zn.ua Open in urlscan Pro
2606:4700:3030::ac43:9a5a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Submission: On October 13 via manual (October 13th 2023, 4:57:33 pm UTC) from UA — Scanned from DE

Summary HTTP 206 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 44 IPs in 8 countries across 33 domains to perform 206 HTTP transactions. The main IP is 2606:4700:3030::ac43:9a5a, located in United States and belongs to CLOUDFLARENET, US. The main domain is zn.ua. The Cisco Umbrella rank of the primary domain is 855361.
TLS certificate: Issued by GTS CA 1P5 on September 3rd 2023. Valid for: 3 months.

This is the only time zn.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
61	2606:4700:303... 2606:4700:3030::ac43:9a5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:10d:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
5	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
7	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
8	3.15.36.78 3.15.36.78	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1 1	141.94.171.212 141.94.171.212	16276 (OVH) (OVH)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
1	146.59.110.145 146.59.110.145	16276 (OVH) (OVH)
2	2400:52e0:1e0... 2400:52e0:1e00::722:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	91.218.212.13 91.218.212.13	42352 (QOS) (QOS)
2	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
6 8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4 8	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1 8	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	18.170.8.157 18.170.8.157	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	18.185.8.23 18.185.8.23	16509 (AMAZON-02) (AMAZON-02)
1	18.65.39.98 18.65.39.98	16509 (AMAZON-02) (AMAZON-02)
1	18.239.50.115 18.239.50.115	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	13.43.175.127 13.43.175.127	16509 (AMAZON-02) (AMAZON-02)
206	44

61 2606:4700:3030::ac43:9a5a (United States)

ASN13335 (CLOUDFLARENET, US)

zn.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:10d:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.15.36.78 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-36-78.us-east-2.compute.amazonaws.com

kinesis.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.212 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.110.145 (France)

ASN16276 (OVH, FR)
PTR: ns3225527.ip-146-59-110.eu

server.smartytech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::722:1 (Germany)

ASN200325 (BUNNYCDN, SI)

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.218.212.13 (Ukraine)

ASN42352 (QOS, UA)
PTR: unallocated.qos.kiev.ua

membrana-cdn.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.27.193 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.20 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 88.99.165.19 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hal900028.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.170.8.157 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-8-157.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.8.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-8-23.eu-central-1.compute.amazonaws.com

t23.intelliad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-98.ams1.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-115.ams58.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.43.175.127 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-175-127.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	zn.ua zn.ua — Cisco Umbrella Rank: 855361	1 MB
40	googlesyndication.com ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	293 KB
22	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 187732	277 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	207 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 41903 hal900028.redintelligence.net — Cisco Umbrella Rank: 305585	55 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	5 KB
8	amazonaws.com kinesis.us-east-2.amazonaws.com — Cisco Umbrella Rank: 23177	2 KB
7	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 51650	300 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	5 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	163 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 118	2 KB
4	gstatic.com fonts.gstatic.com	61 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 498 fonts.googleapis.com — Cisco Umbrella Rank: 49	359 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 334 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657	67 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	299 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 33897 api.webgains.io — Cisco Umbrella Rank: 91885	18 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 51750 medialead.de — Cisco Umbrella Rank: 51384	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	56 KB
2	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 59424	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6147	515 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 109006	3 KB
1	intelliad.de t23.intelliad.de — Cisco Umbrella Rank: 145417	559 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 59583	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 270642	931 B
1	membrana-cdn.media membrana-cdn.media — Cisco Umbrella Rank: 61011	35 KB
1	smartytech.io server.smartytech.io — Cisco Umbrella Rank: 55936	243 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 402	149 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3315	419 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 11550	257 B
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 161685	598 B
1	facebook.com graph.facebook.com — Cisco Umbrella Rank: 114	616 B
206	33

	Domain	Requested by
61	zn.ua	zn.ua
20	pagead2.googlesyndication.com	imasdk.googleapis.com securepubads.g.doubleclick.net zn.ua ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com
17	tpc.googlesyndication.com	zn.ua securepubads.g.doubleclick.net ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	kinesis.us-east-2.amazonaws.com	cdn.membrana.media
7	cdn.membrana.media	zn.ua cdn.membrana.media
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	cdn.jsdelivr.net	cdn.membrana.media
5	securepubads.g.doubleclick.net	zn.ua securepubads.g.doubleclick.net
4	hal900028.redintelligence.net	1 redirects ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com hal900028.redintelligence.net
4	hal9000.redintelligence.net	ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com hal900028.redintelligence.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	zn.ua adv.office-partner.de www.googletagmanager.com
3	googleads.g.doubleclick.net	zn.ua ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	cdn.membrana.media c.amazon-adsystem.com
2	api.webgains.io	analytics.webgains.io
2	5994599.fls.doubleclick.net	1 redirects zn.ua
2	pv.medialead.de	hal900028.redintelligence.net ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	zn.ua
2	www.googletagservices.com	zn.ua ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net hal900028.redintelligence.net
2	s0.2mdn.net	imasdk.googleapis.com ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
2	imasdk.googleapis.com	cdn.membrana.media imasdk.googleapis.com
2	www.google.com	zn.ua tpc.googlesyndication.com
2	ym-tack.b-cdn.net	cdn.membrana.media
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.de	zn.ua
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	t23.intelliad.de	ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	track.webgains.com	zn.ua
1	adv.office-partner.de	hal900028.redintelligence.net
1	membrana-cdn.media	zn.ua
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	server.smartytech.io	cdn.membrana.media
1	match.adsrvr.org	zn.ua
1	pixel.onaudience.com	1 redirects
1	a4p.adpartner.pro	1 redirects
1	c.hit.ua	zn.ua
1	graph.facebook.com	zn.ua
206	47

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
t.me
www.youtube.com
hit.ua

Subject Issuer	Validity	Valid
*.zn.ua GTS CA 1P5	`2023-09-03` - `2023-12-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-23` - `2023-10-21`	3 months	crt.sh
hit.ua R3	`2023-09-04` - `2023-12-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.membrana.media R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
kinesis.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
smartytech.io R3	`2023-08-20` - `2023-11-18`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
membrana-cdn.media R3	`2023-08-14` - `2023-11-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
pv.medialead.de R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
adv.office-partner.de R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.intelliad.de Thawte TLS RSA CA G1	`2023-07-31` - `2024-08-30`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Frame ID: 93968B494E65734BC9B1D3964DC94A19
Requests: 111 HTTP requests in this frame

Frame: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F746D522ED4BCAAD8FE25A6D5A8E6ED7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Frame ID: 87B19670371B6C97477FA8C44B569E76
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E1E2319909B8F0A8ADE64C11E38B10C8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: E496750F149F42C99916199FEDC96074
Requests: 14 HTTP requests in this frame

Frame: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 74A6A9B12B5CD14303919E4992AD87E2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: 7C70745658A4A5D0DC4614407A4571DE
Requests: 11 HTTP requests in this frame

Frame: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5739FAE2ED7AA7B0046BE357E2A4CDFD
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNX5XJDXP79a2OIkIGWja-bYJnWPghI40bMGIBl10kO8kq6bKchis2F_JtKpxjLTg-yX-FId1iWc04vvS_KHhXjec0EYWRNnmkRntyX4Zl0L4ZOqrF6AifGYYfC_QlHAKKwCl_ecr7999z6Hr18ETSg30Rc0kzSR4iOqUk9Qq2vF6D6uxwU
Frame ID: 964783D7EDB99BFCF4064FC38C86D80D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B86F9553052074B09C81E85BB155EFE7
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXllwEQkt7nuQQYjrmi-QEwAQ&v=APEucNVzEril9YOvTgQ58SikZkYaC595co1htCgQU0UyCgHy3H1vLUZegSM1chUnW5281b20zre6QjAaBPRTekjLMQ22mOar-jMe1Jfq7q0jsWMAljn6FjkW3MyEhsHvjxy72Ge03_hgxcomKHGaybDVzlpviPFp8jqrv03M7xetO5GO0exdOTw
Frame ID: 7D841BF345D54ABED78F845749DBF383
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 13680DF628F5B4E9035276539BCF4545
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C745A50DDAC466F04EC002788222789B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C273C4DC45D411DFF0E74531E1032997
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9D44D2A870F6C3561BC9220B931CDFC4
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=29404900102827804444994012476028&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 7E1436379A44DCF351E2FE39E57D644E
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: ED939642770B1D3A433DAC183BDD8435
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIbXvJy_84EDFVQMogMdBrMFqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4071267935282.4497
Frame ID: 3D2BA9CC9FDC893B4DED290B5545782D
Requests: 2 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=29404900102827804444994012476028&a=e1453eea
Frame ID: 10AC7DAF029F8A9B7E8366AB982DC3DB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Обстріл Нікополя - поранено двох рятувальників - ZN.ua

