988e6a0e02-MXP
cf-bgj
imgq:100,h2pri
X64WF83mNx7r9hU616295TsLHhCTbVwGbz9FaWCl.png
znaj.ua/crops/9317c0/150x100/2/0/2022/03/27/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://znaj.ua/crops/9317c0/150x100/2/0/2022/03/27/X64WF83mNx7r9hU616295TsLHhCTbVwGbz9FaWCl.png
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f71c6258ac822c06351541f1c244642b08ccb5bc4576547594102eaeb4e1f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=3349, status=webp_bigger
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3180
last-modified
Sun, 27 Mar 2022 12:40:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MA%2Bt4KuH5N61Xnot09Wz3dHPP5fEuOMrXHtgdraAR5cfDrTiG%2BtWY8WtdNYCgCS%2Fj3ZFarMJL3Cz5o6BRa44OvuOI4qXxbg%2BVmn1lv5ZviYrPlulkS79ZxYtTNY6f26fCEvxPuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6f2cf9988e6b0e02-MXP
cf-bgj
imgq:100,h2pri
aSu0KNvevd8o8yzsbzsxsoqKv4ohZk7GvBr1Dzpp.jpg
znaj.ua/crops/bb6354/150x100/2/0/2022/03/27/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://znaj.ua/crops/bb6354/150x100/2/0/2022/03/27/aSu0KNvevd8o8yzsbzsxsoqKv4ohZk7GvBr1Dzpp.jpg
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5c98eb17d95d4302d441ce6f7fe6d15c09d5b1a809f63c6cf8d7d2390443fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=5732, status=webp_bigger
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5574
last-modified
Sun, 27 Mar 2022 19:29:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pteP72TxKFUZHS7P6eBdC2gxqcjCSi8pORLuO8CIPKIsvEHiN%2FJmi1%2FCUSVV0FqamGVr3DaSfqci4wl1hp1z3CC77FMmufb9IzAvZgTTpipxB%2BzTcg7%2FRbPKVvU%2BfzlRUrlPrZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6f2cf9988e6c0e02-MXP
cf-bgj
imgq:100,h2pri
T1gTEJKUd4mLOjEHg8LQBtHw7dmapGWNfGjaElKb.jpeg
znaj.ua/crops/13c727/150x100/2/0/2021/01/21/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://znaj.ua/crops/13c727/150x100/2/0/2021/01/21/T1gTEJKUd4mLOjEHg8LQBtHw7dmapGWNfGjaElKb.jpeg
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab043c184fb6f71c8e7a99974837b28f34cc0b8c2e4ad64c906772eec556f63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=4068, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3928
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Thu, 21 Jan 2021 15:36:46 GMT
server
cloudflare
etag
"60099f8e-fe4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqpLbWx9U4SruM37hYxxaHmQHTzuZ2T2qDzc1863vpQ%2BB1VsOvSbtrE4FWadTvcRMKaKIgPxJU1QlgCM3kNewvzegXNmM6PxOspWSaaVCaPIbEgrYYJ5QJmbPX7HUWwFATqAmRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6f2cf9988e6d0e02-MXP
cf-bgj
imgq:100,h2pri
t2m4bfwjO50JDIbReFlNsVxdo2F109AQLed24iQA.png
znaj.ua/crops/808cd7/735x400/2/0/2022/03/27/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://znaj.ua/crops/808cd7/735x400/2/0/2022/03/27/t2m4bfwjO50JDIbReFlNsVxdo2F109AQLed24iQA.png
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c8e05cc745effc859bfc1c4af10ffdf1befc939c307a2e41d33f5bf4cd3fa98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=62542, status=webp_bigger
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
62342
last-modified
Mon, 28 Mar 2022 02:03:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8pBOEIphUakFAHkriEO5mVc1VsQ41BIIEOIWbCReggP9k3UZuceccPDYZWZgni49Ldu435Zd4hanwjhUL5AR9%2B%2FqwjstAYNTEWjBt9GHkkKi5XGtku5qexw0M8b%2FP2qVxvNSM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6f2cf9988e6e0e02-MXP
cf-bgj
imgq:100,h2pri
rHdPRpSfEwoQpnpRh6v9A2vnAheMajtcYoiAyYu7.png
znaj.ua/crops/9f1463/735x400/2/0/2022/03/27/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://znaj.ua/crops/9f1463/735x400/2/0/2022/03/27/rHdPRpSfEwoQpnpRh6v9A2vnAheMajtcYoiAyYu7.png
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7c7b781b497f6950a9c9e0f0eaf1b636ca6c9ae636b5431b1ced0d5b415508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=39557, status=webp_bigger
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39046
last-modified
Mon, 28 Mar 2022 01:08:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YW74LmH4Hkasl%2BevM1vBjaUBTbq7FYXXhhaNY5CYxNq6U1jxVs0JmQpvw6BuN6LdaKmnHyEbTBlSm3DwRRV3HH%2B5im97K6llFGmKWMa00%2FGXuuS3uTP4Su5snPmgWk4UYiulRro%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6f2cf9988e700e02-MXP
cf-bgj
imgq:100,h2pri
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/ 		296 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9456088057484970&plah=znaj.ua&bust=31065832
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9456088057484970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3dc715e436a9c36a877356b854698bc0c7057ccae67f6642c42fa2d201b42c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109246
x-xss-protection
0
server
cafe
etag
2820617280602841267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 28 Mar 2022 02:35:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/ Frame 6AC8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9456088057484970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Sun, 27 Mar 2022 14:18:28 GMT
expires
Sun, 10 Apr 2022 14:18:28 GMT
cache-control
public, max-age=1209600
age
44245
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=987497702&t=pageview&_s=1&dl=https%3A%2F%2Fznaj.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B2%D1%96%D0%B6%D1%96%20%D1%82%D0%B0%20%D0%B0%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D1%8C%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83.%20Znaj.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=314609095&gjid=1512525796&cid=205890853.1648434953&tid=UA-108263001-1&_gid=1167682339.1648434953&_r=1&_slc=1&z=380368668
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://znaj.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
fpdata.js
gaua.hit.gemius.pl/ 		276 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=znaj.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
4f331cd88313de869746b5b2e91b9f33ae4a61b4e30af60734954ed917881f1b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
276
expires
Wed, 27 Apr 2022 02:35:53 GMT
lsget.html
ls.hit.gemius.pl/ Frame FE32 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
a6aa6788b4daba51a19c73fb8fec9850dfc6d3d2b7cabf1fdb610352d9b5d27f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
expires
Wed, 27 Apr 2022 02:35:53 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2719
content-encoding
gzip
121
aixcdn.com/p/ 		257 B
788 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aixcdn.com/p/121
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?164844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7b7dc029aadf4c26e5ad370b70c77c812936e206519fb854123588c074da9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 27 Mar 2022 08:59:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZjCk4l5e2DOvC4L8nYaJlS1X53srfvxtSssXC4I1b7%2BkNWdZTMgu3uydYGjWV6aK6JnudDinrL9ZRmpri4VXzBOpyNPPi%2F0L08rxltChGTrDpHep0GvFnDkRBe%2FC1leOpi%2FA9mhuQa1"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f2cf999bc6483a9-MXP
97
aixcdn.com/p/ 		23 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aixcdn.com/p/97
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?164844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca5cdde752a7e0dbd7652fe7cd000eed74a0f4aa74eaecede273a8d3f60be04a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24041
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 27 Mar 2022 14:18:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLuQp5VQz2mU6uUFe%2BhPc1yeIbm4TyYUhKrTvKuch4n9iBk0qcit8YYmKXAO2jzwSsZggBxnJE9OkrU2rWW%2Bo5ym6qXv33Q%2BqD8aG5pNlrQj0ZuQVd6EiON2VWWHGaIT9Ju32lijNmqI"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f2cf999bc6683a9-MXP
194
aixcdn.com/p/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aixcdn.com/p/194
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?164844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bacf54b7d27b6739185e88efc6a53a890e2d6beec5fe35827ae10144e53cf71
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15137
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 27 Mar 2022 22:00:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIoZSZgbVPxON5i1zp9sJ6qE%2B7bMZjy1j4AZbjIEwNXXen01Ec0OXALWu2Jo7hT4wPFUVVt7Et6NYOqSyOWA2M5Qk7wAcu2crqJ2fxcw%2FjMYCZuoyrPXLEYsPxF7CnYd3LoNu%2FdIoTqk"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f2cf999bc6783a9-MXP
pv
s.getstat.net/ 		42 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.getstat.net/pv?u=https%3A%2F%2Fznaj.ua%2F&d=znaj.ua&s=&t=&l=uk&ac=&aa=&ap=&un=1&ss=&dp=1&sd=1&dt=1&o=1&b=1&p=1&r=0.12394980636975883
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wf6f4qPfYkO3CqMvycaUE7zBv8CQBjbitylOXrynSsiOfCMrly1Rfz6IJINS3GZ6verKIBHk1t0%2BsCIRpFYzZvmXH1cH3Th5tEPc3Jn2r5oCOA03vPkyoDgebtb7%2B0th8GkgEVJw2JHNlM1v"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store
cf-ray
6f2cf999dc3583b2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
metric
s.getstat.net/ 		42 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.getstat.net/metric?u=https%3A%2F%2Fznaj.ua%2F&d=znaj.ua&s=&t=&l=uk&ac=&aa=&ap=&un=1&ss=&dp=1&sd=1&dt=1&o=1&b=1&p=1&r=0.18941080112403608&k=3&v=99
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAa9a%2F7MAa87HF08DUSvarvJTCJrR30hpgcR71uVnTTPjNcNaq67xYgNbcVlhSkmGu%2Bi3QgkFv5ChGgzGOutBkuDarjBVrFA56wy6eUvZBDwVa%2BRgy5XoItitqFHTVKeJL8OhkFhjif6kZdu"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store
cf-ray
6f2cf999dc3783b2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
metric
s.getstat.net/ 		42 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.getstat.net/metric?u=https%3A%2F%2Fznaj.ua%2F&d=znaj.ua&s=&t=&l=uk&ac=&aa=&ap=&un=1&ss=&dp=1&sd=1&dt=1&o=1&b=1&p=1&r=0.3231674112234755&k=4&v=274
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H674%2BonJNrQ9Esd0NCcQXn8eWX%2FL7VKnweklps0fWgzqT%2ByLcq6%2B1I5Yg47tSTDvIaJYf0waxlgQubmE%2Fzkfb3MeXBjBK2EGrpDRZOXr0D5ohLBciPn9PVPfQuADoaCUvBH49falLmBC4Yft"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store
cf-ray
6f2cf999dc3483b2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
collect
stats.g.doubleclick.net/j/ 		7 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-108263001-1&cid=205890853.1648434953&jid=314609095&gjid=1512525796&_gid=1167682339.1648434953&_u=IEBAAEAAAAAAAC~&z=2026990431
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c01::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 28 Mar 2022 02:35:53 GMT
content-type
text/plain
access-control-allow-origin
https://znaj.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
branding
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1582&0.7128512657863713
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
d46ceb2bde60881fb19d81ed006513a18f1fa2428fe60af86e50e308a13f298f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?164844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ffbf0901d91c2643b9aef55cc55cb461e8be565f7b47289a03c321cb1cc4441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28045
x-xss-protection
0
server
sffe
etag
"1171 / 622 of 1000 / last-modified: 1648245909"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 28 Mar 2022 02:35:53 GMT
ym.js
cdn-b.notsy.io/zna/ 		317 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-b.notsy.io/zna/ym.js
Requested by
Host: aixcdn.com
URL: https://aixcdn.com/client.js?164844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
b3f98d515efe5d353f127cb24072d4170b48fc64ff5f4a820d4cfa40c2ede954

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
br
cdn-edgestorageid
549
cdn-fileserver
250
cdn-storageserver
DE-168
cdn-cachedat
03/23/2022 13:56:18
cdn-pullzone
139012
server
BunnyCDN-AMS1-879
last-modified
Sun, 20 Mar 2022 17:12:32 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"62376080-4f43c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
c06a1e46f8865c87bff6b5013c8fda3c
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108263001-1&cid=205890853.1648434953&jid=314609095&_u=IEBAAEAAAAAAAC~&z=907812649
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108263001-1&cid=205890853.1648434953&jid=314609095&_u=IEBAAEAAAAAAAC~&z=907812649
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		211 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=znaj.ua&callback=_gfp_s_&client=ca-pub-9456088057484970
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9456088057484970&plah=znaj.ua&bust=31065832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e4be2d131abd7538907fbef32dd76c2975da57c5ed8c0c1e1f5875caea8376c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=znaj.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9456088057484970&plah=znaj.ua&bust=31065832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=znaj.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9456088057484970&plah=znaj.ua&bust=31065832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fznaj.ua%2F&tn=NAV&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8E68 		134 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9456088057484970&output=html&adk=1812271804&adf=3025194257&lmt=1648434017&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fznaj.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648434953099&bpp=2&bdt=252&idt=238&shv=r20220323&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3613222913015&frm=20&pv=2&ga_vid=205890853.1648434953&ga_sid=1648434953&ga_hid=987497702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065832%2C31065787%2C31065551%2C31065654%2C31064019&oid=2&pvsid=2418174385814951&pem=335&tmod=1349050498&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9456088057484970&plah=znaj.ua&bust=31065832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81bf15c688b0881e6bd04844d18b7158b0a9019b9b4a8c3daa823612795ba6a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 28 Mar 2022 02:35:53 GMT
server
cafe
content-length
38232
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 28 Mar 2022 02:35:53 GMT
cache-control
private
rexdot.js
gaua.hit.gemius.pl/__/_1648434953352/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1648434953352/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&...
  • https://gaua.hit.gemius.pl/__/_1648434953352/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%...
169 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1648434953352/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=231&lsdata=VZB2mHGI7NDx8Yx6mBEns42wrOsO4jy8t_FsR6Z5gjr.i7R9MEBHaKzWrC8os5Rr.b8ItmU5m9GLhXWXfh2q4l57RAaK/VaXIo9DJ4oYD8/&fpdata=Cj0sFXoDVHLw858KPBb6l0Vn18fqMaOFaQZcCCPaj9n.s7&vis=1&fpcap=
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
9732bf5fa9714281a9a3c7019ee10d4ec8e6d58e3bae8473681944b76a399628

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:53 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Sun, 27 Mar 2022 02:35:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:53 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1648434953352/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=231&lsdata=VZB2mHGI7NDx8Yx6mBEns42wrOsO4jy8t_FsR6Z5gjr.i7R9MEBHaKzWrC8os5Rr.b8ItmU5m9GLhXWXfh2q4l57RAaK/VaXIo9DJ4oYD8/&fpdata=Cj0sFXoDVHLw858KPBb6l0Vn18fqMaOFaQZcCCPaj9n.s7&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sun, 27 Mar 2022 02:35:53 GMT
branding.min.js
a4p.adpartner.pro/apstc/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.7128512657863713
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame BE10 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=2c2cf7fb-ed1f-4238-a855-e389992d1f3e&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.7128512657863713
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

server
nginx
date
Mon, 28 Mar 2022 02:35:54 GMT
cache-control
no-store no-transform
ls
a4p.adpartner.pro/branding/ Frame B568 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=22249427655074204&apuid=05fa5243-bd9b-439c-91c0-eb0c149c11a6&session_pageview=1&session_id=2c2cf7fb-ed1f-4238-a855-e389992d1f3e&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.7128512657863713
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
c2290738e4716e51d1d042f2862471fc5cdbd4615d1242db5729b1e94339d9f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

server
nginx
date
Mon, 28 Mar 2022 02:35:53 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 00:32:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Mar 2023 00:32:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		297 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=znaj.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2cf2bebf4d8dc76e0b7c0bdd6d810f59b022c38df8045e55256604489b48d1e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142
x-xss-protection
0
expires
Mon, 28 Mar 2022 02:35:53 GMT
analytics.js
www.google-analytics.com/ Frame B568 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=22249427655074204&apuid=05fa5243-bd9b-439c-91c0-eb0c149c11a6&session_pageview=1&session_id=2c2cf7fb-ed1f-4238-a855-e389992d1f3e&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1867
date
Mon, 28 Mar 2022 02:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 28 Mar 2022 04:04:46 GMT
branding
a4p.adpartner.pro/ Frame B568 		772 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1582&session_id=2c2cf7fb-ed1f-4238-a855-e389992d1f3e&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=22249427655074204&apuid=05fa5243-bd9b-439c-91c0-eb0c149c11a6&session_pageview=1&session_id=2c2cf7fb-ed1f-4238-a855-e389992d1f3e&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
3e6eb089aade1932a634c0b0e2aff1b3993ea1775de672aa8914f47e1a5ffba1