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

206
Requests

94 %
HTTPS

52 %
IPv6

33
Domains

47
Subdomains

44
IPs

8
Countries

3415 kB
Transfer

8402 kB
Size

26
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ZN.UA.Official

Search URL Search Domain Scan URL

URL: https://twitter.com/zn_ua

Search URL Search Domain Scan URL

URL: https://www.instagram.com/zn.ua/

Search URL Search Domain Scan URL

URL: https://t.me/+Com2psZGMHA0MTMy

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCYOYoDmGQBDu7lPe2Qbh6pw

Search URL Search Domain Scan URL

URL: https://t.me/dsns_telegram/22263
Title: повідомляє

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZN.UA.Official/

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=26012

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D283%26mapped%3D%7Buser_id%7D%26gdpr%3D0 HTTP 302
https://pixel.onaudience.com/?partner=283&mapped=7e2be0c3-9ffb-4eb2-ab9c-e2859d816e80&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnJN-_5cf0SV-quKiHkQ4s&google_cver=1

Request Chain 162

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSl292FPZtXpIzuChGQU8QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIf_dtX_tU7BfBI_TsRLkM8&google_cver=1

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdja5kInxjNi7giKX67lnU&google_cver=1

Request Chain 164

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0Mzk2NTUwMzgzMTAxNDkyMg%3D%3D

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnJN-_5cf0SV-quKiHkQ4s&google_cver=1

Request Chain 166

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSl292FPZtXpIzuChGQU8QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIf_dtX_tU7BfBI_TsRLkM8&google_cver=1

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdja5kInxjNi7giKX67lnU&google_cver=1

Request Chain 168

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0Mzk2NTUwMzgzMTAxNDkyMg%3D%3D

Request Chain 180

https://hal900028.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a008a75b13&subid=&uid=1470d53721bc324d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChGXV9nYpZdOfFNCn9u8Pr9WWkAim5b2gab2TnKfJD_AuEAEgiJ77nQFgleKQgqAHyAEJqQIo5zLYNqWxPqgDAcgDmwSqBJYCT9C1mDR1nmid6l-Z-Bhdyr_xwX42Guj-x5vNBiLCmh5RlZJPN1e2kxDX2ScvcB1-AZtf_6XCRRPmBNTBiU5XfXT8QlZft-hVze3EUrMvU5G2qTA72z3PKPpjzix6jfAGKCT_D-uUxbLOBa8XBR_ldt8LqczyKPBdvWuvCv_nH6ZcboGhvvY7imT_EXltwqhoH6pgtnyoaTQs6Y9MYvE53PhIiZhB0h1CdacQGzjfqFhk10w5lXgRPJp6ucRGMzU02xbv_a9TfSz1DCOVUBZjqmIvGKXVnSAh2xzn1AUaovBB9nOr9txlJQsBbWbCCnU_UxWcNolf31Lr7IKIatJXlVbNuioJkwapI5Y5oVgKfekDi3sRvTLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAeINEwj92N2bv_OBAxXQk_0HHa-qBYKwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI0_Lgm7_zgQMV0JP9Bx2vqgWCEAEYASAAEgIKuvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB%26sig%3DAOD64_37iAtBY0ibLgLXFQ6tDC5ONh7DyA%26client%3Dca-pub-8369123401073978%26dbm_c%3DAKAmf-D_WOdN-DUPDkUMkPCZetrH4gBd69Ao2aNL0_wIyLOZUf6HobGaelJDLTRo3xcsU3NzDq4qIFhlYJR5tDMd3fwawGd0XFXhKY6AvnJNPTR4nYJtD1IC2swe18yZQjM_4wUm5AVhxqA2PlP5bmc1vbYFpIa70UKuZVYT1AH2F2VPeRRndus%26cry%3D1%26dbm_d%3DAKAmf-BGVSESh9Jx9eaBg0m11p5txcLSZ5wn00qNZ7qHT2i3HTvCh3lemXGVIf18XtP1s0PjmN5JJyx6pP6BN4m1XsVepIoPq1j2oPveuBKiASgh_TZ1gD5b7b6mc0ot1Z_EpIN_aZSlMXEcX4NDpht60nBu2_sNnexTrWzDmrMPaGNuFBXKfWuOIrISONnd7_Xa3dJ59CsGHqxX9XHOrSK9qYo3rFsVWwsQ2l1aPUCve6kIRVx7aKjCkNExijSQRHYp6sRAShKlGdOrOKGRzqZNHx9btubr_ffAYQeJuEwgZwFRamWlELtOr5RawN-WDtebCfYhKOEEihr6qeTW10hhxyrrRfW1pZPIsWJ29InxqZcxlmX3UrJwyOB_AuTV0T1ozWuDI2o_5sRyAAmyzFIqEQ1Hb29rfAOopIdi3aTYMXcbrYGPCUiGKtkoORiT8C2w8HcigU4kgu4SmtECCDEbuvz-XprlpWj-pm-fH0OTmA77Gf0gSUyMSBgXhqZV3SCfhz5Z5FPHjXBDMwUMbGExVSxcyx7C980vSM8Qy2EMW4Qu66a9L3Szsmm1vgDkq65x3VlLdiLGb-sl1AYErFZ5JOYD11NMy_E8Kt-FjP_zRWgSwGvgpE0IWRjHq9xKpkjL6SBOQ7oSYOUcJnTw9UggfQwS4C2oMg%26adurl%3D&documentReferer=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fzn.ua&random=5106349066658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900028.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a008a75b13&subid=&uid=1470d53721bc324d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChGXV9nYpZdOfFNCn9u8Pr9WWkAim5b2gab2TnKfJD_AuEAEgiJ77nQFgleKQgqAHyAEJqQIo5zLYNqWxPqgDAcgDmwSqBJYCT9C1mDR1nmid6l-Z-Bhdyr_xwX42Guj-x5vNBiLCmh5RlZJPN1e2kxDX2ScvcB1-AZtf_6XCRRPmBNTBiU5XfXT8QlZft-hVze3EUrMvU5G2qTA72z3PKPpjzix6jfAGKCT_D-uUxbLOBa8XBR_ldt8LqczyKPBdvWuvCv_nH6ZcboGhvvY7imT_EXltwqhoH6pgtnyoaTQs6Y9MYvE53PhIiZhB0h1CdacQGzjfqFhk10w5lXgRPJp6ucRGMzU02xbv_a9TfSz1DCOVUBZjqmIvGKXVnSAh2xzn1AUaovBB9nOr9txlJQsBbWbCCnU_UxWcNolf31Lr7IKIatJXlVbNuioJkwapI5Y5oVgKfekDi3sRvTLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAeINEwj92N2bv_OBAxXQk_0HHa-qBYKwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI0_Lgm7_zgQMV0JP9Bx2vqgWCEAEYASAAEgIKuvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB%26sig%3DAOD64_37iAtBY0ibLgLXFQ6tDC5ONh7DyA%26client%3Dca-pub-8369123401073978%26dbm_c%3DAKAmf-D_WOdN-DUPDkUMkPCZetrH4gBd69Ao2aNL0_wIyLOZUf6HobGaelJDLTRo3xcsU3NzDq4qIFhlYJR5tDMd3fwawGd0XFXhKY6AvnJNPTR4nYJtD1IC2swe18yZQjM_4wUm5AVhxqA2PlP5bmc1vbYFpIa70UKuZVYT1AH2F2VPeRRndus%26cry%3D1%26dbm_d%3DAKAmf-BGVSESh9Jx9eaBg0m11p5txcLSZ5wn00qNZ7qHT2i3HTvCh3lemXGVIf18XtP1s0PjmN5JJyx6pP6BN4m1XsVepIoPq1j2oPveuBKiASgh_TZ1gD5b7b6mc0ot1Z_EpIN_aZSlMXEcX4NDpht60nBu2_sNnexTrWzDmrMPaGNuFBXKfWuOIrISONnd7_Xa3dJ59CsGHqxX9XHOrSK9qYo3rFsVWwsQ2l1aPUCve6kIRVx7aKjCkNExijSQRHYp6sRAShKlGdOrOKGRzqZNHx9btubr_ffAYQeJuEwgZwFRamWlELtOr5RawN-WDtebCfYhKOEEihr6qeTW10hhxyrrRfW1pZPIsWJ29InxqZcxlmX3UrJwyOB_AuTV0T1ozWuDI2o_5sRyAAmyzFIqEQ1Hb29rfAOopIdi3aTYMXcbrYGPCUiGKtkoORiT8C2w8HcigU4kgu4SmtECCDEbuvz-XprlpWj-pm-fH0OTmA77Gf0gSUyMSBgXhqZV3SCfhz5Z5FPHjXBDMwUMbGExVSxcyx7C980vSM8Qy2EMW4Qu66a9L3Szsmm1vgDkq65x3VlLdiLGb-sl1AYErFZ5JOYD11NMy_E8Kt-FjP_zRWgSwGvgpE0IWRjHq9xKpkjL6SBOQ7oSYOUcJnTw9UggfQwS4C2oMg%26adurl%3D&documentReferer=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fzn.ua&random=5106349066658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 187