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=22249427655074204&apuid=05fa5243-bd9b-439c-91c0-eb0c149c11a6&session_pageview=1&session_id=2c2cf7fb-ed1f-4238-a855-e389992d1f3e&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220328
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed0fecc2ccd478581e9a53b5f21f7a9fd603039f9024c9a028efe529e79ddda0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
41699
x-jsd-version
1.0.1292
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19160-FRA, cache-cdg20759-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"670-o7iJQ1njZqY0r6Q2ljPzLMkCl08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f2cf99c9e1701eb-ZRH
/
ad.mail.ru/hbid_prebid/ 		85 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_prebid/
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
5f66c88dcf01e9fd882de2e565ba809a7d08d63574ede58bdb30e66a97f68c67

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 28 Mar 2022 02:35:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://znaj.ua
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
/
adx.adform.net/adx/ 		20 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzNDAxNTMmdHJhbnNhY3Rpb25JZD04NTdiN2FkZi0xNjcxLTQ5NDgtOWM0Zi02OTEyNWFjNDFiNDUmcmN1cj1FVVI%3D&bWlkPTEzNDAxNTUmdHJhbnNhY3Rpb25JZD1mNzBkMzNiYS1iMjQ2LTQ0N2EtODUyMi03MWEwMzhmOTIzZGQmcmN1cj1FVVI%3D&bWlkPTEzNDAxNTcmdHJhbnNhY3Rpb25JZD0wNmIyZWUwYS0yYTMzLTRkZTMtYTVjNy1iNTk1NWZlYzBiYjgmcmN1cj1FVVI%3D&bWlkPTEzNDAxNjImdHJhbnNhY3Rpb25JZD1hZDdjMjRhOC00NDg3LTQxNzgtOWNiZi1jMTViNWVmNTc4ODAmcmN1cj1FVVI%3D&pt=gross&stid=66803b27-d844-4cfb-bac9-8db71d3f617d&fd=1
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://znaj.ua
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		63 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9076ae7ce928a7fd04c3cb4273eb1bdc33afc5024f60f2fd49ade0b0ae1a4e28
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 28 Mar 2022 02:35:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9e4ffc7e-3bb1-4679-985f-9a884687284b
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://znaj.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309706&size_id=16&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=857b7adf-1671-4948-9c4f-69125ac41b45&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.973476670350965
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f6a40139ce29d7389613cc37df2a555300b8ea93045b90897f570d1e6910f3b4

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:53 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://znaj.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309708&size_id=16&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=f70d33ba-b246-447a-8522-71a038f923dd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9812826383743394
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d92550b6bb33bc866512528d75c0778b9987883ce9a5e36a13d5ee877c0e5e29

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:53 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://znaj.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309710&size_id=16&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=06b2ee0a-2a33-4de3-a5c7-b5955fec0bb8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.40587525344724473
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d9a7c20e3a46dabc570cf81810ec4751e0ebc5fa019750b900ffc647b34e0270

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:53 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://znaj.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309716&size_id=10&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=ad7c24a8-4487-4178-9cbf-c15b5ef57880&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5833032175454804
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
291c150ffb73921f868e8d0c074d15ee12cae3ff5da2eb73d68c461e41e89ff6

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:53 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://znaj.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=59284214928
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Mar 2022 02:35:52 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://znaj.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bid
a4p.adpartner.pro/hb/ 		192 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/hb/bid?tag=8220,8221,8222,8223&sizes=336x280|600x280,336x280|600x280,336x280|600x280,300x600&referer=https%3A%2F%2Fznaj.ua%2F
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
6522e3f8fd1455a83f5d80e022397a204347e4b8c370a3f1472fdae753fdccb7

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://znaj.ua
date
Mon, 28 Mar 2022 02:35:53 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/json
if
a4p.adpartner.pro/tracker/ Frame ED6E 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252205fa5243-bd9b-439c-91c0-eb0c149c11a6%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

server
nginx
date
Mon, 28 Mar 2022 02:35:53 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
if
a4p.adpartner.pro/tracker/ Frame 6930 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252205fa5243-bd9b-439c-91c0-eb0c149c11a6%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

server
nginx
date
Mon, 28 Mar 2022 02:35:53 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=znaj.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=znaj.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		886 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2418174385814951&correlator=3096296358522555&eid=31065751%2C31065787%2C31065551%2C31065654%2C31064019&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_WEB_INTERSTITIAL&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=3438404882&sfv=1-0-38&fsbs=1&ecs=20220328&ists=1&fas=8&fsapi=false&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3D4885cd0439b6a646-221abfd066cd003d%3AT%3D1648434953%3ART%3D1648434953%3AS%3DALNI_MYtaXl8QC5V-IgzJBGNgDu-ZZVNcw&abxe=1&dt=1648434953764&lmt=1648434017&dlt=1648434952847&idt=899&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=205890853.1648434953&ga_sid=1648434953&ga_hid=987497702&ga_fc=true&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
98a909909924e2b02d672c67ec18524601a0c82d4eae6fe727d8ec72d48076e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
494
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://znaj.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CEA5 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 28 Mar 2022 02:35:53 GMT
expires
Tue, 28 Mar 2023 02:35:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2022031601.js
securepubads.g.doubleclick.net/gpt/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022031601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
36d48b0e122a1698e9501ed19b684dbc79d0e754d3ce390183d9f21433fb82eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 16:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
380602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13275
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Mar 2023 16:52:31 GMT
/
ad.mail.ru/hbid_prebid/ 		84 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_prebid/
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
92818c3617b2bab9d18f4ea6873d3199da26c7b1c4001317db8ef9c42aa424be

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 28 Mar 2022 02:35:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://znaj.ua
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
/
adx.adform.net/adx/ 		5 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEzNDAxNTEmdHJhbnNhY3Rpb25JZD1hMDI5NTcxNi1iMTQ0LTRhZjktOTdhYi0yNGEzMTcyZmIyNjImcmN1cj1FVVI%3D&pt=gross&stid=bb795580-c007-408d-aaa3-7cc395026aab&fd=1
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://znaj.ua
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5663c11ae6a78a9c8071bfb997b639da3dc5ea75788f75a18d3bbcfe9b3fd0a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 28 Mar 2022 02:35:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3c661904-a16e-445d-bd60-977b6080afb6
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://znaj.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309704&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=a0295716-b144-4af9-97ab-24a3172fb262&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3436656694770073
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
221d040daa54ef48d957cf8d4eae5399993e881df2ef1a235f6358153fa6c6ef

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:53 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://znaj.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=91476783988
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Mar 2022 02:35:52 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://znaj.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bid
a4p.adpartner.pro/hb/ 		193 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/hb/bid?tag=8217&sizes=970x90|728x90&referer=https%3A%2F%2Fznaj.ua%2F
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
620bab43657ec7fbed94b5daafe0ad02b7d563b586291a934dc0514a01ff5f08

Request headers

Referer
https://znaj.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://znaj.ua
date
Mon, 28 Mar 2022 02:35:53 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/json
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/reactive_library_fy2019.js?bust=31065832
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9456088057484970&plah=znaj.ua&bust=31065832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7dee786f6c3f9347e6dff72f06b5a278c9626e7f75159ef0bc7968f0b4d54027
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52591
x-xss-protection
0
server
cafe
etag
2061148313155966783
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Mar 2022 02:35:53 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=znaj.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9456088057484970&plah=znaj.ua&bust=31065832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=znaj.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9456088057484970&plah=znaj.ua&bust=31065832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 02:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/ Frame 8084 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9456088057484970&plah=znaj.ua&bust=31065832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Sun, 27 Mar 2022 14:54:33 GMT
expires
Sun, 10 Apr 2022 14:54:33 GMT
cache-control
public, max-age=1209600
age
42080
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		229 KB
49 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2418174385814951&correlator=194919302215873&eid=31065751%2C31065787%2C31065551%2C31065654%2C31064019&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_ITA_336%2CZNA_ITA_336_1%2CZNA_ITA_336_2%2CZNA_SBR_300c&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=320x50%7C336x280%7C600x280%2C320x50%7C336x280%7C600x280%2C320x50%7C336x280%7C600x280%2C300x600&fluid=height%2Cheight%2Cheight%2C0&ifi=4&adks=1604177946%2C1670658071%2C2070129014%2C3542710887&sfv=1-0-38&fsbs=1%2C1%2C1%2C1&ecs=20220328&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D4446d50a73a53b6%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.00%26hb_adid%3D4446d50a73a53b6%26hb_bidder%3Dappnexus%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.03%26hb_adid_appnexus%3D4529c8e5fa47bfb%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.03%26hb_adid%3D4529c8e5fa47bfb%26hb_bidder%3Dappnexus%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.03%26hb_adid_appnexus%3D46ae5b45828d3b1%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.03%26hb_adid%3D46ae5b45828d3b1%26hb_bidder%3Dappnexus%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D476c35efd74c189%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_adid%3D476c35efd74c189%26hb_bidder%3Dappnexus&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3D4885cd0439b6a646-221abfd066cd003d%3AT%3D1648434953%3ART%3D1648434953%3AS%3DALNI_MYtaXl8QC5V-IgzJBGNgDu-ZZVNcw&abxe=1&dt=1648434953937&lmt=1648434017&dlt=1648434952847&idt=899&biw=1600&bih=1200&adxs=-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0&ga_vid=205890853.1648434953&ga_sid=1648434953&ga_hid=987497702&ga_fc=true&btvi=-1%7C-1%7C-1%7C-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
5257f16b6697bb40fd58d397ec21ad73b5a50f4d77a653ea77bcc1a0b2fd6d83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49663
x-xss-protection
0
google-lineitem-id
-1,5951414560,5952078938,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138384284454,138384228038,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://znaj.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 8084 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 00:58:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 28 Mar 2022 02:35:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Mar 2022 02:35:54 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 8084 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 02:13:43 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8084 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkKazCR9BYtXRGo64gAewpIOYD5vkiZ5p9qjaqNIPZBABIMGggHpgu4aAgNAKoAGr68jFA8gBCakCWhStPVQdtj6oAwHIA8sEqgTZAU_Qnr3N9LoDY-abuvsSNb6An6Lvbd-xus93oooI1Nou5gj05AnjQMEz2DRnkULcEgaHJM04CtvFDQIGpjmWRRb5TQQFu46Qf9pioVT7c1y2cg00SeR65ewGOWeuIKcOQPHknWboHBDEU8lN-LJ_LoFxj4gHHoxrxoaVzJk0R28_oz6pumNmr45gN1yFASCFB88HggUw1O3sPZFj5aUuLDLtQkQykO5UVjzFyBQAJn5blrjXmTANaMKQlMA65fO2ZnhvM44sHkc0eBycYXi6fTA0bieqVlhuVCrABKKYj-n6A5IFBAgEGAGSBQQIBRgEoAYugAeC67MwqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5_gL0ggJCIDhgBAQARgfgAoByAsBmAzH4pT-8QO4E4ME2BMO0BUBgBcBshccChoIABIUcHViLTk0NTYwODgwNTc0ODQ5NzAYAA&sigh=fJ8fhfRFgXc&uach_m=[UACH]&template_id=515
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 28 Mar 2022 02:35:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Mar 2022 02:35:54 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 8084 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
680
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 02:24:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 8084 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:09:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1613
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 02:09:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8084 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 02:35:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 8084 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 02:27:46 GMT
dfa9fdc9b45632ba17ba59fe64d4dcb5.js
www.gstatic.com/mysidia/ Frame 8084 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 03:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12015
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 02:46:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Jun 2022 03:09:44 GMT
7651774895797135129
tpc.googlesyndication.com/simgad/ Frame 8084 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7651774895797135129?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5481a6df70d9dbaf53b9b031ca30febb0ad0e1526a44b9b838ff9ebbf3352fd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:57:03 GMT
x-content-type-options
nosniff
age
524331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3035
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 10:04:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 22 Mar 2023 00:57:03 GMT
truncated
/ Frame 8084 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8084 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=znaj.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=znaj.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2418174385814951&correlator=2393299086480581&eid=31065751%2C676982961%2C31065787%2C31065551%2C31065654%2C31064019&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_ATC_970&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C728x90&fluid=height&ifi=8&adks=2184955199&sfv=1-0-38&fsbs=1&ecs=20220328&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D487985cf88a3a3a%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D487985cf88a3a3a%26hb_bidder%3Dappnexus&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3D4885cd0439b6a646%3AT%3D1648434953%3AS%3DALNI_Ma9DMk8MOtFdg_5Pu1Y3JhdSiWgGQ&abxe=1&dt=1648434954036&lmt=1648434017&dlt=1648434952847&idt=899&biw=1600&bih=1200&adxs=315&adys=147&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&fws=4&ohw=1600&psts=AGkb-H86X7nxbo0JalWsyTKO-Zp-Mp4lt0pSlrIankEX-gDa&ga_vid=205890853.1648434953&ga_sid=1648434953&ga_hid=987497702&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1eecd41c40d8afee4322b061f70b87983f0989707ea87e5b5433ed900e2a9ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10992
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://znaj.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.aixcdn.com/ 		42 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aixcdn.com/?2120&3224&4137&4166&r=2262
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:54 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBmPPaqyLj%2BYbrDMOfN1TI%2BvMNd4HiixH0WTF9H9BO3%2FBjR5RfVfQx07Ah2MffB9XEtwgQ3Rihcg5R6rEE0AzTPBNNwoVP9DueB%2F3xWPBNzAte%2BB0GDefM6xsMLGHPwaFP90cxBdQGd2FJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f2cf99faa6b59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
truncated
/ Frame 8084 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71b6358ed1219ce6717c506f32a610a1989b27cdf5fd7e3ceb450ed5515b4aec

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame C594 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
38208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 15:59:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220323&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9456088057484970&plah=znaj.ua&bust=31065832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25046e034e22c9453f30178930676837babc5e58e41f7b0dcfd42ebe715bb5d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10627
x-xss-protection
0
container.html
6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D5DE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 02:35:53 GMT
expires
Tue, 28 Mar 2023 02:35:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9456088057484970&plah=znaj.ua&bust=31065832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 02:35:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 95C8 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhjT7ve0ATAB&v=APEucNV6cMrWEW5HxIlu7Ba5DXcZwpM4506R-FNlar8V_KyDrvkrLAfv6AEZymSDvlSeofYr36AAj000SKwYxlvVSvKNtRuGBQgohW4BHBqb05zOPhmAsOcIlUr05bjdPdkbO5tIIjN6D9tHs-gmTnSwQy9_QS1de6HUyQ0luQG8pkjFepG1iQ0
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 28 Mar 2022 02:35:54 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame D5DE 		14 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWl_zepOd2H7FBya8xSk4znFtfL5cbEnKOFLzKd8IkgjUVAmX2vFEtQm4fzynmuTGw1c56HapkkczomVOLCPRhEBL0g00zyN3DJGR7JtN6oFj3sB6VMmrSb1Nv-xrMqGkYWsdnTrjmX8gtuSESjPHIkBXvyQ&cry=1&dbm_d=AKAmf-ADHHgvqB1F_PLHbSJvfEfNF1_sznmJ1Tkt2sHAB9sahpJfdHSX13BNpK9ZJeiRuREpJniZ8UBRWjyX37mnKO12_ryMwUOhp5KrFM0u5MzC_uIAEJEmC6fYwBx4KlpVwW7dM9RbyWQeEqxoaNNnr5ZmszsVGlsnIRkwWHTKlkQIgeHVnZYUOANszF-jXqOP0L83_Ee3xKTpGJ6wfim1b-L8VVB2lOTVFJWoNquUq41aRoGs0i3u0G3gzpH6qrcWcRiHB8oMfJZ48XpWPq2RrOzgudnshpEMUnaDxL1dgSSD69IqS0bjCC7IvdAix-_pCXeUhoufwqsyhdaEEgxTvucRRh1Pz00gn0_O6y8hvRWT0BeNlcu46UnbeYyvtAePi5R10OgDcJJaQPCLwsQFBY6UGZ4L2V0oWJDnOhXCahDgedZP_6-uAoLT53q43rOmIrfbGD2pTLDazV25PUJL_XhV7HLaJgioFT79T_g1-0n7ff14Ug0gmjG0Wxr6ucRDMxt6DoTHA25SKAbC-zKsd0OqmrKwSMv8PaWbqWCeUvMPhIGCUSgYVQIRMabQ2fK5PbDdJ-KrWYM6AOAZWs3DScXp2pKZ_Hb7vVpuMk2b6gdso51NSAzJqhDJAyTBglP0moWY7sRAI0dSAU07o5owsxXaQsCKRX4sJue_M5vCMTy6QNxShZb5RPRu7wion8kp_qZgOk9gD-vjNaGOvI37XEH81ewNuNxrUkvCIFi2JPphcRHJsg-UrL8cnqp6cNVllADbojPoXVAtUGyPtqCZvK0-0A2kLcFFAw8SEvRw6NL4n-p9x10UjTZJ9kYP8BHSGPihJjaJ2Y1a0hBWqYpIyD0g1MbBn147ssqMxz2H-shmrSqEJQrro3JpHIaMdymeNu-0BgIt__FMVnVAs7umFFwUlkE5gJoDGl5zXaIspD82BDo6ImCbLsaLZ1RzbjVNrkqrcEbrXKab2eBm0M9I4SyWgfuJcmZw5cHeWkhoGb0lWY_T_87gVB-IXGoibxDVR25nZAyZOvfn5mLen433-9Atca7JpE9XQexncppNd3aPLeic580I2hTU3xsAW2xt7zG9Q_frzas3LMvy2OhfYb92KdqUz9g0zBpylEJWmBeWPVpdLAMZAke24ToDQV6qlVbmPA36EeSkqxL9jybGJGptHH2FKiNfDhmuevddNU3qF8EGEUwDlntDuH67mtP9RIQdghHZo_1SrSxibWnjWqMXp2YRAJnhOZFxQJQFjwITn-luVVQViwPo3YqlDISf_lZRRjCiZkbw18xY56MevwfIV5UsbphK3zrT4vydm1w5qqOYlHJiA-nt52M6FKsc6Q-VuSLZt3QET3MAogpBHwTbSHDyu-ZhRF5uQTuqQmSr3pheeYEFdL0uj1UkJ_58Qrv51VgoJ_pXX1vczLdptczCZgYkivarw3_2kcEpdPR_az0FkwusqE6DMhNjjd83UK55zWWg_t9ga5s4dZYdwWTOzvrXd7O3dvIoySVOPaLSwjoFeVRfXzimFTgbbr3xKx5p7HPv61F_iRq6nuimpQ1nskPj1xdlb55kKAOJ0JxxiVj30CMd1igflACSNJAGDUXnbOx6SEfim_Zjjhl6sBgc_eU4l5rwSh_1HimSUun_JkiuZNU6vaH-qlaw_NcW6RP0sSZJWt6yiaS33pD4-evQNkhXxOf6aeb6Pjg6LfXQ0fIFWk0pa7ks1PSlI7PxPh_XWtDSrz4uH7SzWFLaLIhnUguRsD5BBwbuEMRMvGzzeerAWWMmkvdmKJrZar3voOmZFDp9W4Fp3Ofed5RPqPMOW3Hz0br2adq9YbcLptqa6yFBm-gGYinQGHbGHJnUhjwOyaYkzEUhT7LHTqkHnzH77TiAzlCXrKCUiXBYtkltWYhUQWk-0_lJTuYJf4sII11Hj_50Fwnv6pHlLZpYyVP0U6fTbr08uUT_MvVB3ZjLrUjapmwLyLTx56X05KOeomRrlVb3hkp-PyWM1AHt1aGF5JQi5Uu-3oj-gsHAuZ2CIXOMcAeb5bP3gD2nyr4Hu_ZhKFyyqUyhEo8XzBW_heEf5D-OAPmN6NwAXPdN--RiUt8muhUUvULHipWChGQHXQsKgjvCrA5kkvtedc3r4KEWtIrf9e9S4ON6fCw2ci9SknXdGq0zYJro7cwiRFdS7V72-cZSCXW3kclZ7OZWUmXu75RlD4ii4QJKtIE7pFg71g_pmRkXz8M9OT-6bU128XPMr-ZXBQbNt0m99UNRryWmuT0X7bI2LwcCr5kefq9AELKs4kqyARUi1H1o-5BtVrmSlSKdTmvOE7hk9DRXB_Oq8tYO34X4K023z7_lvDrbnBnjghykNTtxUDCN9pYEeRBOdSjXfvHmBa46e8zgP-yO7I6a0Xezi6iggUji_PbqpO8ZMF9C0UrT4qWDUDGAhUHI2077nvRdtWBmvr2m76gLOwerbDYp8VyUSHEfHnhUXKEsB2QcMKZWKnOhkc06f1Y1rqlUIm1Q0bePBMwToQOlD5jhUF-YlacQlHT5uSVFDeaeHqptRQvKB7gKcsOBRR36WyhiIY-HH1rLTGo7oCC2FRXJBwxZoVn3FjMWex4UM23vK900ZOTD2VGfYVo9VmzklTW962zUzAZ7WwTLG_Nu8DpeYSFKbU68Cdsi_3PFTms-vv4HVxjDwE2Wz_q8sSz7CUO8syUhWQwElleJVuFOyfz9fwHmZ-DUQwHDiSelYsbRQX1E5V0yoOOO5t39tu7vqakCweZgqJ6YvDO2x8UuK4XGp_U12n0NhfqvRJOMBOWvVMP2wr7Z4gJgZhA75IwS2X3QVGGItplUfPoCdZS7MRCMEjGqHZ5a_NrRJT1soJ03xV2Y9BJAI6pYi7R8NbzFxHcTaOMqfiBjAp29hzH6ZdTVfF2LqAAjvx8wB1kVZaYRQIZoiZK9sltv08ruwRdyDObAFXOmYjZaiOl5s2qK2UyMKXVpnRvNDelNGEWlW7TXetBgTr9-T3ALFyuE_IEqkcX9sDxOo-CwrmhUysVik7fRlVWeaee8WjtQUjN9O2yaHWD8ww-KDlq7jpq-zZQKDubseo5BMcm2l4xSIH9rh7rDcmBHRuo5r2Mdq7Ha_vZRyqO2WpXZIW7IrNSOIXvI651WHfQHecfNRKzahpa2wARytzwkH076UnandrCQnqYs2GWVKQKNKIPBsNho1O96krKUuCUGgqPn6FGYPSbwUgYl3CROvuvWVeQ1oKk18830L7oemxm-QzQxbGeRMWEjldMOILmLY2nBv5XgcXW6iq1JkBX0Ju7huVB6Fa6tDI-u6p1jBUIji7uShkIjrnLsNKtLnuU7q392lGwbkWUAuXxDRJskCGBik4TSG15mr1g-L0ZW_gSfdGMqm4fr949x30nL-bG29NmxerCTVK4AJlFEU6KqKZLCFoBPlNx-Q6SVZuk_7a8G_Y5tH1bTDV9Px48gAGTr0ntSv2-jQaTdR3CJMbiEiB8-_EGakYkL_04i2PYrdZl1mKo5b_P6hdmwWPbJJctZ5QawyUaHba4aVInHbboxjK4Cs1L0KySGFGDi7C0zFYUk6-zVbAT2AAVSXeRRAneDT5B_k85Dp1IlrP8PqJhk9z-x1DEOZNI2q2Lm-mdsdE48M6wm99aDu3epDmzkNFEgphkJAxkIZ5fbkzhqhjS3AaTFxQ4o3Dr-Ii-AqP8&cid=CAASJORoTduqudUjoyYDYtHE7nHXpTwEyLPRfWW2Y3aBIoU5vYMx3w&rfl=1%2Chttps%253A%252F%252Fznaj.ua%252F%240
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4806e14702c5c9ec3055f1cd2479112298496f1bf19b5cf67d334890ba6fc206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10684
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D5DE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aur_A8HuSZKATROonnB49yAaGueJcIWWR92e0-2YQuhL_Nssd5rCCmzazyPhk_vD7sH3kFXAi8aknv0X00ZRVcdMTKSIOi34hbhmGNdgUWUfX1Kus
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/823392/57133300/dcm/ Frame D5DE 		231 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/823392/57133300/dcm/dcmads.js
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.8.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-8-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0900449216944ebad0b25996d0b38311e3c96429d99ff9546ea2183bb059a01f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/653659/57061276/ Frame D5DE 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/653659/57061276/skeleton.js
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.137.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-137-235.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1871e883259fe798ec07482f1db9d5147fd197be1e4c73fc84c3fe6e67cc400c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame D5DE 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=18517273&campId=47474517&pubId=1&chanId=134288234697&placementId=379451219&dealId=549644393847897261&adsafe_par&impId=ABAjH0inZmGy_-4orJ_pAlChc2xn&bidurl=https://znaj.ua/
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.137.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-137-235.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c7e96a32d8c60bc7a06edaf36e406a5852ee525fc1721cd16696b14dc67a2cfe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame D5DE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:09:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1613
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 02:09:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D5DE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 02:35:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame D5DE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 02:27:46 GMT
l
www.google.com/ads/measurement/ Frame D5DE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSi_Nx4AqpoxLzA75l1GOOuE8GcEdM1DNwM6b3J_i5nFSEjW26E8ygZTAIOAXC7nV3ArUYjAcDODlyA6CLttjL6I1ZiLQ
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 95C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbW3dYs-rajIaxWfuW2GyU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbW3dYs-rajIaxWfuW2GyU&google_cver=1&C=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbW3dYs-rajIaxWfuW2GyU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhjT7ve0ATAB&v=APEucNV6cMrWEW5HxIlu7Ba5DXcZwpM4506R-FNlar8V_KyDrvkrLAfv6AEZymSDvlSeofYr36AAj000SKwYxlvVSvKNtRuGBQgohW4BHBqb05zOPhmAsOcIlUr05bjdPdkbO5tIIjN6D9tHs-gmTnSwQy9_QS1de6HUyQ0luQG8pkjFepG1iQ0
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Mar 2022 02:35:54 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbW3dYs-rajIaxWfuW2GyU&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Mon, 28 Mar 2022 02:35:54 GMT
rum
dsum-sec.casalemedia.com/ Frame 95C8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkEfCnGGfxFxcBxShgQTywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbW3dYs-rajIaxWfuW2GyU&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbW3dYs-rajIaxWfuW2GyU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhjT7ve0ATAB&v=APEucNV6cMrWEW5HxIlu7Ba5DXcZwpM4506R-FNlar8V_KyDrvkrLAfv6AEZymSDvlSeofYr36AAj000SKwYxlvVSvKNtRuGBQgohW4BHBqb05zOPhmAsOcIlUr05bjdPdkbO5tIIjN6D9tHs-gmTnSwQy9_QS1de6HUyQ0luQG8pkjFepG1iQ0
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Mar 2022 02:35:54 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbW3dYs-rajIaxWfuW2GyU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 95C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOkfXVz7z3IBMS5rqx0YfTM&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOkfXVz7z3IBMS5rqx0YfTM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhjT7ve0ATAB&v=APEucNV6cMrWEW5HxIlu7Ba5DXcZwpM4506R-FNlar8V_KyDrvkrLAfv6AEZymSDvlSeofYr36AAj000SKwYxlvVSvKNtRuGBQgohW4BHBqb05zOPhmAsOcIlUr05bjdPdkbO5tIIjN6D9tHs-gmTnSwQy9_QS1de6HUyQ0luQG8pkjFepG1iQ0
Protocol
HTTP/1.1
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:54 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
057cb791-82ba-46c7-b747-d5b0d2b322ec
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOkfXVz7z3IBMS5rqx0YfTM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 95C8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTU5NTIxODM4MjUwMDIwOA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTU5NTIxODM4MjUwMDIwOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhjT7ve0ATAB&v=APEucNV6cMrWEW5HxIlu7Ba5DXcZwpM4506R-FNlar8V_KyDrvkrLAfv6AEZymSDvlSeofYr36AAj000SKwYxlvVSvKNtRuGBQgohW4BHBqb05zOPhmAsOcIlUr05bjdPdkbO5tIIjN6D9tHs-gmTnSwQy9_QS1de6HUyQ0luQG8pkjFepG1iQ0
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:54 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b1e9df74-4fe2-4ad4-ba28-c6b6f5ca81d3
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcxOTU5NTIxODM4MjUwMDIwOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D5DE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWl_zepOd2H7FBya8xSk4znFtfL5cbEnKOFLzKd8IkgjUVAmX2vFEtQm4fzynmuTGw1c56HapkkczomVOLCPRhEBL0g00zyN3DJGR7JtN6oFj3sB6VMmrSb1Nv-xrMqGkYWsdnTrjmX8gtuSESjPHIkBXvyQ&cry=1&dbm_d=AKAmf-ADHHgvqB1F_PLHbSJvfEfNF1_sznmJ1Tkt2sHAB9sahpJfdHSX13BNpK9ZJeiRuREpJniZ8UBRWjyX37mnKO12_ryMwUOhp5KrFM0u5MzC_uIAEJEmC6fYwBx4KlpVwW7dM9RbyWQeEqxoaNNnr5ZmszsVGlsnIRkwWHTKlkQIgeHVnZYUOANszF-jXqOP0L83_Ee3xKTpGJ6wfim1b-L8VVB2lOTVFJWoNquUq41aRoGs0i3u0G3gzpH6qrcWcRiHB8oMfJZ48XpWPq2RrOzgudnshpEMUnaDxL1dgSSD69IqS0bjCC7IvdAix-_pCXeUhoufwqsyhdaEEgxTvucRRh1Pz00gn0_O6y8hvRWT0BeNlcu46UnbeYyvtAePi5R10OgDcJJaQPCLwsQFBY6UGZ4L2V0oWJDnOhXCahDgedZP_6-uAoLT53q43rOmIrfbGD2pTLDazV25PUJL_XhV7HLaJgioFT79T_g1-0n7ff14Ug0gmjG0Wxr6ucRDMxt6DoTHA25SKAbC-zKsd0OqmrKwSMv8PaWbqWCeUvMPhIGCUSgYVQIRMabQ2fK5PbDdJ-KrWYM6AOAZWs3DScXp2pKZ_Hb7vVpuMk2b6gdso51NSAzJqhDJAyTBglP0moWY7sRAI0dSAU07o5owsxXaQsCKRX4sJue_M5vCMTy6QNxShZb5RPRu7wion8kp_qZgOk9gD-vjNaGOvI37XEH81ewNuNxrUkvCIFi2JPphcRHJsg-UrL8cnqp6cNVllADbojPoXVAtUGyPtqCZvK0-0A2kLcFFAw8SEvRw6NL4n-p9x10UjTZJ9kYP8BHSGPihJjaJ2Y1a0hBWqYpIyD0g1MbBn147ssqMxz2H-shmrSqEJQrro3JpHIaMdymeNu-0BgIt__FMVnVAs7umFFwUlkE5gJoDGl5zXaIspD82BDo6ImCbLsaLZ1RzbjVNrkqrcEbrXKab2eBm0M9I4SyWgfuJcmZw5cHeWkhoGb0lWY_T_87gVB-IXGoibxDVR25nZAyZOvfn5mLen433-9Atca7JpE9XQexncppNd3aPLeic580I2hTU3xsAW2xt7zG9Q_frzas3LMvy2OhfYb92KdqUz9g0zBpylEJWmBeWPVpdLAMZAke24ToDQV6qlVbmPA36EeSkqxL9jybGJGptHH2FKiNfDhmuevddNU3qF8EGEUwDlntDuH67mtP9RIQdghHZo_1SrSxibWnjWqMXp2YRAJnhOZFxQJQFjwITn-luVVQViwPo3YqlDISf_lZRRjCiZkbw18xY56MevwfIV5UsbphK3zrT4vydm1w5qqOYlHJiA-nt52M6FKsc6Q-VuSLZt3QET3MAogpBHwTbSHDyu-ZhRF5uQTuqQmSr3pheeYEFdL0uj1UkJ_58Qrv51VgoJ_pXX1vczLdptczCZgYkivarw3_2kcEpdPR_az0FkwusqE6DMhNjjd83UK55zWWg_t9ga5s4dZYdwWTOzvrXd7O3dvIoySVOPaLSwjoFeVRfXzimFTgbbr3xKx5p7HPv61F_iRq6nuimpQ1nskPj1xdlb55kKAOJ0JxxiVj30CMd1igflACSNJAGDUXnbOx6SEfim_Zjjhl6sBgc_eU4l5rwSh_1HimSUun_JkiuZNU6vaH-qlaw_NcW6RP0sSZJWt6yiaS33pD4-evQNkhXxOf6aeb6Pjg6LfXQ0fIFWk0pa7ks1PSlI7PxPh_XWtDSrz4uH7SzWFLaLIhnUguRsD5BBwbuEMRMvGzzeerAWWMmkvdmKJrZar3voOmZFDp9W4Fp3Ofed5RPqPMOW3Hz0br2adq9YbcLptqa6yFBm-gGYinQGHbGHJnUhjwOyaYkzEUhT7LHTqkHnzH77TiAzlCXrKCUiXBYtkltWYhUQWk-0_lJTuYJf4sII11Hj_50Fwnv6pHlLZpYyVP0U6fTbr08uUT_MvVB3ZjLrUjapmwLyLTx56X05KOeomRrlVb3hkp-PyWM1AHt1aGF5JQi5Uu-3oj-gsHAuZ2CIXOMcAeb5bP3gD2nyr4Hu_ZhKFyyqUyhEo8XzBW_heEf5D-OAPmN6NwAXPdN--RiUt8muhUUvULHipWChGQHXQsKgjvCrA5kkvtedc3r4KEWtIrf9e9S4ON6fCw2ci9SknXdGq0zYJro7cwiRFdS7V72-cZSCXW3kclZ7OZWUmXu75RlD4ii4QJKtIE7pFg71g_pmRkXz8M9OT-6bU128XPMr-ZXBQbNt0m99UNRryWmuT0X7bI2LwcCr5kefq9AELKs4kqyARUi1H1o-5BtVrmSlSKdTmvOE7hk9DRXB_Oq8tYO34X4K023z7_lvDrbnBnjghykNTtxUDCN9pYEeRBOdSjXfvHmBa46e8zgP-yO7I6a0Xezi6iggUji_PbqpO8ZMF9C0UrT4qWDUDGAhUHI2077nvRdtWBmvr2m76gLOwerbDYp8VyUSHEfHnhUXKEsB2QcMKZWKnOhkc06f1Y1rqlUIm1Q0bePBMwToQOlD5jhUF-YlacQlHT5uSVFDeaeHqptRQvKB7gKcsOBRR36WyhiIY-HH1rLTGo7oCC2FRXJBwxZoVn3FjMWex4UM23vK900ZOTD2VGfYVo9VmzklTW962zUzAZ7WwTLG_Nu8DpeYSFKbU68Cdsi_3PFTms-vv4HVxjDwE2Wz_q8sSz7CUO8syUhWQwElleJVuFOyfz9fwHmZ-DUQwHDiSelYsbRQX1E5V0yoOOO5t39tu7vqakCweZgqJ6YvDO2x8UuK4XGp_U12n0NhfqvRJOMBOWvVMP2wr7Z4gJgZhA75IwS2X3QVGGItplUfPoCdZS7MRCMEjGqHZ5a_NrRJT1soJ03xV2Y9BJAI6pYi7R8NbzFxHcTaOMqfiBjAp29hzH6ZdTVfF2LqAAjvx8wB1kVZaYRQIZoiZK9sltv08ruwRdyDObAFXOmYjZaiOl5s2qK2UyMKXVpnRvNDelNGEWlW7TXetBgTr9-T3ALFyuE_IEqkcX9sDxOo-CwrmhUysVik7fRlVWeaee8WjtQUjN9O2yaHWD8ww-KDlq7jpq-zZQKDubseo5BMcm2l4xSIH9rh7rDcmBHRuo5r2Mdq7Ha_vZRyqO2WpXZIW7IrNSOIXvI651WHfQHecfNRKzahpa2wARytzwkH076UnandrCQnqYs2GWVKQKNKIPBsNho1O96krKUuCUGgqPn6FGYPSbwUgYl3CROvuvWVeQ1oKk18830L7oemxm-QzQxbGeRMWEjldMOILmLY2nBv5XgcXW6iq1JkBX0Ju7huVB6Fa6tDI-u6p1jBUIji7uShkIjrnLsNKtLnuU7q392lGwbkWUAuXxDRJskCGBik4TSG15mr1g-L0ZW_gSfdGMqm4fr949x30nL-bG29NmxerCTVK4AJlFEU6KqKZLCFoBPlNx-Q6SVZuk_7a8G_Y5tH1bTDV9Px48gAGTr0ntSv2-jQaTdR3CJMbiEiB8-_EGakYkL_04i2PYrdZl1mKo5b_P6hdmwWPbJJctZ5QawyUaHba4aVInHbboxjK4Cs1L0KySGFGDi7C0zFYUk6-zVbAT2AAVSXeRRAneDT5B_k85Dp1IlrP8PqJhk9z-x1DEOZNI2q2Lm-mdsdE48M6wm99aDu3epDmzkNFEgphkJAxkIZ5fbkzhqhjS3AaTFxQ4o3Dr-Ii-AqP8&cid=CAASJORoTduqudUjoyYDYtHE7nHXpTwEyLPRfWW2Y3aBIoU5vYMx3w&rfl=1%2Chttps%253A%252F%252Fznaj.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:10:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41107
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Mar 2023 15:10:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 745B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 27 Mar 2022 21:19:18 GMT
expires
Mon, 27 Mar 2023 21:19:18 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
18996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0FE2 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7f4702ae268d93ed87a638d80273a5909c97b27ac6ed4b0f643cd0f175e61b6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C0d7xnPoEJZuBh0ozsLm1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 28 Mar 2022 02:35:54 GMT
date
Mon, 28 Mar 2022 02:35:54 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-C0d7xnPoEJZuBh0ozsLm1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E6AC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 24 Mar 2022 09:34:28 GMT
expires
Fri, 24 Mar 2023 09:34:28 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
320486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame 745B 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
38208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 15:59:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0FE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220323&jk=2418174385814951&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 29 Mar 2022 02:35:54 GMT
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame E6AC 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
38208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 15:59:06 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame D5DE
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/823392/57133300/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fznaj.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6850cbfc04562cff037a0de3a76869f...
  • https://www.googletagservices.com/dcm/dcmads.js
11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 01:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 28 Mar 2022 02:36:21 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 03EA 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
3501471
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
rfkw2YfwTML5-nnu3rRSibnEPvKtooFPGlLQfEO92Yv_ylGdmIOmeA==