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4071267935282.4497 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIbXvJy_84EDFVQMogMdBrMFqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4071267935282.4497

Request Chain 189

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29404900102827804444994012476028&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29404900102827804444994012476028&t=htlp&gdpr=1&consent=1&gdpr_consent=

206 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/ 200 KB
32 KB 115ms
68ms Document
text/html 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc2cae944faffa143a7a53cf248eed4f78d30d852361c9d8c11f0a34e666e50

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81591f1e5f3465ac-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 13 Oct 2023 16:57:25 GMT
last-modified: Fri, 13 Oct 2023 16:56:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Togendx7sTNQOXy4mYjWOch%2Bb2nJ6Yv4G0dAt3Hf9cwd6m2tMUGOzd6emRb6%2F8JLzIgn4RBp%2Bn3V2Tm73bIBNQbMrjWb%2FaQ98166SOieIcmQp%2BS41jDRl%2F3Q1fIHtS0XKEKKZg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Lora-Medium.ttf
zn.ua/user/fonts/ 121 KB
122 KB 27ms
25ms Font
application/octet-stream 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/fonts/Lora-Medium.ttf
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35fccc04b246dd0a782a707b2437ee552e605d3e573d344d80e082f1aea5a4e6

Request headers

Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Origin: https://zn.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1436955
alt-svc: h3=":443"; ma=86400
content-length: 124348
last-modified: Fri, 11 Feb 2022 14:39:28 GMT
server: cloudflare
etag: "62067520-1e5bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nP%2FYUVQQJCYA%2FVDKWSPPiWGlXTHt4wf%2FFpH9hyB3ErTSlPj7Ukz9FHIQXDe87C8OFsMpO%2FA9I%2Bpd5IdK8js9kzz1CM8l4xCWN1S8i8%2FFRPjdGujf%2FnJHL%2Fw7AUsamvo1%2Bqzp3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1edfbe65ac-FRA
expires: Thu, 26 Sep 2024 01:48:10 GMT

GET
H2 200 Rubik-Regular.ttf
zn.ua/user/fonts/ 121 KB
122 KB 26ms
24ms Font
application/octet-stream 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/fonts/Rubik-Regular.ttf
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe0574900e2c4eb4b587e8a37ce88d1918326debb4c70e73a48aac40dacb1b2

Request headers

Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Origin: https://zn.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1440069
alt-svc: h3=":443"; ma=86400
content-length: 124236
last-modified: Fri, 11 Feb 2022 14:39:27 GMT
server: cloudflare
etag: "6206751f-1e54c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1A%2FRum12%2BofjVJ7Z9O9CdW5MOHoAjC3I3Iu9sdyznnu32GzpBw2lnjQhyZQ%2FogIB6p3TJmGG2qwNW26QB8xkA%2Bkplm0kMHYPM%2B4e7ECOfROS6mrN%2BDfz2TLe5Anf4ExDrQyB0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1edfc665ac-FRA
expires: Thu, 26 Sep 2024 00:56:16 GMT

GET
H2 200 Lora-Regular.ttf
zn.ua/user/fonts/ 121 KB
122 KB 27ms
25ms Font
application/octet-stream 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/fonts/Lora-Regular.ttf
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 359501180b779548ad4e1ca74f38b08474350c38bed64ad69b278837d179e792

Request headers

Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Origin: https://zn.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 374693
alt-svc: h3=":443"; ma=86400
content-length: 124204
last-modified: Fri, 11 Feb 2022 14:39:28 GMT
server: cloudflare
etag: "62067520-1e52c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gr01GBOXEGHDTNMRei6fq5cEd91x9vlVbKmBocwvirQIcssHIsInpw5ieQwZI6jtkbRo%2Fz0RctCnZJrm56yEm81Nb9XwKgb8Ii97fHl0YD%2BIM7Co75450G4dajkx4G07brsjwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1edfc865ac-FRA
expires: Tue, 08 Oct 2024 08:52:32 GMT

GET
H2 200 Rubik-Medium.ttf
zn.ua/user/fonts/ 121 KB
122 KB 25ms
24ms Font
application/octet-stream 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/fonts/Rubik-Medium.ttf
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93f68199484a5982f48fbf5441697eb4abb5d55745e3c29ba2f5de66a6999272

Request headers

Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Origin: https://zn.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 604486
alt-svc: h3=":443"; ma=86400
content-length: 124176
last-modified: Fri, 11 Feb 2022 14:39:27 GMT
server: cloudflare
etag: "6206751f-1e510"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYOyxSeUmu63ksjrXTj4HzJbVAiMxIp%2F2tSBcoJ3P4MDgpThQA%2FYiQjlybCDx%2BmFjX16ECGVslRNqF2BB4JObM50C6lW%2F6QDVBDoTvthw9BsmDdsp2mmYeZwpZ%2Be3Pj1K%2F9lyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1edfc965ac-FRA
expires: Sat, 05 Oct 2024 17:02:39 GMT

GET
H2 200 Rubik-Bold.ttf
zn.ua/user/fonts/ 121 KB
122 KB 26ms
24ms Font
application/octet-stream 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/fonts/Rubik-Bold.ttf
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad490a42a1de3eaaac94e0a224168185942698fe780dc35af842fcfcc797fbd9

Request headers

Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Origin: https://zn.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8256409
alt-svc: h3=":443"; ma=86400
content-length: 124096
last-modified: Fri, 11 Feb 2022 14:39:27 GMT
server: cloudflare
etag: "6206751f-1e4c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNnu1w4UVk%2BP3pP9mmS9ppEYBqh8S8F1nalSrE929gPdVVltnaPjjELbN6%2B4LSnYh6deX8ACwpv62IH3mxXP0ZU5rLIqMW20HwvkZiUqJ5X0WRLXA7uLNFZuSYSa44UANkDhEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1edfcb65ac-FRA
expires: Tue, 09 Jul 2024 03:30:36 GMT

GET
H2 200 main.min-v34.css
zn.ua/user/css/ 293 KB
41 KB 19ms
17ms Stylesheet
text/css 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/css/main.min-v34.css
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f905bfe55a0dc3b952c907ccf022460d41b1cc87e77ffc413af4d11c67a524e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291910
alt-svc: h3=":443"; ma=86400
content-length: 41740
last-modified: Tue, 10 Oct 2023 07:51:29 GMT
server: cloudflare
etag: "65250281-a30c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5SSu0g2lSIz%2Bx6sVMMNOc9UJtpL2xJ%2BW6M6vJVHjvP1zr6qV3Gg78SncwPVd0qdC8EhjI2ho1RNtSbDKZUmBg25bXZMZhCOGwromDKJyQcKk8ZhMRsSNvpm6NFMGqzfdzKowQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1edfc265ac-FRA
expires: Wed, 09 Oct 2024 07:52:15 GMT

GET
H2 200 new_design_fix.min-v86.css
zn.ua/user/css/ 64 KB
13 KB 23ms
21ms Stylesheet
text/css 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/css/new_design_fix.min-v86.css
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c1a6ae87efaec3767bf434cf5154411e97cd64fb9969667eb8575b400fc6cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 288348
alt-svc: h3=":443"; ma=86400
content-length: 13052
last-modified: Tue, 10 Oct 2023 08:49:25 GMT
server: cloudflare
etag: "65251015-32fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqOEEX0ra0BV1QUU2Ypx3KXRYTDrrovRNLJI3S7QU5cTfCGEl%2F7HoERrsdlxVEZXMcbzu0PGetP9KEFBt9adOhQPX17ZLIQLjdi%2FZveNsEYNTQ%2BLlVrTBfpaFWW%2Fds1pgbv%2FuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1edfc465ac-FRA
expires: Wed, 09 Oct 2024 08:51:37 GMT

GET
H2 200 eng-v4.css
zn.ua/user/css/ 70 B
402 B 31ms
30ms Stylesheet
text/css 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/css/eng-v4.css
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d7baf36b8f7d741531d2e8755086e6d5930a7b72e35bf0d617477eb8a84ff40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jan 2023 16:59:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440069
etag: W/"63d15ffc-46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X%2FnQkSOPOQ%2B9qOvpDY2%2FrTNhPlnopd1jjE2Qspidg5WAK6Jk3lVPVWbj0qlKBQ34bF2Fy0LsG8omtyhEj8hKNomsrm3DEyYzT0NhS4IcuMsIQ1Q7LtnsHLyN1ws3MuDixvDdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 81591f1edfc565ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 26 Sep 2024 00:56:16 GMT