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=823392&asId=8d7c4181-d4f3-ab9e-4b82-387c39fb3950&tv=%7Bc:87us3N,pingTime:-3,time:45,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:45,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.823392-57133300%7C191%7C192%7C1a1%7C1b,idMap:19*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=823392&asId=8d7c4181-d4f3-ab9e-4b82-387c39fb3950&tv=%7Bc:87us3O,pingTime:-6,time:46,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.823392-57133300%7C191%7C192%7C1a1%7C1b,idMap:19*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:znaj.ua*&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 745B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?oF1gsw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=823392&asId=8d7c4181-d4f3-ab9e-4b82-387c39fb3950&tv=%7Bc:87us3X,pingTime:-2,time:55,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:109,mdZ:356,beA:365,beZ:366,mfA:367,cmA:368,inA:369,inZ:371,prA:371,prZ:375,si:380,poA:381,poZ:396,cmZ:396,mfZ:396,loA:410,loZ:412,ltA:419,ltZ:419%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.823392-57133300%7C191%7C192%7C1a1%7C1b,idMap:19*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,sinceFw:38,readyFired:false%7D&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
impl_v85.js
www.googletagservices.com/dcm/ Frame D5DE 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/823392/57133300/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fznaj.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8d7c4181-d4f3-ab9e-4b82-387c39fb3950,c:87us3i,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67cb66fbd5-28d5w,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.823392-57133300%7C191%7C192%7C1a1%7C1b,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:ca85032c-ae3f-11ec-b9e2-863b8a642467,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 09:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Mar 2023 09:36:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=2418174385814951&vrg=2022031601&nw_id=21863949019&nslots=6&eid=31065751%2C676982961%2C31065787%2C31065551%2C31065654%2C31064019&pub_url=https%3A%2F%2Fznaj.ua%2F&qid=CJn3_t7i5_YCFQaZewodOIoGRw&iu=%2F21863949019%2FZNA_ATC_970&e=0&ret=728x90&req=320x50%7C970x90%7C728x90&bm=0&efh=1&stk=0&ifi=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 25A4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=znaj.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2426
date
Mon, 28 Mar 2022 02:35:54 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 29 Mar 2022 02:35:54 GMT
B26458919.314051536;dc_ver=85.248;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=2086295853;ord=jak094;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBbqmCh9BYpnKBYay7gO4lJq4...
ad.doubleclick.net/ddm/adj/N8714.3325855MIQ/ Frame D5DE 		65 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N8714.3325855MIQ/B26458919.314051536;dc_ver=85.248;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=2086295853;ord=jak094;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBbqmCh9BYpnKBYay7gO4lJq4BJGPjepo6qub78APnZKDkqAlEAEgjLXie2C7hoCA0AqgAZPfos4ByAEJqQJaFK09VB22PqgDAaoE_AFP0PxEFvpYOx2lhgnK7pkdWbBnGXTNSShaQVsZVmyF-k1OFqjUU-4yQoPxbRuN0IGNVcZMisXEfrQZD5xTF5IjcaJ6BMz-7sMyzO5WQeYTQwfMafuuOXfB-XyirzGj-ZKHKkpd_fEMfPBqDeN5bnFDSyhMmnhF2B7K2SYXtiQ5YL508iLY_CY0TsulfmLogd7DBv4wyylkh13zaYWPKEt3v12xdnFqC49K3GMkpy4_QjAOVDlY8arxrxAFVio3un7uOfraDLzTdjyyM6leb6jIaOaMy3OmgdYjAfUIBFuH0gmQnJdm823NNjq-T0GZYssFXX82xfonJS75MyfABKnh-ZS_A-AEA5AGAaAGTYAH1aDdsQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6jN1g7QEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoTduqudUjoyYDYtHE7nHXpTwEyLPRfWW2Y3aBIoU5vYMx3w%26sig%3DAOD64_0vYJyRDYG5avyOLogY0q8i6sKmtw%26client%3Dca-pub-8417126197537762%26dbm_c%3DAKAmf-BegAfykEEvbs0pehBzt43LT5eU0aPu8JFovrgBDSkbIRn5j68dwfmlgl7lQhnuIm0rxzfbzX9dyT4nDa8o_VBAyndqIECB8WJw3NzBaT2argi282e21IxsLatjwFLPbTG9q2Xx-ROlQRy6mXN-6y5e6F5onA%26cry%3D1%26dbm_d%3DAKAmf-CBvIQ-t1GKPUmkkFFdpZtrUbsavm4skNz9UrZ3Be-mT1YmKoZMNEfT7UlKZN9Y3-KqMBkxODqCrQy5FqkdH-hGn6BWr-NP2dsL7tIOagL4hDlhkgiefag2YtA2eJcHtIIjC5A_iV6bb21gDe6PktIq04grEWApI6K_J-JmrudCmJnfIZMZwMLqBa1JF26362p0QFnplj6s0Gz8pgfjmA0u5TQ-x8h1v-AvXcyRHOA1ouy7grdlwdeln1V5xtxEASYuxBKfdPzQCq_DSkHoqdM6p8jC2YvwRavrCcrEWN8JZ8gmtILbLXqmu3AyJrLG05wYCfjTjA3i6b_9OMBwHVM3IVikjC415_jYNO--O_Tu1TDs3FYmWx8Zbqph7s-BGSGAajM5oxcUo_Vwso5-5Duu5BHenQFrc-QtSQEVJkFdl_p7a5QW_l5dsS4oUgQEynEmoki6soA9cW4BuGZamDrCFh30ng%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fznaj.ua%2F$0;xdt=1;crlt=TNN!MiJ6A3;sttr=75;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
62d2af756fc50649f280fca8af0462ab40ee0ace02652f82bcd9fa8f03d90ec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27429
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E6AC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXoxbCh9BYsKfG6WJ9u8P3Nqj6A8AAAAAOAHgBAI&bg=!7-yl7KjNAAbzJazn0yU7ACkAdvg8WgP0_tl6ISygx0yULwYJ79ud6hvvKArsbN9Ql8C3pfNywK-ecwIAAABzUgAAAAJoAQcKABveCmy5KXoqASy4-Ewg31a5hx-0_CQ32Q01gG-ZAyyrjWG51kCg3pwDmAryk45jaR5OlK05W6Co4gelQN1PjHMGrAp5M3W4wvr3K_gCAVeua4nqzKpFMH4RFFCkdl6crlznY7dYir1WkwHUjGWxo2Ucw47r_-kSr210VxhrJKuV5KITTgn2yLLYj5Cq-0Yo0UJHVXPsDCJ_eDvAYd9DnBBegMpUykdHk8AG51eVn5BDzEDLMYLz2y_IeBBBBFRbAFQg0CEEpPdVzIfR-0AcIAxErPzjNqFEHd9IhHBN4EqAuoHsV_Hh6rlkZHS1GXyo0ggJaWWgC-F3MImklvVCpJzFcsnUafOG0vWDt-L1bOrJkgZoPqBGvFxr4_g7ygFhZ-69_ogP8pPqCDAoVx_a6Z6-HI5oE6UYXGqmrZmF1rx0qU_cduKmbvh9JE356mOM9E_G89C9_LmO11J9SoPwT-9SE4oHtjpHzQn-OGLsD_oV5ks_TB21C1g4HdU4qEszT-CNuc_7q5j_T2x4hijhjaCvQkbVv81Tzt6iJW9x9M-o-TEACC6GjtYQeCImYYo-3Fktc_r1fKCtMFW1mR6gxvCMmq2ywSjX6mRXLqJDbOckM96YIwv5jRR_dlVt05n2nMna-jcKiZEYb4khTiQ6d2RZtOSrlPwEIYX4n-4d4wxfsWWd4J8-00pO8aauwFkBwNJmsaeQXCMYrcQZxW-VgsUDKoegte-gSLNAJukdST3rIXJtr7Lw8XeX7JKZR5SmSC3IADKjinsdiczAP6lCINPpwam6noA9blC46l6zF7fJ0krQyANzUi29DFpBRegRdmjQ7tlIks64VRBwsoKxDVRv3s2xhz9LR29jfMgdbX-Ks6q07vPGO-IiRPUARBl1e-WXIMF4NAIj5mgXPmlxDftvlIZmNMn-uCDSPNOasJuQWRKXHj0l6xEiMf0Ja-cDI8iPMz0Wiejb3g2ACNf_-7vd2-agC0Lxv7Jw5acKuf6_u68LUw54thiDSGG2joYPHyM2mVCIZA5_yK02Sfq_KTj8B3P4Yqr7pDGGkhJ659vqaAmHIZhK3_Sev5GMEqXppUUGP3o0NgDhZIC0zDSVNSe0_V7dDEcAUlMQcw
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=823392&asId=8d7c4181-d4f3-ab9e-4b82-387c39fb3950&tv=%7Bc:87us6q,time:208,type:e,im:%7Bimprf:%7Bttecl:376,ecd:42,tsecr:7%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:208,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B203~0%5D,as:%5B203~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.823392-57133300%7C191%7C192%7C1a1%7C1b,idMap:19*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sid
mug.criteo.com/ Frame 25A4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=znaj.ua&sn=ChromeSyncframe&so=0&topUrl=znaj.ua&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ZdBIW3w2cG1DZTFnc2xPQWxUQ1VaUGFGK3kzUXVwMEluWmk1U0lJTnhsZCtqUGJCNnhIQmtOVkVkRG5qK3FFMUprRTFzbDVta0wvZlRpZUtvMytSdFpZaFpJWmxpZkErTTNjWkhJZUFJVDVZL0NhTDRGVk9RbjRXcnAzRz...
430 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ZdBIW3w2cG1DZTFnc2xPQWxUQ1VaUGFGK3kzUXVwMEluWmk1U0lJTnhsZCtqUGJCNnhIQmtOVkVkRG5qK3FFMUprRTFzbDVta0wvZlRpZUtvMytSdFpZaFpJWmxpZkErTTNjWkhJZUFJVDVZL0NhTDRGVk9RbjRXcnAzRzRpbnlxb0kvYXZmazBFRkY1a2tJM08vTGZVZWZERElINmF1Nm1kRGJ6QXdDak8wMG5uUlZRbHdJZTNhNmZsaUZTVTU1RUhBeDNYQWU5dTNrdzM5M0RMUnB5bHV5MEdaOWFYZjBKTEh2NUhLTEVvQ1luWGQ2T284ZG5aTURhbGdWcTBWVG1QSWRLd2ZYYTdxNzFxQzZPREpuN0gydGkvdz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
435b448441c15c5d03764cd4185608a606caa2559259e77a44d787525751a438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
7483
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:54 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=ZdBIW3w2cG1DZTFnc2xPQWxUQ1VaUGFGK3kzUXVwMEluWmk1U0lJTnhsZCtqUGJCNnhIQmtOVkVkRG5qK3FFMUprRTFzbDVta0wvZlRpZUtvMytSdFpZaFpJWmxpZkErTTNjWkhJZUFJVDVZL0NhTDRGVk9RbjRXcnAzRzRpbnlxb0kvYXZmazBFRkY1a2tJM08vTGZVZWZERElINmF1Nm1kRGJ6QXdDak8wMG5uUlZRbHdJZTNhNmZsaUZTVTU1RUhBeDNYQWU5dTNrdzM5M0RMUnB5bHV5MEdaOWFYZjBKTEh2NUhLTEVvQ1luWGQ2T284ZG5aTURhbGdWcTBWVG1QSWRLd2ZYYTdxNzFxQzZPREpuN0gydGkvdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1896
content-length
541
expires
0
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame D5DE 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
Origin
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 14:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Mar 2022 14:41:43 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/ Frame D5DE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N8714.3325855MIQ/B26458919.314051536;dc_ver=85.248;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=2086295853;ord=jak094;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBbqmCh9BYpnKBYay7gO4lJq4BJGPjepo6qub78APnZKDkqAlEAEgjLXie2C7hoCA0AqgAZPfos4ByAEJqQJaFK09VB22PqgDAaoE_AFP0PxEFvpYOx2lhgnK7pkdWbBnGXTNSShaQVsZVmyF-k1OFqjUU-4yQoPxbRuN0IGNVcZMisXEfrQZD5xTF5IjcaJ6BMz-7sMyzO5WQeYTQwfMafuuOXfB-XyirzGj-ZKHKkpd_fEMfPBqDeN5bnFDSyhMmnhF2B7K2SYXtiQ5YL508iLY_CY0TsulfmLogd7DBv4wyylkh13zaYWPKEt3v12xdnFqC49K3GMkpy4_QjAOVDlY8arxrxAFVio3un7uOfraDLzTdjyyM6leb6jIaOaMy3OmgdYjAfUIBFuH0gmQnJdm823NNjq-T0GZYssFXX82xfonJS75MyfABKnh-ZS_A-AEA5AGAaAGTYAH1aDdsQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE6jN1g7QEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoTduqudUjoyYDYtHE7nHXpTwEyLPRfWW2Y3aBIoU5vYMx3w%26sig%3DAOD64_0vYJyRDYG5avyOLogY0q8i6sKmtw%26client%3Dca-pub-8417126197537762%26dbm_c%3DAKAmf-BegAfykEEvbs0pehBzt43LT5eU0aPu8JFovrgBDSkbIRn5j68dwfmlgl7lQhnuIm0rxzfbzX9dyT4nDa8o_VBAyndqIECB8WJw3NzBaT2argi282e21IxsLatjwFLPbTG9q2Xx-ROlQRy6mXN-6y5e6F5onA%26cry%3D1%26dbm_d%3DAKAmf-CBvIQ-t1GKPUmkkFFdpZtrUbsavm4skNz9UrZ3Be-mT1YmKoZMNEfT7UlKZN9Y3-KqMBkxODqCrQy5FqkdH-hGn6BWr-NP2dsL7tIOagL4hDlhkgiefag2YtA2eJcHtIIjC5A_iV6bb21gDe6PktIq04grEWApI6K_J-JmrudCmJnfIZMZwMLqBa1JF26362p0QFnplj6s0Gz8pgfjmA0u5TQ-x8h1v-AvXcyRHOA1ouy7grdlwdeln1V5xtxEASYuxBKfdPzQCq_DSkHoqdM6p8jC2YvwRavrCcrEWN8JZ8gmtILbLXqmu3AyJrLG05wYCfjTjA3i6b_9OMBwHVM3IVikjC415_jYNO--O_Tu1TDs3FYmWx8Zbqph7s-BGSGAajM5oxcUo_Vwso5-5Duu5BHenQFrc-QtSQEVJkFdl_p7a5QW_l5dsS4oUgQEynEmoki6soA9cW4BuGZamDrCFh30ng%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fznaj.ua%2F$0;xdt=1;crlt=TNN!MiJ6A3;sttr=75;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:12:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1378
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Apr 2022 02:12:57 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A985 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 24 Mar 2022 09:34:28 GMT
expires
Fri, 24 Mar 2023 09:34:28 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
320487
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
main.gr.19.8.299.js
static.adsafeprotected.com/ Frame D5DE 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/653659/57061276/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:37:01 GMT
content-encoding
gzip
age
1749535
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Mar 2022 19:11:01 GMT
server
AmazonS3
etag
W/"587738d3e44b43a2620f42eb51d89fbf"
vary
Accept-Encoding
x-amz-version-id
kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
eFhMe4-r2S4GLMlU9jAD7FnqYU_tmZ80r5rhOoKLc8YgN-uupfcu1w==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 11B9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sun, 27 Mar 2022 05:53:44 GMT
expires
Mon, 28 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
74531
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D5DE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2afddbb6f203170be5b102881420ecc3c35e1a920b239f0d8dc0e8120e2b4dd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=823392&asId=8d7c4181-d4f3-ab9e-4b82-387c39fb3950&tv=%7Bc:87usaX,pingTime:-10,time:489,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1648434955159%7C%7Ca243be5f8700d1d30fca40b957ccdf79%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C052eabab34780ef6c01b0793f2974403%7C%7C82cc92c9cd918c1a502b4fc933882921%7C%7Ca802e6dd97f73c2a192cb6adc401de8d%7C%7Cc93cf5807386b759748dbd23b0cd9d86%7C%7C23582a1327081f04867c0a92200abc9d%7C%7C1629390669%7D
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel
cm.g.doubleclick.net/ Frame 11B9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEOkhsYw-fyQl2D9IL4LFcoQ&google_cver=1&google_push=AYg5qPJ2UTi9YFMUdMToK5pWFbLsaMixZeVqz2F4KCTFe3_LQcxj1M5vDb5Cch__bsxhaYSkAny2h_TONWf0cZ9u9g0Sp8BF9En8
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=985CAC98AAD5417597FA8D9FB3B918C0&google_push=AYg5qPJ2UTi9YFMUdMToK5pWFbLsaMixZeVqz2F4KCTFe3_LQcxj1M5vDb5Cch__bsxhaYSkAny2h_TONWf0cZ9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=985CAC98AAD5417597FA8D9FB3B918C0&google_push=AYg5qPJ2UTi9YFMUdMToK5pWFbLsaMixZeVqz2F4KCTFe3_LQcxj1M5vDb5Cch__bsxhaYSkAny2h_TONWf0cZ9u9g0Sp8BF9En8
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 28 Mar 2022 02:35:55 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=985CAC98AAD5417597FA8D9FB3B918C0&google_push=AYg5qPJ2UTi9YFMUdMToK5pWFbLsaMixZeVqz2F4KCTFe3_LQcxj1M5vDb5Cch__bsxhaYSkAny2h_TONWf0cZ9u9g0Sp8BF9En8
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 27 Mar 2022 02:35:55 GMT
google
match.adsrvr.org/track/cmf/ Frame 11B9 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFkHJiZcxwe2skGO8q7r69Y&google_cver=1&google_push=AYg5qPLtBIm_fCpI5YADp_DfLn7JXb80VCtXgs0Ybzkl5rhX7rmaqSyja026D_zgDco91cGbg8hftSwQOugtm-pACaZl8blpfHsDOA
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 11B9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOICRJqMbyi2EHHRiSq7cNk&google_cver=1&google_push=AYg5qPKiHLOUrmjmYIfEliNNqWju2B1Ku6eAsIv2A-HCZij9lrFQYwqgykV4yIVual30h94aPmA6VqFmiG71hHD8EutyIPr...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKiHLOUrmjmYIfEliNNqWju2B1Ku6eAsIv2A-HCZij9lrFQYwqgykV4yIVual30h94aPmA6VqFmiG71hHD8EutyIPr6qB1UYQ&google_hm=NTM3NTMyODA4MTM2MDc3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKiHLOUrmjmYIfEliNNqWju2B1Ku6eAsIv2A-HCZij9lrFQYwqgykV4yIVual30h94aPmA6VqFmiG71hHD8EutyIPr6qB1UYQ&google_hm=NTM3NTMyODA4MTM2MDc3NDY4Ng%3D%3D
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 28 Mar 2022 02:35:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKiHLOUrmjmYIfEliNNqWju2B1Ku6eAsIv2A-HCZij9lrFQYwqgykV4yIVual30h94aPmA6VqFmiG71hHD8EutyIPr6qB1UYQ&google_hm=NTM3NTMyODA4MTM2MDc3NDY4Ng%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 11B9
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFzGN_1hGf_kqfDZ_UjGjnU&google_cver=1&google_push=AYg5qPLIrqZa0eR3jTwUuzfJTWPCLUMaZ5iYsJGtFHkZteNpBP7-8x997eVN9rGfENi1rMPEyMtnl_AgJN_COj_22SExZau...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFzGN_1hGf_kqfDZ_UjGjnU&google_cver=1&google_push=AYg5qPLIrqZa0eR3jTwUuzfJTWPCLUMaZ5iYsJGtFHkZteNpBP7-8x997eVN9rGfENi1rMPEyMtnl_AgJN_COj_22SExZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLIrqZa0eR3jTwUuzfJTWPCLUMaZ5iYsJGtFHkZteNpBP7-8x997eVN9rGfENi1rMPEyMtnl_AgJN_COj_22SExZauWUa75Mw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLIrqZa0eR3jTwUuzfJTWPCLUMaZ5iYsJGtFHkZteNpBP7-8x997eVN9rGfENi1rMPEyMtnl_AgJN_COj_22SExZauWUa75Mw
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLIrqZa0eR3jTwUuzfJTWPCLUMaZ5iYsJGtFHkZteNpBP7-8x997eVN9rGfENi1rMPEyMtnl_AgJN_COj_22SExZauWUa75Mw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame 11B9 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHuTCTVqYaeo5BNiLXWiCGY&google_cver=1&google_push=AYg5qPLsMPVpxVzP59Nx0mMmcmJWnjSKijAv1sUhWjlgJT1a_r2IG35GyNXVrQQNwXhmfTYrdf7WS-63rYDkXbFfYxAMLA6-JPIo1g
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
pn7gpnkbla3lkgirgf9frbec1kjpgveq
pixel
cm.g.doubleclick.net/ Frame 11B9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Di99Fh7aSFORBIFRa6gcEg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Di99Fh7aSFORBIFRa6gcEg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJV7sMs8kZHmK6YXAfvXKfiv-s7WVt5AswAkWDNqL9MliCtjvAgBVISIWzHTUFuN3KA3OJrrByi-8udJ_6gLpIwQGt8B5Bw
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Di99Fh7aSFORBIFRa6gcEg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJV7sMs8kZHmK6YXAfvXKfiv-s7WVt5AswAkWDNqL9MliCtjvAgBVISIWzHTUFuN3KA3OJrrByi-8udJ_6gLpIwQGt8B5Bw
date
Mon, 28 Mar 2022 02:35:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 11B9
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFUB4rsenI0NegcgeQ5_HAA&google_cver=1&google_push=AYg5qPJFBl0JqzGYi0mEoy6IYcj1aThzI17xMCtN1EVzvqubc5Ht39_mArkVBkeOR1SMjWb2WomQzINoxA0ah8m13...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFUB4rsenI0NegcgeQ5_HAA&google_cver=1&google_push=AYg5qPJFBl0JqzGYi0mEoy6IYcj1aThzI17xMCtN1EVzvqubc5Ht39_mArkVBkeOR1SMjWb2WomQzINoxA0ah8m13...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJFBl0JqzGYi0mEoy6IYcj1aThzI17xMCtN1EVzvqubc5Ht39_mArkVBkeOR1SMjWb2WomQzINoxA0ah8m13Q_nrPcIxx3lig&google_hm=29c061e90978d3610aef...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJFBl0JqzGYi0mEoy6IYcj1aThzI17xMCtN1EVzvqubc5Ht39_mArkVBkeOR1SMjWb2WomQzINoxA0ah8m13Q_nrPcIxx3lig&google_hm=29c061e90978d3610aef1b23
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 28 Mar 2022 02:35:55 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJFBl0JqzGYi0mEoy6IYcj1aThzI17xMCtN1EVzvqubc5Ht39_mArkVBkeOR1SMjWb2WomQzINoxA0ah8m13Q_nrPcIxx3lig&google_hm=29c061e90978d3610aef1b23
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame 11B9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWJTOFgolTJa2qXbGouFZ235mQl8ljTBvxt0H9o2gTa4CVeVNtgGRYO87L7ezkW-HGlWSr
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
pagead2.googlesyndication.com/bg/ Frame A985 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 18:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
28237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13603
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 18:45:18 GMT
skeleton.js
static.adsafeprotected.com/ Frame D5DE
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/653659/57061276/skeleton.js?adsafe_url=https%3A%2F%2Fznaj.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6850cbfc04562cff037a0de3a76869fd.safeframe.googlesynd...
  • https://static.adsafeprotected.com/skeleton.js
17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:214f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 08:35:57 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
age
22787999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
jSM9JOPw71ZX-GbiXP7HYWSgO61rU8WrNfegMCYI5yZEnG_PgmKD1Q==

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 6406 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
3501472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
zLzR-0Lakf0fN1veyz4h27AQcyDU3oDXExTeYw21jymsO_h857iNSA==
sca.17.5.12.js
static.adsafeprotected.com/ Frame 1774 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
3501472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
VVGcceUxPknyL8sHZT3byfOXulHSax_CMVqM_LzlBYbQ3xxW3vAJ6g==
mon
pixel.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=18517273&campId=47474517&pubId=1&chanId=134288234697&placementId=379451219&dealId=549644393847897261&adsafe_par&impId=ABAjH0inZmGy_-4orJ_pAlChc2xn&bidurl=https://znaj.ua/&adsafe_url=https%3A%2F%2Fznaj.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:848ef52f-41f8-eb77-bf35-5d7f5dbbef43,c:87usc6,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-78748f7967-2vhpz,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:122,fm:t1l74Wc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.10933%7C191%7C192%7C193%7C194%7C195%7C196%7C1a%7C1b%7C1c,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:127,oid:ca8243b4-ae3f-11ec-b352-c6f5064a4c04,v:19.8.299,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.137.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-137-235.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=823392&asId=8d7c4181-d4f3-ab9e-4b82-387c39fb3950&tv=%7Bc:87uscg,pingTime:-2.1,time:570,type:a,im:%7Bpci:%7Btdr:504%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:570,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B565~0%5D,as:%5B565~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:242,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.823392-57133300%7C191%7C192%7C1a1%7C1b,idMap:19.a7b373bb-6988-ac04-1edd-fcdabcfa46c1.32_653659-57061276%7C19*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:38,readyFired:false%7D&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=a7b373bb-6988-ac04-1edd-fcdabcfa46c1&tv=%7Bc:87usci,pingTime:-3,time:140,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:109%7D,%7Bpiv:0,vs:o,r:l,t:139%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:140,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:109,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1,0~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1l74Wb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.653659-57061276%7C191%7C192%7C193%7C194%7C195%7C1a%7C1b%7C1c,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=a7b373bb-6988-ac04-1edd-fcdabcfa46c1&tv=%7Bc:87uscj,pingTime:-6,time:140,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:140,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:109,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1,0~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1l74Wb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.653659-57061276%7C191%7C192%7C193%7C194%7C195%7C1a%7C1b%7C1c,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:znaj.ua*&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=823392&asId=8d7c4181-d4f3-ab9e-4b82-387c39fb3950&tv=%7Bc:87uscl,pingTime:-2.2,time:575,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D,%7Bpiv:100,vs:i,r:,t:575%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1,o:575,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B570~0%5D,as:%5B570~728.90%5D%7D%7D,%7Bsl:i,t:575,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:242,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.823392-57133300%7C191%7C192%7C1a1%7C1b,idMap:19.a7b373bb-6988-ac04-1edd-fcdabcfa46c1.32_653659-57061276%7C19.848ef52f-41f8-eb77-bf35-5d7f5dbbef43.17_10933%7C19*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:38,readyFired:false%7D&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=848ef52f-41f8-eb77-bf35-5d7f5dbbef43&tv=%7Bc:87uscp,pingTime:0,time:145,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:126%7D,%7Bpiv:100,vs:i,t:145%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:145,o:0,n:145,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:i,t:145,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1l74Wb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.10933%7C191%7C192%7C193%7C194%7C195%7C196%7C1a%7C1b%7C1c,idMap:19.a7b373bb-6988-ac04-1edd-fcdabcfa46c1.33_653659-57061276%7C19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=848ef52f-41f8-eb77-bf35-5d7f5dbbef43&tv=%7Bc:87uscp,pingTime:-3,time:145,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:126%7D,%7Bpiv:100,vs:i,t:145%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:145,o:0,n:145,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:i,t:145,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1l74Wb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.10933%7C191%7C192%7C193%7C194%7C195%7C196%7C1a%7C1b%7C1c,idMap:19.a7b373bb-6988-ac04-1edd-fcdabcfa46c1.33_653659-57061276%7C19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=848ef52f-41f8-eb77-bf35-5d7f5dbbef43&tv=%7Bc:87uscq,pingTime:-6,time:146,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:146,o:0,n:145,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:i,t:145,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1l74Wb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.10933%7C191%7C192%7C193%7C194%7C195%7C196%7C1a%7C1b%7C1c,idMap:19.a7b373bb-6988-ac04-1edd-fcdabcfa46c1.33_653659-57061276%7C19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:znaj.ua*&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=a7b373bb-6988-ac04-1edd-fcdabcfa46c1&tv=%7Bc:87uscu,pingTime:-2,time:151,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:109,bdZ:291,beA:798,beZ:799,mfA:893,cmA:895,inA:895,inZ:898,prA:898,prZ:903,si:908,poA:909,poZ:920,cmZ:920,mfZ:920,loA:938,loZ:940,ltA:949,ltZ:949%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.94,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:109%7D,%7Bpiv:0,vs:o,r:l,t:139%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:151,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:109,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1,0~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B12~0%5D,as:%5B12~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.653659-57061276%7C191%7C192%7C193%7C194%7C195%7C1a%7C1b%7C1c,idMap:19.848ef52f-41f8-eb77-bf35-5d7f5dbbef43.18_10933%7C19.8d7c4181-d4f3-ab9e-4b82-387c39fb3950.14_823392-57133300%7C19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:40,readyFired:true%7D&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=848ef52f-41f8-eb77-bf35-5d7f5dbbef43&tv=%7Bc:87uscL,pingTime:-2,time:167,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:799,beZ:800,mfA:921,cmA:921,inA:921,inZ:922,prA:922,prZ:924,si:926,poA:926,poZ:932,cmZ:932,mfZ:932,loA:945,loZ:946,ltA:966,ltZ:966%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.94,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:126%7D,%7Bpiv:100,vs:i,t:145%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:167,o:0,n:145,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:i,t:145,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B22~100%5D,as:%5B22~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.10933%7C191%7C192%7C193%7C194%7C195%7C196%7C1a%7C1b%7C1c,idMap:19.a7b373bb-6988-ac04-1edd-fcdabcfa46c1.33_653659-57061276%7C19.8d7c4181-d4f3-ab9e-4b82-387c39fb3950.14_823392-57133300%7C19.of121,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:40,readyFired:true%7D&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220323&jk=2418174385814951&bg=!Xl2lXRnNAAbzJazn0yU7ACkAdvg8WsarO0YcN4N1VinKxxb1PFv4T7GvhQCYrL73rL_hDLdWJ1XHXwIAAACeUgAAAAJoAQcKAE94EjXPcJ6UGmc1FDuYr_monEGhPyudn0MRf6g90eOQH7nFucz6v1zi65KPkLLBjP6Y9Xwdoqt27OW2JtLms_Jb1Wzmh8swzEV0Z5D9ugVCmQLs3F9KIZ8YbFCKQ7XhvXVav2QmbRXDbbr96IkdXVvGhr_YIZth82guZtHreKlVHDOkx3sfGVB4Jb8GwOEBaDK3A2pVoMLTWjawjFCIwDZAriEXzktWX6eVB7uTXX_sgvKzyyoRcev5yW_Ru6FQKtU8y4isRJ6UANKIxgmyEgVrZ8AlinQJOk4lX49ULTqQFBctUT11gbw7A4HLWNzh6GWU8cCx0loFQvfVl443xbk_ljKbgiIPoWlODGj2BQhjWLlu0EgE5wxQ5KUBTJIgcPD2cIOlLiNriRvsV_GTYsTsAt8LOwtqbpHsffW1ZyyEE9rLXsujmPwv1JQmh8br9tipR8OZ6VM1w3rt305UYO1INrI8HX8fe6fO4U2zzeRNPlZND4x8tiBVvNSp-9aZ0MQ2CjYu3LBC1CbPlnfTL1Q-ik4vHaB1d9h5MIbnS8qfofM7CaOhg1fV-CNqc4kGq-MYPuCh-oqqupkYlA_mG3CH10xA5YUm9WLzLN_OBJSNSe4KQ0FRLy6ZOiG4OrqXLj2yT0d_lhbInwloS2sV_vgRi0zrBenN2QVh-_LzGRqcCKfrWnezFSXF60xz-Mc38lI2zUHw5BNHLSbLVO-NUHcoGFzc3wjbN7UerYVf3_rRitc0yFvw38HB3FMc82IQG_TEsdVe9T9Ml5LSBNf7jwV3A35qUUQinhRiTE_0QHCSFXzJmZ5bJS-N6NN8QVAE1ZWuGogC3o6XxWdD_f2FRPoFlJrrLgKkvOFJpxXQUEk44--_j8QZRjUEGE2v1kMfkeZxwkr89AHEODSpuE0GSyCCF0F_IUI8db4uHTf41mzRCtQUxLTfEEyERm1DfLt7RfAJOmIDk0rfAvh7nUjyb4sIGrRf5DjH42BrKIEebxDaHix7XkcjTvoncuZ_H8GMcXNGgBmJxrjYXRyONLC0dG41VL06rxbosLT6STV-5Xb_5X3GyIWbUEE7HOYJWoLDVJgbuD5wBAb2e45CkCuApA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/8774251903403153440/ Frame 47C5 		30 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebea0d6b95d6d63f40485208fed87f78451407727920f0c30330f08f14aa468d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Wed, 23 Mar 2022 20:36:51 GMT
expires
Thu, 23 Mar 2023 20:36:51 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
content-type
text/html
content-length
4553
age
367144
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame D5DE 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsve9sYM1JWq1GxTPUSHAfTBy0k3BmFXjI22uZy2iiCdYpxBNogXp_nxJagwnWwfAB5sT8OD0okk3X6nHY1iLwSDj42A8IERlybEhr4lVqBL29DU7l9b2gqt7BpZgHflsZCNlPYpZtQPal3-uS1773dviM-Dh8kCfY8G86w&sig=Cg0ArKJSzA5eoOZ507dhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=211&cbvp=1&cstd=209&cisv=r20220323.97547&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 02:35:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adview
googleads.g.doubleclick.net/pagead/ Frame 8084 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZXf_CR9BYtXRGo64gAewpIOYD5vkiZ5p9qjaqNIPZBABIMGggHpgu4aAgNAKoAGr68jFA8gBCakCWhStPVQdtj6oAwGqBNkBT9Cevc30ugNj5pu6-xI1voCfou9t37G6z3eiigjU2i7mCPTkCeNAwTPYNGeRQtwSBockzTgK28UNAgamOZZFFvlNBAW7jpB_2mKhVPtzXLZyDTRJ5Hrl7AY5Z64gpw5A8eSdZugcEMRTyU34sn8ugXGPiAcejGvGhpXMmTRHbz-jPqm6Y2avjmA3XIUBIIUHzweCBTDU7ew9kWPlpS4sMu1CRDKQ7lRWPMXIFAAmfluWuNeZMA1owpCUwDrl87ZmeG8zjiweRzR4HJxheLp9MDRuJ6pWWG5UKsAEopiP6foDkgUECAQYAZIFBAgFGASgBi6AB4LrszCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDn-AvSCAkIgOGAEBABGB-ACgHICwGYDMfilP7xA7gTgwTYEw7QFQGAFwGyFxwKGggAEhRwdWItOTQ1NjA4ODA1NzQ4NDk3MBgA&sigh=RohtQuEMwXU&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 28 Mar 2022 02:35:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8084 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEwD0L_VFelZ4jl1dKGQIqzut5LHuzTt-4SpBU_ZAS7Oqy-AL7Iq9W_Vv6eDiuJAvpE1KbmCn-IvBfnxBtR3DbIjgNBLILB0j8LKfGAGEYhbjhAH7xqmGwY9uRJtZt6mzyTbwZASCafDdIpMJPmmqD7w6brXPrnA&sai=AMfl-YR3CTrRyMokQKSPlUU-9JPnzzxTvFFGKFl3g_OLA7GBe3pl96LnLBPnq2BFjk5meIWAXc7D8_IOC3k_&sig=Cg0ArKJSzDkWW4QUw5p2EAE&id=lidar2&mcvt=1029&p=0,0,124,1005&mtos=86,802,1029,1152,1178&tos=86,716,227,123,26&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1648434953909&rpt=247&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A985 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuuGzCh9BYubHPJyBjuwPnNe5qAQAAAAAOAHgBAI&bg=!wsGlwYXNAAbzJazn0yU7ACkAdvg8WhzFWC42lHX-B2DAq-GycghS7kJyRRuzRFM4e09FYR2Nq93IRQIAAABzUgAAAAJoAQeZAyXL5qJ5msWJ1HJUm6oD5rRuDtBd1uy38CpCNmdL8mc26Ykf-AfKYJ96z721lPY0siT5EyWe30ngz73eiZ28DmS1okpaF4i2IGRgpofZjU1OPLSoXsu4QmoSgk71KLRLEJsv-Fpz1ABB_45Yj47MWFhBnWfFMCTO3KjjXwB6Jp5OKZN6mYOSwuIN0XF_yk1NdzitJq6tTQ0EQEENsXGQr9dO3o61yTZxRLBUHwAOJB0egkiEsrAl1kyej8I2S7Abnp6kIhUZyXEQ6ZS_IL-vGiGJaVJtgkwNv74Jko6r_VPDYlv2b-CZP5_MruvZloaPW08h0FzmY2uI6rMog-_bWB3WOsxNMpKFdkN-ig7Brdbgse_rht5Q6tsV0uSmRwBgMk6zST_aeS1GtcwdGqVHfGemnorkJ_vWHmWr4kS-wbeyFIAFjym1iHEQYdCawf_Fqr7kZpxTpcqHKPGEvIu-KsXMwt2z8BwJ2fc5rRELctRDCnB0nhYWAnoIKghdILEyP25bbfZEXlMqLrx4ufVsybq6QgLIbszvm3JuQ5J59fjQKot24UKpDWDt9j626bpi_iNmAXGlzWLV_8mt7hhHTIoJT7G3XKgaxpKB9yP0XkoR_N92KpbrTBqSlSoTmTvYhoG6fX7nQJeHdNKJ600eGJaPyBuu2FGGrcaE9iKZMKsxRHB0ONHtH1dmcY35biO-JjAd3UxgoFgleKXNMzrtfce8esN1Azkteup6sznWLxeVTDAn_2lWj5bHBhRPnGB-JNoiZA7fBz8dqaKjeVc-_HBzOiDMmNCVDzvEmioENqmp-vj_NR16C3hcFASzummcEABv8bf7XHtVdJ79NC61Dh-BdDI8dHjoCSC7VEsaBDS8FEMiHaUYlPT7hE5duPX3mFIXJd5IjlI-W4cVHnBmZiumH-kqmgoFtr-lDW35my2-7fEXqSmBumh8O6K71If52x3kPXFUxrC0mhZoCUoX9lZH-JOKSQ_Unmo3gG2CIPbqKaDTJfAVMM8jFMU7T8_un0LY6UpnvtpwH8ZxqwW76fXnrELZel-gTqsRNQS4vXgnkXDnTPpX
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=a7b373bb-6988-ac04-1edd-fcdabcfa46c1&tv=%7Bc:87useL,time:292,type:e,im:%7Bimprf:%7Bttecl:936,ecd:42,tsecr:36%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:141,o:152,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:109,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1,0~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~728.90%5D%7D%7D,%7Bsl:i,t:152,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B141~100%5D,as:%5B141~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:123,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.653659-57061276%7C191%7C192%7C193%7C194%7C195%7C1a%7C1b%7C1c,idMap:19.848ef52f-41f8-eb77-bf35-5d7f5dbbef43.18_10933%7C19.8d7c4181-d4f3-ab9e-4b82-387c39fb3950.14_823392-57133300%7C19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
URL: https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:55 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
300210907.jpg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210907.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82597497f670da7d07dcdece8fdb19f6f2438f256ed08c9689636b027ce1586e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52947
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Mar 2023 02:35:55 GMT
300210908.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		10 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210908.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b904ed93d0c3ca9fef96a239c48a4310e2b93b67cadb9ebb94ded4c975f3f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 09:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2485
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Mar 2023 09:02:53 GMT
300210909.png
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210909.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa51ef3b957c95433b2ff2f67c97335cc1abdf50fce8b124e94b6bedd9134344
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 15:53:55 GMT
x-content-type-options
nosniff
age
297720
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81231
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Mar 2023 15:53:55 GMT
300210910.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210910.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
803f1c26a7a91cb8c7c37f264fd257cce73a4d17ea2e4c269098d1693355859e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1995
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Mar 2023 15:31:51 GMT
300210921.jpg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210921.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d839291084da26645134b3a5f7cee8f0a98b23834bdbc5ce092c7d56ab6c283c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 15:53:56 GMT
x-content-type-options
nosniff
age
297719
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52922
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Mar 2023 15:53:56 GMT
300210922.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		10 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210922.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8735d7ac1e9683e5a1c8d19464b22636699d5b7f2e1fe8e7e6a6bbf2dee73ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2179
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Mar 2023 02:35:55 GMT
300210923.png
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210923.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae674ff379ee3d8123cacfa68b5ace5ec95086ad756839db9eb04b162ebf2d1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 15:53:56 GMT
x-content-type-options
nosniff
age
297719
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81216
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Mar 2023 15:53:56 GMT
300210924.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210924.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3d74753fdff879dcb63a6d1f28c5117f10f2e281f254246bebf4a210000ec6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 09:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1995
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Mar 2023 09:02:53 GMT
300210935.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		144 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210935.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b43e08124349f66f4aaf8caeda5999f8ad2f6a276ce20b9aa963228682a31b2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 06:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505179
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 06:16:16 GMT
300210936.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		5 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210936.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb77c64d0ebab7ec9249008fe40450c3045415eb5f17cc4ebba47c1312024ad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 15:41:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1351
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Mar 2023 15:41:52 GMT
300210937.png
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210937.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
938e3ab026b870fe21c2c8503a8f91b9953f781caa4ca8aea0c723e3a5d1bb91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:36:51 GMT
x-content-type-options
nosniff
age
367144
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92389
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:36:51 GMT
300210940.png
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210940.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14fbdf1641b253f81747db687ff6b7677b3de328863297e30ca30df65bb3765e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:36:51 GMT
x-content-type-options
nosniff
age
367144
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29528
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:36:51 GMT
300210943.jpg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210943.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eda6db10d657040745f6d7069897b5bc5efdf956dc6d8e8711b03707150a123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:36:51 GMT
x-content-type-options
nosniff
age
367144
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52539
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:36:51 GMT
300210944.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210944.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b11528e371057f7bdb3146bd903c96e94abd802455b952443d44ebc4979ba74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 21:42:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363214
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1995
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 21:42:21 GMT
300210955.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		11 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210955.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb87285e8fd117ec945c89b3b1d84925ba882fc26fa69b1ad092958d74b34e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 21:33:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
536553
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2167
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Mar 2023 21:33:22 GMT
300210956.png
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210956.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d088b790291ca98dbaaa9d56c51b91559c5483135e1fd4770850c7772651c6c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 09:02:54 GMT
x-content-type-options
nosniff
age
63181
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110547
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Mar 2023 09:02:54 GMT
300210957.jpg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210957.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eda6db10d657040745f6d7069897b5bc5efdf956dc6d8e8711b03707150a123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 15:53:58 GMT
x-content-type-options
nosniff
age
297717
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52539
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Mar 2023 15:53:58 GMT
300210958.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210958.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02dfdc9d87840d63f06bdab66eea6ed62e50daf2b2598ee4d067ab7181a4bde3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 06:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505179
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1995
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 06:16:16 GMT
300210969.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		10 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210969.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e73bddc6ccc58b253484c40a84517c8a281035b1ab4969b1b1d9dea9be5e01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 23:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
531193
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1938
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Mar 2023 23:02:42 GMT
300210970.png
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210970.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d088b790291ca98dbaaa9d56c51b91559c5483135e1fd4770850c7772651c6c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:36:51 GMT
x-content-type-options
nosniff
age
367144
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110547
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:36:51 GMT
300210971.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		144 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210971.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b43e08124349f66f4aaf8caeda5999f8ad2f6a276ce20b9aa963228682a31b2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367144
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:36:51 GMT
300210972.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210972.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd52ed57270787fe65c966df26fd06db79b1fcf801062a36821455b9ede4c5c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367144
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2089
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:36:51 GMT
300210985.png
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300210985.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15a3639406a4163000d7a61bc353f11497a718722ed8bd46fbd823856d9497cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:36:33 GMT
x-content-type-options
nosniff
age
262762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59446
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:36:33 GMT
300211016.png
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300211016.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
808f2fa328183e007990a640e1788d4bfa4a0ef78dca0fc03530a27e71c390b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:36:51 GMT
x-content-type-options
nosniff
age
367144
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14679
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:36:51 GMT
300211022.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300211022.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e0ccc5d11868c639ce27377485f78f37d8ea2e43a4b5f625be841164d30f94f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367144
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1266
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:36:51 GMT
300211023.svg
s0.2mdn.net/sadbundle/8774251903403153440/images/ Frame 47C5 		11 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8774251903403153440/images/300211023.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e160913701fbdfdb45d40338fba9caf2909b19a1470e590cc45d8ee38df558c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8774251903403153440/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 10:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315530
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2282
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 15:33:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Mar 2023 10:57:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D5DE 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsve9sYM1JWq1GxTPUSHAfTBy0k3BmFXjI22uZy2iiCdYpxBNogXp_nxJagwnWwfAB5sT8OD0okk3X6nHY1iLwSDj42A8IERlybEhr4lVqBL29DU7l9b2gqt7BpZgHflsZCNlPYpZtQPal3-uS1773dviM-Dh8kCfY8G86w&sig=Cg0ArKJSzA5eoOZ507dhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=594&vt=11&dtpt=383&dett=3&cstd=209&cisv=r20220323.97547&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: znaj.ua
URL: https://znaj.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Mar 2022 02:35:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame D5DE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscWLxX_jJnvTrloCtZsbKXj6nI32MN4UgW1VvByy3Z8NeRA9G1diXQ3kHozIb1pdnmyCgPRayVm3kHluXYK_ZsTVYklh7APsKBg47L9xh7SLk6BCilBw&sai=AMfl-YTE4o9HmeV-Bx4ew-9Cuof83ohWO6CmwKCma-tK2f8uhoUgwXiTyD5DQ7wjS1H7TlQR-O_CsfPcK62ncdoQ9Z4gq9mnjzWvpGwXnNWZpXoTLTq56oTM-b3Amu8&sig=Cg0ArKJSzEuMADKhpHPcEAE&cid=CAASJORoTduqudUjoyYDYtHE7nHXpTwEyLPRfWW2Y3aBIoU5vYMx3w&id=lidar2&mcvt=1000&p=147,436,237,1164&mtos=808,1000,1000,1000,1000&tos=808,192,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2184955199&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648434954305&rpt=808&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=848ef52f-41f8-eb77-bf35-5d7f5dbbef43&tv=%7Bc:87ussx,pingTime:1,time:1145,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:126%7D,%7Bpiv:100,vs:i,t:145%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1145,o:0,n:145,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:i,t:145,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:119,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.10933%7C191%7C192%7C193%7C194%7C195%7C196%7C1a%7C1b%7C1c,idMap:19.a7b373bb-6988-ac04-1edd-fcdabcfa46c1.33_653659-57061276%7C19.8d7c4181-d4f3-ab9e-4b82-387c39fb3950.14_823392-57133300%7C19.of121,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:56 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=848ef52f-41f8-eb77-bf35-5d7f5dbbef43&tv=%7Bc:87ussy,pingTime:1,time:1146,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:126%7D,%7Bpiv:100,vs:i,t:145%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1146,o:0,n:145,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:i,t:145,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:119,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.10933%7C191%7C192%7C193%7C194%7C195%7C196%7C1a%7C1b%7C1c,idMap:19.a7b373bb-6988-ac04-1edd-fcdabcfa46c1.33_653659-57061276%7C19.8d7c4181-d4f3-ab9e-4b82-387c39fb3950.14_823392-57133300%7C19.of121,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:56 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=848ef52f-41f8-eb77-bf35-5d7f5dbbef43&tv=%7Bc:87ussz,pingTime:1,time:1147,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:126%7D,%7Bpiv:100,vs:i,t:145%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1147,o:0,n:145,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:i,t:145,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:119,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.10933%7C191%7C192%7C193%7C194%7C195%7C196%7C1a%7C1b%7C1c,idMap:19.a7b373bb-6988-ac04-1edd-fcdabcfa46c1.33_653659-57061276%7C19.8d7c4181-d4f3-ab9e-4b82-387c39fb3950.14_823392-57133300%7C19.of121,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:56 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=a7b373bb-6988-ac04-1edd-fcdabcfa46c1&tv=%7Bc:87ussD,pingTime:1,time:1152,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:109%7D,%7Bpiv:0,vs:o,r:l,t:139%7D,%7Bpiv:100,vs:i,r:,t:152%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1000,o:152,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:109,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1,0~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~728.90%5D%7D%7D,%7Bsl:i,t:152,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:118,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.653659-57061276%7C191%7C192%7C193%7C194%7C195%7C1a%7C1b%7C1c,idMap:19.848ef52f-41f8-eb77-bf35-5d7f5dbbef43.18_10933%7C19.8d7c4181-d4f3-ab9e-4b82-387c39fb3950.14_823392-57133300%7C19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:56 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=a7b373bb-6988-ac04-1edd-fcdabcfa46c1&tv=%7Bc:87ussE,pingTime:1,time:1153,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:109%7D,%7Bpiv:0,vs:o,r:l,t:139%7D,%7Bpiv:100,vs:i,r:,t:152%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:152,n:139,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:109,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1,0~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:o,t:139,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~728.90%5D%7D%7D,%7Bsl:i,t:152,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:118,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.653659-57061276%7C191%7C192%7C193%7C194%7C195%7C1a%7C1b%7C1c,idMap:19.848ef52f-41f8-eb77-bf35-5d7f5dbbef43.18_10933%7C19.8d7c4181-d4f3-ab9e-4b82-387c39fb3950.14_823392-57133300%7C19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:56 GMT
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=823392&asId=8d7c4181-d4f3-ab9e-4b82-387c39fb3950&tv=%7Bc:87ustH,pingTime:1,time:1651,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D,%7Bpiv:100,vs:i,r:,t:575%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1076,o:575,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B570~0%5D,as:%5B570~728.90%5D%7D%7D,%7Bsl:i,t:575,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1076~100%5D,as:%5B1076~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:129,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.823392-57133300%7C191%7C192%7C1a1%7C1b,idMap:19.a7b373bb-6988-ac04-1edd-fcdabcfa46c1.32_653659-57061276%7C19.848ef52f-41f8-eb77-bf35-5d7f5dbbef43.17_10933%7C19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:56 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=823392&asId=8d7c4181-d4f3-ab9e-4b82-387c39fb3950&tv=%7Bc:87ustH,pingTime:1,time:1651,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D,%7Bpiv:100,vs:i,r:,t:575%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1076,o:575,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B570~0%5D,as:%5B570~728.90%5D%7D%7D,%7Bsl:i,t:575,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1076~100%5D,as:%5B1076~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:129,fm:t1l74Pc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C19*.823392-57133300%7C191%7C192%7C1a1%7C1b,idMap:19.a7b373bb-6988-ac04-1edd-fcdabcfa46c1.32_653659-57061276%7C19.848ef52f-41f8-eb77-bf35-5d7f5dbbef43.17_10933%7C19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:56 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame D5DE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuK4h8jVb1gwNBotIk7E-KmYHb9opTecempe8fd7HZA8eya52OLHqKgi91IYcYH58YU4ETcynJrwN9PR16zSEcyxeMY7QAi6Q0&sig=Cg0ArKJSzGbMp8KHlrT9EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=2086295853&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648434954305&rpt=1019&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=a7b373bb-6988-ac04-1edd-fcdabcfa46c1&tv=%7Bc:87usyw,pingTime:-10,time:1517,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1648434955159%7C%7Ca243be5f8700d1d30fca40b957ccdf79%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C052eabab34780ef6c01b0793f2974403%7C%7C82cc92c9cd918c1a502b4fc933882921%7C%7Ca802e6dd97f73c2a192cb6adc401de8d%7C%7Cc93cf5807386b759748dbd23b0cd9d86%7C%7C23582a1327081f04867c0a92200abc9d%7C%7C1629390669,sca:%7Bspg:8d7c4181-d4f3-ab9e-4b82-387c39fb3950%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:56 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D5DE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=848ef52f-41f8-eb77-bf35-5d7f5dbbef43&tv=%7Bc:87usC5,pingTime:-10,time:1737,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1648434955159%7C%7Ca243be5f8700d1d30fca40b957ccdf79%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C052eabab34780ef6c01b0793f2974403%7C%7C82cc92c9cd918c1a502b4fc933882921%7C%7Ca802e6dd97f73c2a192cb6adc401de8d%7C%7Cc93cf5807386b759748dbd23b0cd9d86%7C%7C23582a1327081f04867c0a92200abc9d%7C%7C1629390669,sca:%7Bspg:8d7c4181-d4f3-ab9e-4b82-387c39fb3950%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-129-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:56 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
async_usersync.html
acdn.adnxs.com/dmp/ Frame B697 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-148.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
ETag
"623de86a-cf34"
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 29 Mar 2022 02:35:59 GMT
Date
Mon, 28 Mar 2022 02:35:57 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame EF13 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-148.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
ETag
"623de86a-cf34"
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 29 Mar 2022 02:35:59 GMT
Date
Mon, 28 Mar 2022 02:35:57 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8021 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Mar 2022 02:35:57 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 8021 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9ad1bb44af5999c63ca2cb0cc07b90c55f3f4752a55578ff5fb7e2e953161e61