GET
H3 200 58_tn-v1697215647.jpg
zn.ua/img/article/5657/ 23 KB
23 KB 63ms
59ms Image
image/jpeg 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/img/article/5657/58_tn-v1697215647.jpg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f07e78f48b93bcea6daf1e52d20273d383c14504c10be6c7df04de0fb95e335

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 16:47:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6529749f-5bcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuxecRoQEOXpDJSs1DOrntR7edBHEwnCPU%2BRvhEJFYZsZsmaADgj8YC%2BrBoQ8inhAbVKtE%2BCELjHhA3mcX8Hnsf7tchWD80rkJPR%2BoR7Bi6i9B7p16XlLh6CMSar66no8mZXbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1f3c2d9073-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23501
expires: Sat, 12 Oct 2024 16:57:25 GMT

GET
H3 200 58_main-v1697215647.jpg
zn.ua/img/article/5657/ 76 KB
76 KB 27ms
23ms Image
image/jpeg 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/img/article/5657/58_main-v1697215647.jpg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 650115e8722b6ddaf49f747300950a591a7090bfbf6eae8d570d33ddabee8691

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 137
alt-svc: h3=":443"; ma=86400
content-length: 77494
last-modified: Fri, 13 Oct 2023 16:47:27 GMT
server: cloudflare
etag: "6529749f-12eb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FRVaLRiJLcFbMFajr17nF6XM2s7vhU1nxTBCKLGz37kLpXCMS2FnM3X3hhPJDeRDcnvIx92sFnjQVXZAMIlhnIA8ZHwIoxfuV%2FvkyXfdPy%2FhzDaXLq7ymeTfU%2FkMZhnBocoBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1f3c2f9073-FRA
expires: Sat, 12 Oct 2024 16:55:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 132ms
46ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5BRSB4FRED

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4868c1110a6c693c651533ed086a32e2d281e85394ae6a14b4028c228f3b640f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82172
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 13 Oct 2023 16:57:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
67 KB 181ms
95ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3006560-33

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e45b63d80a1565e05da3a20e1be385a4b0a7481d199e71516df84a650da57fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68263
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 13 Oct 2023 16:57:25 GMT

GET
H3 200 ZN-logo.svg
zn.ua/user/img/new/ 8 KB
3 KB 45ms
41ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/ZN-logo.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2a715a2f5f4fcb3223a7b4da2c9a4a2d84d3fb2891157e96a3c2c85d95e4e37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 11:07:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917622
etag: W/"62064365-1e8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXiGTRrKQ0c2PKJv2rrNk36UtiyXXZ9vAkFLbzE33aYzCEdl%2BLMPcqyBL5MAckRpyYbl4Rnkh8rm%2By8TrGRBtoHqHJ5DvayQ05aE7%2BYqeqd%2B7PviIihppmUZKsN0kSNKwKnieg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c319073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:17:03 GMT

GET
H3 200 s_point_new.svg
zn.ua/user/img/new/ 2 KB
1 KB 46ms
41ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/s_point_new.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccdaf3e8dd7f87bb9065c03282a0c14f48421298cf77e5b9fb4cac5a0264611a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 11:07:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"62064362-642"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lQQ89H7KM57%2BrlBQC7h99Wukw6rG5nSknL4pdE84wdDQZdzNAjl0Ei%2FYurYW9owxYkzl%2FB2ZJ8KmO5PYsQd7PZUAVzd3S5aJQKFjC3YxE2Uawv5AJMPUqJPoTnaf%2Bn8CHY5wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c329073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H2 200 aut.png
zn.ua/user/img/new/ 3 KB
3 KB 19ms
18ms Image
image/png 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/aut.png
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3da86e752774700df94e0efd81efc64c5fde8fee95ecea9fd9611013d7e999a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8256030
alt-svc: h3=":443"; ma=86400
content-length: 3075
last-modified: Fri, 11 Feb 2022 11:07:17 GMT
server: cloudflare
etag: "62064365-c03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn8J4wjuE1Wbprd6oX49X5tLrCTt9iHPlogfg5CwzD3ZJVpWJSoEqsFt7kLLIKAeKxjnjB34QSR3qJTPJEf%2BDJtBEv6CIHYUSsf28Bk9pQg8VQ5m1MBD00qtz3bGdm%2BbT4ACgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1edfcc65ac-FRA
expires: Tue, 09 Jul 2024 03:36:55 GMT

GET
H3 200 support.svg
zn.ua/user/img/new/ 3 KB
2 KB 46ms
41ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/support.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f928733b66be2f5fc09279cbb04005f453b4f24088c55440f690497ce013e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 11:07:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"62064362-b04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsW3GsALUQrCuziTwm43s6uGF6317u%2FiudPmtp6C%2BsR%2BUW0bkHBa9ldZnGI4aB9QVP1sD6w5Z%2Bh2Km5h3igPMFjuHlzELbeXEh%2FuIISSRMGDdSRkqTLpsDctC%2F9r9TLyxggakw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c339073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 button-mobile.svg
zn.ua/user/img/new/ 481 B
717 B 24ms
20ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/button-mobile.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d6474aca23751d36527610637bceff92ee4620f709e05dcf725a69e79a73b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 11:07:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"62064365-1e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDQsQ6rswED2hIGWdzwlszPOWw%2BcORlmbffsXDfOQsVihJ6HFUR6dvONzAPksFyfuWz1VVuz8nAPDjY8s3Ih1Wf9mjflit66wLW7ipjeMDLUW4lx3sCURs6nA30EbclpyLwGZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c369073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 mobile-menu-open-dt.svg
zn.ua/user/img/ 477 B
724 B 46ms
42ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/mobile-menu-open-dt.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8282cb2491c39ecc88efd40ffbbb85969e72c25aa7c756eb97da100822f2fae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 13:50:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917614
etag: W/"642d7cb6-1dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kg%2F0sTrykrAZDYgYVYdSTO3mRp3LcVqEfa1Yc84eQ0IerlgrELhihlQmtRrmCo43X1%2F8RRePXxVAk5Ryvo0IS%2B6QrfgDj%2FOji2LA2O%2BDll6AFO%2FyGzaQwVTbFBhREXWttojjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c379073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:17:11 GMT

GET
H2 200 button-mobile-open.svg
zn.ua/user/img/new/ 196 B
493 B 26ms
25ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/button-mobile-open.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e05315c2f149bd0acccd46fb982164a41547fb10c582eb66365bf1d04f28f950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 11:07:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1440069
etag: W/"62064365-c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSqCiaBVjfRpoE%2BHgWobqfpcp0uqoiXYZJaphefYaJptJl0c%2FlNCPvQ6AgzEwEL9l1r%2BVbhuZruneDWJFUClBwQo6h9f%2FvDra1ADVKSp2hql2yVkgBPIvU2uHqC%2BjPL05LykeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1edfcd65ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 26 Sep 2024 00:56:16 GMT

GET
H3 200 search_nm.svg
zn.ua/user/img/soc_mob_new/ 2 KB
2 KB 17ms
16ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/soc_mob_new/search_nm.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1e748ab144e6dbf5af27093685acc54125d05e5eb16d5c2a2417f080427b42d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 14:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"63c808d1-94b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9skKRJBzwD2ZIWiEzMZPn155klNijLydxOcayeF8LV5ssa9RAYR3eR8%2Fkc9jlEmJnoil8JuFjJVUXsx%2FkR7kMhDp1ibtwPFr92i%2FHdhMO4bAOIibkiLtUmV1kiLaBR8jHSF7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1efbc59073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 fb_soc_mob.svg
zn.ua/user/img/soc_mob_new/ 1 KB
1 KB 18ms
18ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/soc_mob_new/fb_soc_mob.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 705a66f3d9ba6d0c0ae1184fbe67ed1b3c66cbc5db742c3a8ee72916f00ff9bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 14:38:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"63c6b2ca-495"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEutndZax3L8fDE77MlNmG4%2B0KC%2Bp4%2F2tyhpSAIgE3WN3A%2FnkYWwaf7CYM9kRxGelIhQVOZyVDSRsK58gjiQMH1mCiCHB4qLgoe9rdOVeYppl0M0XBQRfXPu9R%2F%2BQkLmD8hQ6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f1bf19073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 tw_soc_mob.svg
zn.ua/user/img/soc_mob_new/ 2 KB
2 KB 20ms
19ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/soc_mob_new/tw_soc_mob.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 452a44e815d8098d377f4d8102ad9b2f47d629c943c8f4853ea0c0235ea8c09b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 14:37:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"63c6b2b7-7e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0OulInigZjFSTzQt8kYbLnHR4w1KXfT%2BmR%2BwnKXjDBpG8Qu1D4jP0Wux7yoh2WXsLWe62qqO%2Fe0K9zbZSsJuWDpSHn%2FNbk1Ah8GKhRUBBjXfDcPNjZtPlFZy41tcsS2Ud2Fnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f1bf89073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 in_soc_mob.svg
zn.ua/user/img/soc_mob_new/ 8 KB
6 KB 23ms
18ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/soc_mob_new/in_soc_mob.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 517bc6086408f4de8eb448f58574b9faa771c95de9b1dbb1e9c144da5153a6b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 14:37:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917622
etag: W/"63c6b2a0-1ee9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZbtBRTETYX7bpFwKrZJMEdahJzB2an73PcyDLKRNcKm6dAflAFQ2D1TdUJV4rK%2B7lVH%2Fs6aMF9k5s3Kon2%2FpaD5qBw7iUnATWCYKAynjBlRpVBimqXzLFrXZxiDtDe8ZTRxVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c399073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:17:03 GMT