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 02:35:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30316
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9540
Expires
Mon, 28 Mar 2022 11:01:13 GMT
async_usersync
ib.adnxs.com/ Frame B697 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:57 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
be07c323-6432-442d-a8fd-adefe6a98d8e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EF13 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:57 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
931800d0-6f55-41f9-8463-4b893469b2f0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8021
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iHIAjvuCR2eF4o9wJM35cQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iHIAjvuCR2eF4o9wJM35cQ
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iHIAjvuCR2eF4o9wJM35cQ
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:57 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BEME0R776S4JJX1P0TH0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iHIAjvuCR2eF4o9wJM35cQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8021
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2UxZTYxMTBmMTUxZWRlNTU5Y2Y1NTk4MTM4N2YyOGEwZTY1NjAxOA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2UxZTYxMTBmMTUxZWRlNTU5Y2Y1NTk4MTM4N2YyOGEwZTY1NjAxOA
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2UxZTYxMTBmMTUxZWRlNTU5Y2Y1NTk4MTM4N2YyOGEwZTY1NjAxOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8021
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOET7KfkqHlDEmRnGlcsMJo&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOET7KfkqHlDEmRnGlcsMJo&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 28 Mar 2022 02:35:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOET7KfkqHlDEmRnGlcsMJo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8021
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/e_DdN35-881KBYndfdqZG8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5375328081360774686
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5375328081360774686
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

date
Mon, 28 Mar 2022 02:35:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5375328081360774686
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
v1
ads.yahoo.com/cms/ Frame 8021
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1A3LYPR-14-1LCD&sigv=1&esig=2~d2b62936421cae98e6dd931c901788b91017d43b
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1A3LYPR-14-1LCD&sigv=1&esig=2~d2b62936421cae98e6dd931c901788b91017d43b
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:57 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1A3LYPR-14-1LCD&sigv=1&esig=2~d2b62936421cae98e6dd931c901788b91017d43b
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 8021 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 8021
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OvehF35TRySq1xD15Ofopg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OvehF35TRySq1xD15Ofopg
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OvehF35TRySq1xD15Ofopg
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:57 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VXASPXEHHQVW0SF9WJCS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OvehF35TRySq1xD15Ofopg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 8021
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1A3LYPR-14-1LCD
0
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1A3LYPR-14-1LCD
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:57 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 37A1B249D0C54735842B7C1EBE15A90C Ref B: LON04EDGE1017 Ref C: 2022-03-28T02:35:57Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXbPiwUgEC7rNk+Q3ro4g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1A3LYPR-14-1LCD
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
xNnUTLgYiAxKSTamsLWa1sbyR5KqKGJ698biElSd.png
znaj.ua/crops/4bd4bc/150x100/2/0/2022/03/27/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://znaj.ua/crops/4bd4bc/150x100/2/0/2022/03/27/xNnUTLgYiAxKSTamsLWa1sbyR5KqKGJ698biElSd.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbfe1394b4173eee6032acb182788c9f6ea45f6e4f74d32691b66b26dd21b1d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=3221, status=webp_bigger
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3051
last-modified
Sun, 27 Mar 2022 16:13:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrAU3bTp6A0NH%2FB8x9%2B%2Fp5eFjSrAk0lSrlVqR6I%2Fo6HeHesJHYN1TeJtp6akOIR%2BgCUJZtrRVSEmcQsWjp3Kfi9ca7WYzlUW15UrBJ8ch7ZdIbr1e%2FvN6kZkqLhVim%2FVNl4ZBSU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6f2cf9b88bd10e02-MXP
cf-bgj
imgq:100,h2pri
async_usersync
ib.adnxs.com/ Frame B697 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:58 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b795fa38-7b67-4626-a137-146888a27fd3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EF13 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Mar 2022 02:35:58 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3d2d58c2-4ca4-4887-b1e7-3a1384769405
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rXYk8sHtsPNKtRIu4zer6a8mnQotXWuHmA7l9K6s.png
znaj.ua/crops/f5a75d/735x400/2/0/2022/03/27/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://znaj.ua/crops/f5a75d/735x400/2/0/2022/03/27/rXYk8sHtsPNKtRIu4zer6a8mnQotXWuHmA7l9K6s.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:12a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b0015918e716ef51c0b701f8e805982e448903a378ecb108c3b494157b0d0bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://znaj.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 02:35:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=92956, status=webp_bigger
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92932
last-modified
Sun, 27 Mar 2022 21:13:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GN1ir1MYdk3TGmD0TEv3uOeahisZdQFAGlGaAKkN5Q3PJ%2BsT8ugQnS%2BJ6XYlyFAl%2F7RQW2eSNje1SxjQ3MiocwmsfQkZEJrPHf0r1Y%2FY8zvX1YWEmDDh6IK4rA%2FInHwos1ar6kQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6f2cf9b9cd100e02-MXP
cf-bgj
imgq:100,h2pri