GET
H3 200 tg_soc_mob.svg
zn.ua/user/img/soc_mob_new/ 2 KB
2 KB 46ms
42ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/soc_mob_new/tg_soc_mob.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68734e554a4bed47e46730f9ebc2009bde03bb2ba61154eeb008c211c2f15844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Feb 2023 08:41:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"63fdbe27-7ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMXNAhnzzIaDsLdljKNTd6IsE9GkXZaVUvBbMvegYDwP5iDc428nU%2BYjIBoRIf4QTub1WO3BlDJfKewAnZktTtstnvkNw95LuedrhNli0lhBcbjNn%2BWfh241m6Ll7d5bh24ZAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c3a9073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 nm_tw.svg
zn.ua/user/img/soc_pc_new/ 2 KB
2 KB 46ms
42ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/soc_pc_new/nm_tw.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7201b9e5f807d20627f60122c4584d79952560148274251260b7d8da8f4bd1dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 15:27:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"63c56ced-7c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azv5gfJarvrzcLIZdRd7VZz2gICmKQzEnshqweIeIj9jeUtA7l5thSJuMfRh3JkC%2F1VrZht2cfZ06b5p3ASbuUW671HwyOupEL08tZb0OddCJcdw32KKvz0DIJnpLSG6UFReoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c3b9073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 nm_fb.svg
zn.ua/user/img/soc_pc_new/ 729 B
1 KB 47ms
42ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/soc_pc_new/nm_fb.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbd48b7efffe5e680ae99792ad796411ce389f2a2854e5372e95f3b8acd0deec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 15:27:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 891166
etag: W/"63c56cdb-2d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huem3pZebJge4TGHhUq3kPoj5QvfS3hrpY%2BwjT%2BwAkjbxVmFHKOUafemf5oifRGr3YDDaA%2BKQqEgxAZfNAShSX12pqvTXyFpirrNcohN%2F12NMMYbrtHW99KNm5oGC0zdboc3tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c3c9073-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 02 Oct 2024 09:24:39 GMT

GET
H3 200 nm_in.svg
zn.ua/user/img/soc_pc_new/ 3 KB
2 KB 47ms
43ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/soc_pc_new/nm_in.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a514431cbec190325ad3d75ecc857dca3dfb9407090b3aabd0c6a64b5a162cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 15:27:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"63c56cc8-a91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpW9UasXDw4X1SUVjDmt4jDDuKBdgnrwPHzmp3kVYPF0Pc3VVTMe%2FPKIoeJA1P8hiFSXx01jzhVioMASbaHBe8Yjg6V6QUkMHdRUm3YyCtxyJLxEjr2Onw3%2FKCFYoqeuFzNTlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c3e9073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 nm_tg.svg
zn.ua/user/img/soc_pc_new/ 2 KB
2 KB 47ms
43ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/soc_pc_new/nm_tg.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68734e554a4bed47e46730f9ebc2009bde03bb2ba61154eeb008c211c2f15844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Feb 2023 08:41:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"63fdbe27-7ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLM0B8FuDax9qx5RPKVlzb%2BJdQAPOzaQnwOqo3meOXQMNblI7ttlYtQZC3dvAoMAUVriTHB4dMxgS6MtaQSGtsKOhZzB7jVALi5M411vRRhHUZ7r9WO%2BuzXuUhW6N9rp7XVt8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c3f9073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 nm_yt.svg
zn.ua/user/img/soc_pc_new/ 1 KB
1 KB 24ms
20ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/soc_pc_new/nm_yt.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43f4198deae083fb29aded1389e37b1e0014cd40033821676de2004f4dbce569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 15:26:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"63c56cb6-51d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hw0yOt44EuJOCQILA5xAzjiKDsEy6csjOaSfxha3EgNNZW0FnZC69oJuFj9Jm5GJHhTeGHNJOlqaK40AXvl4t0n1JucOcqKLGocbteo%2FKzKxj6UapLHP%2F7Pc9jgpY1%2FzLSSj4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c419073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 nm_rss.svg
zn.ua/user/img/soc_pc_new/ 1 KB
2 KB 23ms
19ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/soc_pc_new/nm_rss.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d1e28fbcfac83728f11b9deadcf4a7ee296bb7276d35ef66e90625d2d33c07f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 15:26:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917614
etag: W/"63c56ca0-5f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5K7c0rfVhUMU7lUcR%2FmHYN6IPpvXXdsKRqvZC%2B9mwlVno%2Bg4ImIYJmi410ngOUO6Sq9881UcCwjpTPabHfTEb0ePzVPxT1iIwO7XZlkXMJX2UMsMClr3qCUfGBmXrQsRFljLog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c459073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:17:11 GMT

GET
H3 200 close-s_point_new.svg
zn.ua/user/img/new/ 662 B
828 B 47ms
43ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/close-s_point_new.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 893e48a98f99e087947c04b2147ea76bbcd3987d3a6ad85c09f8159233ddce48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 11:07:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"62064365-296"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHX6v%2Fa3i0HMBChgx5hOCsnIJ91kKIY3xzXM%2BYyYBs8D0JohrsshZ%2Fyx2CtD36D%2Fga4I%2BwvzAR1spXiiU82YOMqEDDzW3HOtJwZmvpwE%2FnwO0l9S01n6EKEfeg7CzE%2F%2BdyaSkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c469073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 19_tn.jpg
zn.ua/img/article/5559/ 14 KB
15 KB 93ms
89ms Image
image/jpeg 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/img/article/5559/19_tn.jpg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6736aa8bcc1dd09e5cd679651d7fe92ab6421004cf6d1bc2decc922f6aba2a72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Aug 2023 06:10:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64cb44dd-3834"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j66NlaeXzRohG4fSNhBZso4ls4F1vVFikd7eRLUoO5ZiHAO1NsuILLGhGAV9Xv7VkOIhU6Hl8%2FN9bzotYk8XmOkjuzKSzhRwOqLD3pCQC2lDXFgkXyMyWf%2BIGBPPodfiYj2BCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1f3c479073-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14388
expires: Sat, 12 Oct 2024 16:57:25 GMT

GET
H3 200 icon-a-facebook.svg
zn.ua/user/img/new/ 312 B
755 B 47ms
43ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/icon-a-facebook.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 426a54009853d3963f25cef9772bd5ea506050acdf5d5cf35345ac8a426403f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 18 Nov 2021 08:34:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917622
etag: W/"61960ff8-138"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rD96i4EWibB0MuBFK1e7BKi6factdRq3StfevLGRBh53VBQ4q%2BRNPXjGu6xfry5DjqlprQMg%2FKZR%2FFsXczGGd8W8AiK4U%2FoUij%2Bls%2BhIgozb%2FuxstwTI5VObhTWpdEundoi1uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c499073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:17:03 GMT