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 function| structuredClone object| oncontextlost object| oncontextrestored object| adsinserter string| baseDomain function| initAi function| ga function| BM_Draw number| f string| x object| bmScript object| bmN object| bmD object| bs object| bm object| bmS string| r string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| regeneratorRuntime object| aicb boolean| __aiLoaded object| _getstat object| BM_STAT object| head object| script object| notsyCmd function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding object| googletag function| adpartnerBranding function| notsy_pbChunk object| notsy_pb object| _pbjsGlobals function| notsyInit function| notsyInitUnit function| notsyDisableUnit function| notsyDisableRefreshOnUnit function| notsyReEnableRefreshOnUnit function| notsyRemoveAllAds function| notsyDisableRefresh object| Criteo object| banner1582_22249427655074204 object| google_llp number| google_lpabyc object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_121 object| Criteo_prebid_121

47 Cookies

Domain/Path Name / Value
znaj.ua/ Name: b
Value: b
.znaj.ua/ Name: _ga
Value: GA1.2.205890853.1648434953
.znaj.ua/ Name: _gid
Value: GA1.2.1167682339.1648434953
.znaj.ua/ Name: _gat
Value: 1
.znaj.ua/ Name: _gs_lp
Value: 2a0c975e
.znaj.ua/ Name: _gs_d
Value: 1
.znaj.ua/ Name: _gs_sd
Value: 1
.znaj.ua/ Name: _gs_s
Value:
.znaj.ua/ Name: _gs_ul
Value: 62411f09
.znaj.ua/ Name: _gs_ss
Value:
.znaj.ua/ Name: __gfp_64b
Value: Cj0sFXoDVHLw858KPBb6l0Vn18fqMaOFaQZcCCPaj9n.s7|1648434953
.s.getstat.net/ Name: _gs_si
Value: be7ee3819fb61dff
.s.getstat.net/ Name: _gs_ui
Value: f87f574e-2c0d-432c-93b8-e22fa4e80903
.hit.gemius.pl/ Name: Gtest
Value: KlGhaRXGQMQGjGVvUMulaisissGMXP8c25nSG4tRmqgtXBG.
znaj.ua/ Name: session_id
Value: 2c2cf7fb-ed1f-4238-a855-e389992d1f3e
znaj.ua/ Name: session_pageview
Value: 1648434953.1
znaj.ua/ Name: site_visited
Value: 1648521353.1
znaj.ua/ Name: lapuid
Value: 05fa5243-bd9b-439c-91c0-eb0c149c11a6
a4p.adpartner.pro/ Name: apuid
Value: 05fa5243-bd9b-439c-91c0-eb0c149c11a6
a4p.adpartner.pro/ Name: apudmg
Value: 1
.hit.gemius.pl/ Name: Gdyn
Value: KlQUPMXGQMQGjGVvUMulaisissGMXP8c25nSG4tRmqgtFRxSG7RrGS6GNgGBFlMQYH8W8jBGqSRxSG8.
.adnxs.com/ Name: uuid2
Value: 7719595218382500208
.rubiconproject.com/ Name: khaos
Value: L1A3LYPR-14-1LCD
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqpSiUX3O3/GFqbBgMWySGKoH1GQZR6kuhIdnkYNjvcP3allQwaBlyOBJvlmHBlywrMboWaW1ii7d5dJOqv/cml
.adnxs.com/ Name: icu
Value: ChgInql9EAoYAiACKAIwib6EkgY4AkACSAIQib6EkgYYAQ..
.znaj.ua/ Name: __gads
Value: ID=4885cd0439b6a646:T=1648434953:S=ALNI_Ma9DMk8MOtFdg_5Pu1Y3JhdSiWgGQ
.doubleclick.net/ Name: IDE
Value: AHWqTUmAGpviuv4_mB8gxqX71PgVbhe4lu88AEnVF1pOC3EvS8996RZLMsEmqvaxqVg
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%w>[J*m!@wnfH8K6pQK`!5=E<*L5?%KH7#Z^]g1TrPj(fU%`(G7K.BTSjA1oB=g=WyTP(hw9P-HC_#ttrl)q-iP
.casalemedia.com/ Name: CMPS
Value: 706
.casalemedia.com/ Name: CMST
Value: YkEfCmJBHwoA
.casalemedia.com/ Name: CMID
Value: YkEfCnGGfxFxcBxShgQTzQAA
.casalemedia.com/ Name: CMPRO
Value: 305
.casalemedia.com/ Name: CMRUM3
Value: 2d62411f0a2760CAESECbW3dYs-rajIaxWfuW2GyU
.criteo.com/ Name: uid
Value: c2b8ec6f-4bc6-4fe7-85de-fcb58eceaf4f
.znaj.ua/ Name: cto_bundle
Value: 91wODl9KdThuQjFIYVV3cWczaWlwdEg4SFRJVzEzZklvcDVwUzJZcjhrMU00eEp6S0JyRiUyRjI5NjIwbjV6a2h3S1g3Y0cwbnIwNDZBMTBiWVN6NndCRDJFa3ZlWW9uYnFFNlNoSnZ4QWlXMWZGMWV2MFlPYWp3aVgzSDRGTUduYWZQbm9oZ1ZlaGM3WWVFJTJCUkl5OE9mTkRWJTJGeWclM0QlM0Q
.lijit.com/ Name: ljt_reader
Value: 29c061e90978d3610aef1b23
.simpli.fi/ Name: suid
Value: 985CAC98AAD5417597FA8D9FB3B918C0
.de17a.com/ Name: guid2
Value: 1.1391610001569851530
.yahoo.com/ Name: A3
Value: d=AQABBAsfQWICECFbW8sITjoW7727_MqaLJAFEgEBAQFwQmJLYgAAAAAA_eMAAA&S=AQAAArHcQxKIVBtKSJjtdV3JMSo
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0E2F7D16-1EDA-4853-9104-81516BA81C12
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&e8a4a6c1-0d79-4fbc-8a8f-44268af6d8e7"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDg0MzQ5NTc7MjswMjH+PXoW2DBsB3J5yiBP+F8OGYSsmCWAOKbXACyYGIDgXw==
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2570:u=1:x=1:i=1648434957:t=1648521357:v=2:sig=AQHeEsxo5Yf-nxrZ2vwAJ0MHd4EOTFt5"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A7-QIxcOE076rSs1OvWNxtM

2 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-9456088057484970&fa=1&ifi=3&uci=a!3&btvi=1&xpc=C2I9UErrcE&p=https%3A//znaj.ua
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6850cbfc04562cff037a0de3a76869fd.safeframe.googlesyndication.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.mail.ru
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
aixcdn.com
ap.lijit.com
bidder.criteo.com
c.aixcdn.com
c.bigmir.net
cdn-b.notsy.io
cdn.getpush.net
cdn.jsdelivr.net
cm.g.doubleclick.net
d5p.de17a.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fw.adsafeprotected.com
gaua.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
ls.hit.gemius.pl
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
rtb.openx.net
s.amazon-adsystem.com
s.getstat.net
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.gstatic.com
znaj.ua
104.109.78.125
137.74.6.209
142.250.184.194
142.250.184.226
142.250.185.226
142.250.185.230
146.59.10.80
146.59.30.104
15.197.193.217
169.50.137.182
178.250.2.131
178.250.2.146
185.33.221.91
192.82.242.209
193.239.68.97
2.21.141.148
2.21.141.232
213.155.156.184
216.52.2.48
2600:9000:214f:7800:8:48e:53c0:93a1
2602:803:c003:200::41
2606:4700:20::681a:12a
2606:4700:3030::6815:2157
2606:4700:3031::ac43:b689
2606:4700::6810:5514
2620:1ec:21::14
2a00:1148:db00::17
2a00:1288:80:807::2
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c01::9b
2a02:2638:1::13
2a02:2638::3
2a05:d018:d29:3602:db48:771c:2f3c:bf0a
2a06:98c1:3121::7
35.227.252.103
35.244.174.68
37.157.6.252
52.18.137.235
52.18.8.201
52.46.154.242
52.55.129.5
52.95.126.160
69.173.144.139
69.173.144.165
84.17.46.53
02dfdc9d87840d63f06bdab66eea6ed62e50daf2b2598ee4d067ab7181a4bde3
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
0900449216944ebad0b25996d0b38311e3c96429d99ff9546ea2183bb059a01f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14fbdf1641b253f81747db687ff6b7677b3de328863297e30ca30df65bb3765e
15a3639406a4163000d7a61bc353f11497a718722ed8bd46fbd823856d9497cc
1871e883259fe798ec07482f1db9d5147fd197be1e4c73fc84c3fe6e67cc400c
1b0015918e716ef51c0b701f8e805982e448903a378ecb108c3b494157b0d0bd
1b7d0e001e72449df8469b767d4d13470ac5cde61f7ca4d732bc774935f82e63
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1eda6db10d657040745f6d7069897b5bc5efdf956dc6d8e8711b03707150a123
1eecd41c40d8afee4322b061f70b87983f0989707ea87e5b5433ed900e2a9ee3
1f71c6258ac822c06351541f1c244642b08ccb5bc4576547594102eaeb4e1f6b
221d040daa54ef48d957cf8d4eae5399993e881df2ef1a235f6358153fa6c6ef
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
25046e034e22c9453f30178930676837babc5e58e41f7b0dcfd42ebe715bb5d0
2582def473c384f21e7f488398e48a2b07e615b559f21c197f225d78a7755f91
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
291c150ffb73921f868e8d0c074d15ee12cae3ff5da2eb73d68c461e41e89ff6
2afddbb6f203170be5b102881420ecc3c35e1a920b239f0d8dc0e8120e2b4dd7
2cf2bebf4d8dc76e0b7c0bdd6d810f59b022c38df8045e55256604489b48d1e7
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
36d48b0e122a1698e9501ed19b684dbc79d0e754d3ce390183d9f21433fb82eb
3b904ed93d0c3ca9fef96a239c48a4310e2b93b67cadb9ebb94ded4c975f3f10
3bacf54b7d27b6739185e88efc6a53a890e2d6beec5fe35827ae10144e53cf71
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c47d0e9361abb627329fb9187d30d3647a38c2ef9908b7f2a49fc5219028937
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e6eb089aade1932a634c0b0e2aff1b3993ea1775de672aa8914f47e1a5ffba1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
435b448441c15c5d03764cd4185608a606caa2559259e77a44d787525751a438
4806e14702c5c9ec3055f1cd2479112298496f1bf19b5cf67d334890ba6fc206
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f331cd88313de869746b5b2e91b9f33ae4a61b4e30af60734954ed917881f1b
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5257f16b6697bb40fd58d397ec21ad73b5a50f4d77a653ea77bcc1a0b2fd6d83
535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b
5481a6df70d9dbaf53b9b031ca30febb0ad0e1526a44b9b838ff9ebbf3352fd8
5589c281aa3a91bebf35ccf9d1db3e7aaae68202ec268e4468ae54d9b5552045
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5663c11ae6a78a9c8071bfb997b639da3dc5ea75788f75a18d3bbcfe9b3fd0a2
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
59cb6298a34f7cd13f987577761aa4c2ca71e7e57658361e5d3258d75751b30c
5b7c7b781b497f6950a9c9e0f0eaf1b636ca6c9ae636b5431b1ced0d5b415508
5f66c88dcf01e9fd882de2e565ba809a7d08d63574ede58bdb30e66a97f68c67
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bab43657ec7fbed94b5daafe0ad02b7d563b586291a934dc0514a01ff5f08
62d2af756fc50649f280fca8af0462ab40ee0ace02652f82bcd9fa8f03d90ec0
6522e3f8fd1455a83f5d80e022397a204347e4b8c370a3f1472fdae753fdccb7
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
71b6358ed1219ce6717c506f32a610a1989b27cdf5fd7e3ceb450ed5515b4aec
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
7822ab0c944ab5defc5a0af4abd345fde1b54118332d943da596c3d3dbeb2dfe
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7dee786f6c3f9347e6dff72f06b5a278c9626e7f75159ef0bc7968f0b4d54027
7e0ccc5d11868c639ce27377485f78f37d8ea2e43a4b5f625be841164d30f94f
7e73bddc6ccc58b253484c40a84517c8a281035b1ab4969b1b1d9dea9be5e01c
7f4702ae268d93ed87a638d80273a5909c97b27ac6ed4b0f643cd0f175e61b6f
803f1c26a7a91cb8c7c37f264fd257cce73a4d17ea2e4c269098d1693355859e
808f2fa328183e007990a640e1788d4bfa4a0ef78dca0fc03530a27e71c390b9
81bf15c688b0881e6bd04844d18b7158b0a9019b9b4a8c3daa823612795ba6a4
82597497f670da7d07dcdece8fdb19f6f2438f256ed08c9689636b027ce1586e
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a
8735d7ac1e9683e5a1c8d19464b22636699d5b7f2e1fe8e7e6a6bbf2dee73ace
8b11528e371057f7bdb3146bd903c96e94abd802455b952443d44ebc4979ba74
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9076ae7ce928a7fd04c3cb4273eb1bdc33afc5024f60f2fd49ade0b0ae1a4e28
92818c3617b2bab9d18f4ea6873d3199da26c7b1c4001317db8ef9c42aa424be
938e3ab026b870fe21c2c8503a8f91b9953f781caa4ca8aea0c723e3a5d1bb91
9732bf5fa9714281a9a3c7019ee10d4ec8e6d58e3bae8473681944b76a399628
98a909909924e2b02d672c67ec18524601a0c82d4eae6fe727d8ec72d48076e0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad1bb44af5999c63ca2cb0cc07b90c55f3f4752a55578ff5fb7e2e953161e61
9c8e05cc745effc859bfc1c4af10ffdf1befc939c307a2e41d33f5bf4cd3fa98
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ffbf0901d91c2643b9aef55cc55cb461e8be565f7b47289a03c321cb1cc4441
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6aa6788b4daba51a19c73fb8fec9850dfc6d3d2b7cabf1fdb610352d9b5d27f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535
aa51ef3b957c95433b2ff2f67c97335cc1abdf50fce8b124e94b6bedd9134344
ae674ff379ee3d8123cacfa68b5ace5ec95086ad756839db9eb04b162ebf2d1d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f98d515efe5d353f127cb24072d4170b48fc64ff5f4a820d4cfa40c2ede954
b43e08124349f66f4aaf8caeda5999f8ad2f6a276ce20b9aa963228682a31b2f
b70842d1c59f123765a155d67887ed488808473a0dfdd119b4947593b542b948
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be73820642834b6bb64d9a5f252aa97581c362366dc129e650d8c6f19a428979
bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2290738e4716e51d1d042f2862471fc5cdbd4615d1242db5729b1e94339d9f5
c3dc715e436a9c36a877356b854698bc0c7057ccae67f6642c42fa2d201b42c6
c7e96a32d8c60bc7a06edaf36e406a5852ee525fc1721cd16696b14dc67a2cfe
c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8
c8e3eca57ab39a3daa2a809c15c2675cbd120f0bd64cb82f89180f9a50f16563
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
ca5cdde752a7e0dbd7652fe7cd000eed74a0f4aa74eaecede273a8d3f60be04a
cc99e68ac6a91cd40f81ad5efb3029ab8304cf7785ae5bec124ccf6e79dd10fb
cd52ed57270787fe65c966df26fd06db79b1fcf801062a36821455b9ede4c5c1
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d088b790291ca98dbaaa9d56c51b91559c5483135e1fd4770850c7772651c6c8
d13f878522940cf9d1cdabbee896f915a0c232ee234e7617c3ac0b9e21d9b9c1
d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf
d46ceb2bde60881fb19d81ed006513a18f1fa2428fe60af86e50e308a13f298f
d839291084da26645134b3a5f7cee8f0a98b23834bdbc5ce092c7d56ab6c283c
d92550b6bb33bc866512528d75c0778b9987883ce9a5e36a13d5ee877c0e5e29
d9a7c20e3a46dabc570cf81810ec4751e0ebc5fa019750b900ffc647b34e0270
db7b7dc029aadf4c26e5ad370b70c77c812936e206519fb854123588c074da9e
e160913701fbdfdb45d40338fba9caf2909b19a1470e590cc45d8ee38df558c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d74753fdff879dcb63a6d1f28c5117f10f2e281f254246bebf4a210000ec6f
e4be2d131abd7538907fbef32dd76c2975da57c5ed8c0c1e1f5875caea8376c6
e5c98eb17d95d4302d441ce6f7fe6d15c09d5b1a809f63c6cf8d7d2390443fd2
eb77c64d0ebab7ec9249008fe40450c3045415eb5f17cc4ebba47c1312024ad3
eb87285e8fd117ec945c89b3b1d84925ba882fc26fa69b1ad092958d74b34e90
ebea0d6b95d6d63f40485208fed87f78451407727920f0c30330f08f14aa468d
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed0fecc2ccd478581e9a53b5f21f7a9fd603039f9024c9a028efe529e79ddda0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
f6a40139ce29d7389613cc37df2a555300b8ea93045b90897f570d1e6910f3b4
fab043c184fb6f71c8e7a99974837b28f34cc0b8c2e4ad64c906772eec556f63
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319
fbfe1394b4173eee6032acb182788c9f6ea45f6e4f74d32691b66b26dd21b1d8
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89