GET
H3 200 icon-a-twitter.svg
zn.ua/user/img/new/ 877 B
1012 B 47ms
43ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/icon-a-twitter.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94ecc29da944ec5d2eee063f5c607212fbbd0d7f8a084d54f1c8ffe41a2b680c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 18 Nov 2021 08:34:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"61960ff8-36d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhefLClDlM%2BCB9nH8iN7XWcr7vhfFFksVdH1BVuefa8kRdZj7EZAv9ikAywqCKWCwfJW0%2FFlPEH5y3r5ufySNEW4WJcWMHrZyNDf8bNrsVTfDE2soZEPUNNAlo52UapU0CJ0lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c4a9073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 icon-a-instagram.svg
zn.ua/user/img/new/ 2 KB
1 KB 48ms
43ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/icon-a-instagram.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d95625f8e5d497ab3b1a8a713c3236dbbea75e5c069a4511ebe4349a3856cd4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 08:17:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"619b51fc-715"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFld19f51qb%2BCD2jV0tEolAoTz3LC5gzDekUbCF5U55a%2BO5j2LmzhNJVro9wcXg9RKp4X1t%2Ffvq2Gj5HBbwD8x5Kdmx6QZKHNHUMBUKCZ2pO5K3VjpaPW94Ga29FcreUcj7Hbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c4c9073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 icon-a-telegram.svg
zn.ua/user/img/new/ 535 B
848 B 48ms
44ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/icon-a-telegram.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dea4be4a6a09c4babb6d7015423cbc8f1ddeaeda04cd8d15f01fe67e24058ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 18 Nov 2021 08:34:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"61960ff8-217"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHzLdzL8z%2BLmJPV0zKQ72xI0peDocQdTh%2BTXlrgTGxzZyumUwh8bbqX%2Bf0NzlvWXdyFd3UvKN2p9dTONGmd7L%2FoO6cmbPShpSrK90d1pAO%2Bx8ZgpQhKbMa%2BYNX6ZuUT2nT3i6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c4d9073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 free-icon-facebook.png
zn.ua/user/img/new/ 935 B
1 KB 48ms
44ms Image
image/png 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/free-icon-facebook.png
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e55869541d8d62428b5dbe5b9fb103a5f6d4279d92d501ffefc6933f09327c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10917329
alt-svc: h3=":443"; ma=86400
content-length: 935
last-modified: Fri, 11 Feb 2022 11:07:17 GMT
server: cloudflare
etag: "62064365-3a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX9zz%2BRDwujitdKTl6Wp8H4%2FoHP%2FsI99NuTeqtzZNaCIEyEKYgNSQlztepszSWuUOSX9%2BHVQe%2B%2BQ5%2FfERgOPwNtPIBdXWDckuEXl%2Fm4yjmwuqCZeFGOV%2B1nhG%2Fl0fasHUVCfsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1f3c4e9073-FRA
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 free-icon-twitter.png
zn.ua/user/img/new/ 2 KB
2 KB 49ms
44ms Image
image/png 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/free-icon-twitter.png
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4eb65dbdc19aec43a5798199e6c06d6648936e251b3965fad7137f6dc8d134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10917614
alt-svc: h3=":443"; ma=86400
content-length: 1898
last-modified: Fri, 11 Feb 2022 11:07:17 GMT
server: cloudflare
etag: "62064365-76a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMuOlMX%2BHOm6CAg3Vp%2Fb3oKttV0hLgZkfpuJGHQ1QXIp%2F3AWlxJLbzVzQzN%2F5pYeIBJzaJx6v2DQnLO13MsTGdNiA4oaotdDQwdqlpqEqXI1cu5XjdvqiYtv00Q%2BTCK3lm6bKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1f3c4f9073-FRA
expires: Sat, 08 Jun 2024 08:17:11 GMT

GET
H3 200 google_ico.svg
zn.ua/user/img/new/ 688 B
890 B 53ms
48ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/google_ico.svg
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 20 May 2022 08:20:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"62874f45-2b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oI9Kp007nHPM8PLMH7%2BpjSjfiNhEgAn6p%2FcZKpG56SZnrS5VFcyTGJkPgypREzChSwDbGVh8avzcL3kBWL9Cmh0Hq2sN0eymyIBCUDTQv0Nu8zWnKFx48wQ2%2BZYtAvcn318p8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f3c519073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 78.png
zn.ua/user/img/new/ 202 B
692 B 53ms
49ms Image
image/png 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/78.png
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbeee0546ea5b8cf7ce821a9e45524e13e49bb869a98b4c08a25f10cf96f609f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10917329
alt-svc: h3=":443"; ma=86400
content-length: 202
last-modified: Fri, 11 Feb 2022 11:07:18 GMT
server: cloudflare
etag: "62064366-ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbtEDQ7V%2Bf3kxcC3nYonaOx9cagyndFs4e%2BZU9FkMkn%2BncpZmMWhCIMOaBNTGFPUxkInst5X1ZPOi3QmAYiieVVRbzUUVE28gq8WDYjB4XpTrrrseIHvhi%2FJQJfyqGEAppm70Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1f3c529073-FRA
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 sunsite-front-v15.js Show response
zn.ua/user/js/ 19 KB
5 KB 53ms
49ms Script
application/javascript 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/js/sunsite-front-v15.js
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0434b256be543691428aa936a4e854a6312bf4061b16b6d22203c61fc7f45a76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 06:41:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917622
etag: W/"642e6983-4b29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTugPCDMbeUwZM4KrSVIAMSEvyBCG%2FQWrHnB42u%2Bh1beJbqCikdg5T5e4N3CGHmmiRUyX9TQuPRfZ2SOp7uXYVd9fEQVwCrgh9cc%2BCB7%2FsjM8nu5sBoMRW7%2FGycCDccnhEPO4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 81591f1f3c549073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:17:03 GMT

GET
H3 200 Group%20478.svg
zn.ua/user/img/new/ 384 B
780 B 40ms
39ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/Group%20478.svg
Requested by: Host: zn.ua
URL: https://zn.ua/user/css/main.min-v34.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65c0ae1dafeff2eed02b817d34e7ad87ca9996c401d6fbb7b1018dfedbbbaaf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/user/css/main.min-v34.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 11:07:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"62064366-180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loTd94FfmYeoERU7%2FQ2Rw6%2FRCLZZk4wV7UwUuMmHyiPJAwltkWvwiEtySliN1homupmWwoO4An0ZlFrEm%2BJrE77zUwScDagy7F32wM3Ha5sc0gmqNtfveO8dntsFN%2FBJ9%2B9fjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f4c639073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 bread.svg
zn.ua/user/img/new/ 540 B
829 B 40ms
39ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/bread.svg
Requested by: Host: zn.ua
URL: https://zn.ua/user/css/main.min-v34.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36651c9cc2fe9ac82dcb198a92a38e63ba6104e5070729cb9af0e643666c5d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/user/css/main.min-v34.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 11:07:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917329
etag: W/"62064365-21c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCJBJDbt5Wkld6Zd8aeXpX7oe223U4WIxJt%2BXZN%2FHuSnE7dr62Kw8BkqxNvQJXfaVbuPDCBy17NenMISP8mvcxbJ6XvK0f2BcCAYRtNacUUx7z%2Be0Jyii%2FqjxV%2BxORCLEuMh1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f4c649073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:56 GMT

GET
H3 200 right-arrow__2.svg
zn.ua/user/img/new/ 784 B
935 B 39ms
39ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/right-arrow__2.svg
Requested by: Host: zn.ua
URL: https://zn.ua/user/css/main.min-v34.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e836a7a249438eeb2454e04650bb42d467d828d660eaff3b81eb1e1dd6764237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/user/css/main.min-v34.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 11:07:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917622
etag: W/"62064363-310"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0icYtX2m2s3nkriUIEbzFW12lH0F1XWcFqKiJHsNo6%2FcfqTYdgYNGnjUvjXjuZ5TaMH5K7Ubihp4chz1HkrmTXnHG1mxBNVrLuKdvGAV1il%2BElJZ22U0W1I3fC9T4yPbZ5pnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f4c659073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:17:03 GMT

GET
H3 200 Lora-Bold.ttf
zn.ua/user/fonts/ 121 KB
122 KB 39ms
38ms Font
application/octet-stream 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/fonts/Lora-Bold.ttf
Requested by: Host: zn.ua
URL: https://zn.ua/user/css/main.min-v34.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51906a46cedc27ed5e349475e3bf0eb36d464f0e642eaad0f3d430f5f89af2bf

Request headers

Referer: https://zn.ua/user/css/main.min-v34.css
Origin: https://zn.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10917730
alt-svc: h3=":443"; ma=86400
content-length: 123996
last-modified: Fri, 11 Feb 2022 14:39:28 GMT
server: cloudflare
etag: "62067520-1e45c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHMhT1mScv%2FzTJpQ2axFoCTtXXSoeL9BkiR12PrWqS%2F8nWS%2Bgb0wKinCjVvKmiFMg2j9rVPSlvbLcTI%2FtmgR9P0hHxaNDTWp7tueJQsk4oe%2FhBrhZotxZWDqcK7J0KU7gnJMzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1f5c679073-FRA
expires: Sat, 08 Jun 2024 08:15:15 GMT

GET
H3 200 youtube1.svg
zn.ua/user/img/new/ 699 B
859 B 22ms
22ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/youtube1.svg
Requested by: Host: zn.ua
URL: https://zn.ua/user/css/main.min-v34.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabcd9e28d34ad04e637006d3ff8c92a55613ce8fa2a3eec53fa277e790e7588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/user/css/main.min-v34.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 11:07:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10915891
etag: W/"62064362-2bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rw3ZswbgmZS7V2jWLbTyjAv09RV7SxQOCc2YlzVnoZQSpgGQuXuC1b%2FDP8JXw4NLOuyYSFNdlG2e8H9Trw4slQvWr8srR6JdiU1aTsi9kblTu%2Fyf1Ho6KK3sd6L8QPUKOW0ncQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f7c8a9073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:45:54 GMT

GET
H3 200 youtube2.svg
zn.ua/user/img/new/ 191 B
666 B 23ms
22ms Image
image/svg+xml 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn.ua/user/img/new/youtube2.svg
Requested by: Host: zn.ua
URL: https://zn.ua/user/css/main.min-v34.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcf23f1c6ea8dd30d15c436eff997f2b8e4d60d3a72ad938d5dbd8faa96202aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/user/css/main.min-v34.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 11:07:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10915891
etag: W/"62064362-bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FEcrsEGseyniP2pnnv%2F5vL%2F7f4aefH0hFODbLwNHioVpty%2Bjibta8UkYYDabenbqs1mtM%2FpL1lxGPWvcatldpGy0rgmEl0vxHm10o1mlx3oa2LhZy5rsbNECv2m%2BcejeijhBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 81591f1f7c8c9073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:45:54 GMT

GET
H3 200 jquery-3.3.1.min.js Show response
zn.ua/user/js/ 85 KB
30 KB 20ms
20ms Script
application/javascript 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/js/jquery-3.3.1.min.js
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/sunsite-front-v15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 Mar 2020 09:50:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917621
etag: W/"5e709d6f-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQkPWlB2BR7SY1Z3zqqHXtkJ%2FgjOW0STTFkbPizMNZ7EcpAq78TgTpaXbhk4dUMMh7E2gKMVbgFwo3sUacPaxv2Sv0ytZBQ4XHdREojbpsH%2FuLXjHNozBix7Jt7z1LrIiN8UVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 81591f1fcccd9073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:17:04 GMT

GET
H3 200 likely.js Show response
zn.ua/user/js/ 26 KB
10 KB 16ms
15ms Script
application/javascript 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/js/likely.js
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/sunsite-front-v15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83c555d4932a8c9783cf35f89e22b35c0125070bed843664cacfd10fdf303fd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2020 18:29:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917621
etag: W/"5f19d6ec-6844"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3Vh6xJ5EvsZ9dp%2BS9pF0pCXMCXmG%2FxSo1f8BvAWvCoqh3s8zqTwh0DuQkMZioe4Q4QeIqP%2FN4o21Tps6ffnfajf7gxSBmTV0N5zwJtHijTAeGtEf3lCQskxcOsSntgMbsp%2BlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 81591f1fccd29073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:17:04 GMT

GET
H3 200 social-share.css Show response
zn.ua/user/css/ 3 KB
1000 B 18ms
17ms XHR
text/css 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/css/social-share.css
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/sunsite-front-v15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae1e80a6e045ed78ed79de490b26cfe2135171530676563e6765ab0c53240262

Request headers

Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 01 May 2022 22:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917328
etag: W/"626f02e0-a8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2M0fXxx2Yw19cxqRmbDmZgCJ9c%2FA%2BMkGupHBc5wWg8rzX6iXIJngTFBqI3YNRXu1FhbpGwNsx1aA%2BJ6uCABvWIc6lJ4LHO8b92bmJVZUKzyplpRfBLEhh0nevlLp5pCzVo6lTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 81591f1fccd59073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:57 GMT

GET
H3 200 zn-auth-app.min-v6.js Show response
zn.ua/user/js/ 14 KB
4 KB 18ms
16ms Script
application/javascript 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/js/zn-auth-app.min-v6.js
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/sunsite-front-v15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 648def3c93d008e2b5521a0e24533de01f3b02190390fc84e49a4c0f44fcc690

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10917409
alt-svc: h3=":443"; ma=86400
content-length: 3221
last-modified: Wed, 07 Jun 2023 09:35:53 GMT
server: cloudflare
etag: "64804f79-c95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDoxZjNr5htO1OiBQAfPrKZ5KPZkbqnx3cpZFSF8ADr8jAfnJs4p5spOPeN0JXZhn1COplmhDxYhpJ4uD%2ByG6tgNTioRbi07ftj6moniRamawpJBhkna8IRwVs2VD%2B%2F0jZwepg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1fccd69073-FRA
expires: Sat, 08 Jun 2024 08:20:36 GMT

GET
H3 200 zn-app.min-v16.js Show response
zn.ua/user/js/ 11 KB
3 KB 17ms
15ms Script
application/javascript 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/js/zn-app.min-v16.js
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/sunsite-front-v15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43be74711ecdcbdef115a331ac4aa595db8b4fb94c716835070ac5254eb413dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9427482
alt-svc: h3=":443"; ma=86400
content-length: 2481
last-modified: Mon, 26 Jun 2023 14:10:13 GMT
server: cloudflare
etag: "64999c45-9b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BRGedECey6qDKQjplI2GcJtWzfgkv9S0b5wjj67kHaA8JJjf7GuFE3E8iebfA4Y%2FR3PeGk%2BQikFiC8e9oDDmsfvL%2BBLEnxCdkSaCdld%2BVNXUGaQk5xOvKgO%2B%2BOfkhL5V3ZEPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f1fccd79073-FRA
expires: Tue, 25 Jun 2024 14:12:43 GMT

GET
H3 200 splide.min.js Show response
zn.ua/user/js/ 29 KB
13 KB 37ms
35ms Script
application/javascript 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/js/splide.min.js
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/sunsite-front-v15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac355904c2c4a945cf94483532ee05acc93669ad7f82b4e14c52056af496271

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 14 May 2022 07:33:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917621
etag: W/"627f5b45-73b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8gn0MTdlEeTsgdyh6Hijdw1%2BbSqhQd0DFdQJ8D6lJD1wohjaprsCugymfjvBMif23zQogSuyD%2Bp9Ia4w1ExZOhRy6ufrz649xzztXayEpMG64xTvtYjDbVjI2Mhn%2B4mahXFuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 81591f1fccd89073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:17:04 GMT

GET
H3 200 splide.min.css Show response
zn.ua/user/css/ 5 KB
2 KB 15ms
14ms XHR
text/css 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/css/splide.min.css
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/sunsite-front-v15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98acab7bbcc53d7b86f0b656e5012aa1bef12de3fd0911027fcf258e14a9da3

Request headers

Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 14 May 2022 07:33:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917328
etag: W/"627f5b45-13e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GDzT3KJMbqIgTN1t3telocrmrXSs6GuiLPGPcB5XqJbr2bEXPWQzi6lj821E0n9lCAl6DEZoXfmBXPjn4UwUgOC5bhIRAP2vv4QjXjHGC%2B%2BUecfSlEtttYRMCN%2BDE8vQ%2FOf3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 81591f1fccda9073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:57 GMT

GET
H2 200 / Show response
graph.facebook.com/ 240 B
616 B 148ms
112ms Script
text/javascript 2a03:2880:f084:10d:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fzn.ua%2Fukr%2Fwar%2Fu-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv.html&fields=og_object%7Bengagement%7Bcount%7D%7D&callback=__likelyCallbacks.random_fun_1

Requested by

Host: zn.ua
URL: https://zn.ua/user/js/likely.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:10d:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20ab9eda712b60e9f7fc2c4ef2ef2661c593ad8364489ad3b7ab669b663ad748

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date: Fri, 13 Oct 2023 16:57:25 GMT
x-fb-rev: 1009228734
alt-svc: h3=":443"; ma=86400
content-length: 179
pragma: no-cache
x-fb-debug: +TNYr6aBQVA0N79cwWPJKenhUKWLtsueqb5MQhWxuEBr+IO7ZAx7IZwCS52yLXBfvhbGrM2nrEQGkIVXY6LvtA==
x-fb-trace-id: E7jIXLkkJ8u
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AcGStybTCjHWhUAfTKZKllz
cache-control: no-store
facebook-api-version: v12.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
zn.ua/ukr/actions/auth_default_ajax/ 852 B
1 KB 80ms
80ms XHR
text/html 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/ukr/actions/auth_default_ajax/
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/zn-auth-app.min-v6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 8011a28355d5987a70eb6ff537d4e9b4b18817fe93e231cda448b5e629fd9f71

Request headers

Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.28
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 13 Oct 2023 16:57:25 GMT
server: cloudflare
vary: Accept-Encoding
create-date: Fri, 13 Oct 2023 19:57:25 +0300
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://zn.ua
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtqM6aCXGMj5fr34djBxJE5Td4yk7JGzgp9w51tomwHRmGMZ7nS28V84%2BY0e9GGvfxpXECdpkriVWDqO1hy3j8DiEDjHjiR5Ex1VBPUlmDdaJ67ds3i8r6Tuh1Ymkg4ONH541Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, post-check=0, pre-check=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 81591f200d119073-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 stat Show response
zn.ua/ukr/actions/profile/banners/ 7 KB
2 KB 79ms
78ms XHR
application/json 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/ukr/actions/profile/banners/stat
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/jquery-3.3.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 8bf241517f10115d2b4aa3169e2dd883bd7496a58b83d2af8ad558f9011506ce

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.28
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 13 Oct 2023 16:57:25 GMT
server: cloudflare
vary: Accept-Encoding
create-date: Fri, 13 Oct 2023 19:57:25 +0300
content-type: application/json
access-control-allow-origin: https://zn.ua
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2YKTsoO%2FMm8AymXGtRXK6pLQPGFgggRS8ceTG2rVe2VVk9fx4hxUO1AeLO%2Bd4qy8Ee%2FDbeQjuppHYkF6%2B2z2CgOc7yf5Db7DBPjabiILvJ%2BcpbDPHe9lpfdQ2JPP8xoodl4uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, post-check=0, pre-check=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 81591f201d319073-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 jquery.history-v2.js Show response
zn.ua/user/js/ 21 KB
7 KB 19ms
18ms Script
application/javascript 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/js/jquery.history-v2.js
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/sunsite-front-v15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20260673f24e4100f0ede6bc919b4d38b31b587d26fe06e36ab8e76e43bdcd4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 08:55:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917621
etag: W/"6206249d-543c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWjvVPJyl9RulER%2FQDLPegeqUpNC%2BCzzugK9k5CLk%2BpqyvvrTjTI4XN7mnDS9hUr4P3RsGlCSGc97GLkIdfgIWkdeAqX9b5iz1V9kXg1YyUZkaIK8o%2FRsXHxNJW%2FiX7ItLMtWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 81591f201d329073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:17:04 GMT

GET
H3 200 nprogress.min.js Show response
zn.ua/user/js/ 4 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/js/nprogress.min.js
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/sunsite-front-v15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56e852a11b709e61ad947b2a575ad63efc7f5088ca7c18c73f1c3dc7518f7bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2020 17:29:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917328
etag: W/"5f19c908-100d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrdNAdfzP4ClruZK5NdB2AX6CvsRu3TfnsmOdgLvKi4%2Foel%2Fmyv7Ajha5hFPJ8eJtp0Kz1h2ZuiWxK7i2bMocWeYTbm8QnOYvpKouKQzWaADhBxsWl6zJw04i4PafMpT%2F998Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 81591f201d339073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:57 GMT

GET
H3 200 nprogress.css Show response
zn.ua/user/css/ 1 KB
1 KB 19ms
19ms XHR
text/css 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/css/nprogress.css
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/sunsite-front-v15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df85d683949489406b472d3a7d5ac9e1c095b0ddb645dd6134e13d5a2329f3bb

Request headers

Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2020 17:29:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917328
etag: W/"5f19c908-5f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFnvW2yapayTSXHtSdK%2BGNcP6JA1bTM7BWdHtDlEUUnUnBUYPS%2BOamWS7FhlK92r9yGaBH1nJIXcUKCpAZDq1adasckNdJoGIvEGML6CQgP0A8szDkhg08fiCHgLNtzRfQEAsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 81591f201d359073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:57 GMT

POST
H3 200 / Show response
zn.ua/ukr/actions/comments/ 198 B
832 B 77ms
77ms XHR
text/html 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/ukr/actions/comments/
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/jquery-3.3.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 087a3b2b9c7bce486f28d28f71e590a92fdb5702e7f56db221bcca3002dff00f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.28
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 13 Oct 2023 16:57:25 GMT
server: cloudflare
vary: Accept-Encoding
create-date: Fri, 13 Oct 2023 19:57:25 +0300
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://zn.ua
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEkly2tbznUhgLd4eAD2eIo%2FPVdoEtk046c0HaZF7I9GZoikvdd99lTcy%2Fo95npHGYz9w1m0cC%2BiZTbLw%2FXx7pSx%2B13lZan1UBsh6R5ldKqAq259kAWQtgqMDl%2BFjnGoXynUpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, post-check=0, pre-check=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 81591f202d399073-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 hit Show response
c.hit.ua/ 320 B
598 B 166ms
46ms Script
application/x-javascript 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://c.hit.ua/hit?i=26012&g=0&x=3&s=1&c=1&t=-120&w=1600&h=1200&d=24&0.48405405510616983&r=&u=https%3A//zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: 4e92760be1225a35ab31794b9682fbcb6072b1eddb39e475c73b19009efec229

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="UNI"
pragma: no-cache
date: Fri, 13 Oct 2023 16:57:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: application/x-javascript
server: nginx/1.17.9
expires: 0

GET
H3 200 jquery.unveil.js Show response
zn.ua/user/js/ 2 KB
1 KB 17ms
17ms Script
application/javascript 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/js/jquery.unveil.js
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/sunsite-front-v15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d2f19363612cfe8c5f8bc4f58cce29db0263f4ff0d0151186e0da3ee5f7b3c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Jul 2020 17:29:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10917328
etag: W/"5f19c908-645"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dqkeh5%2BOMJBCR0ZSoC1S%2BbFecHmCa%2BKAvWPAv%2FNaUMtS41X9FojN1SJRBoZugi6zZApNts2Pc7S8dEYpbGuFnY0MIEWwiceHIQSu3082cy7oq3LJP48IwYjJi7bpszrXDkKE0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 81591f202d409073-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 08:21:57 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 190ms
104ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47aefa28218dcc6208b959765326f00325dc4deadb2284f45d8a9c47395bca39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29522
x-xss-protection: 0
server: cafe
etag: 176 / 19643 / 31078768 / config-hash: 8825080756604653567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 13 Oct 2023 16:57:25 GMT

GET
H3 200 splide-app.min.js Show response
zn.ua/user/js/ 8 KB
2 KB 16ms
15ms Script
application/javascript 2606:4700:3030::ac43:9a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zn.ua/user/js/splide-app.min.js
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/sunsite-front-v15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aede8cc1a7098eedd8bae08f6b692854754f576b8032e772ea32bd30d74c1e00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10917327
alt-svc: h3=":443"; ma=86400
content-length: 1631
last-modified: Thu, 12 Jan 2023 15:30:32 GMT
server: cloudflare
etag: "63c02798-65f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2tzv3iAis33VCJ99FPu64U%2BwdpDT%2BVv7YnN9CeIXxXvuFTFoKWYbWz8CNfdeDZesFFYh9dq3V6aqiE8Jrgsas14WAdc4auNdPr6w9IWzq5wPOAtw1PG7LN6NFrqtkh1aShgmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81591f203d619073-FRA
expires: Sat, 08 Jun 2024 08:21:58 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/zer/ 421 KB
137 KB 49ms
7ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/zer/ym.js
Requested by: Host: zn.ua
URL: https://zn.ua/user/js/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: ad930fe72caf6fe9a3f24e9cf42b44f5602932f5246a9a9907600c03b90b2af6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-storageserver: DE-165
cdn-cachedat: 10/13/2023 10:13:59
cdn-pullzone: 139012
last-modified: Thu, 05 Oct 2023 20:20:37 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 413
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"651f1a95-6921d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: e57aa23f7affa336a36fe35d2ed236ad
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 589 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf9bd542074c807245624ae2ee63906fdfc582c42c286dc2380402d758c0cb96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
region1.analytics.google.com/g/ 0
247 B 49ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5BRSB4FRED&gtm=45je3ab0&_p=266032395&_gaz=1&cid=775695239.1697216246&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697216245&sct=1&seg=0&dl=https%3A%2F%2Fzn.ua%2Fukr%2Fwar%2Fu-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv%2F&dt=%D0%9E%D0%B1%D1%81%D1%82%D1%80%D1%96%D0%BB%20%D0%9D%D1%96%D0%BA%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20-%20%D0%BF%D0%BE%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%BE%20%D0%B4%D0%B2%D0%BE%D1%85%20%D1%80%D1%8F%D1%82%D1%83%D0%B2%D0%B0%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D1%96%D0%B2%20-%20ZN.ua&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5BRSB4FRED
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 63ms
18ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5BRSB4FRED&cid=775695239.1697216246&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5BRSB4FRED
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 159ms
75ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5BRSB4FRED&cid=775695239.1697216246&gtm=45je3ab0&aip=1&z=1390492646

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 46ms
14ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3006560-33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 15:56:55 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3630
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 13 Oct 2023 17:56:55 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 351ms
111ms Preflight 3.15.36.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-78.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://zn.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 13 Oct 2023 16:57:26 GMT
x-amzn-RequestId: c791a6c4-9f65-0643-9a32-dff2ce4036c6

GET
H2 200 geolocation.json Show response
cdn.membrana.media/ 3 B
679 B 23ms
8ms Fetch
text/plain 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/geolocation.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/zer/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ym-ip: 2a03:1b20:6:f011::1e
date: Fri, 13 Oct 2023 16:57:25 GMT
cdn-edgestorageid: 1082
cdn-storageserver: DE-599
cdn-cachedat: 10/13/2023 10:13:43
cdn-pullzone: 139012
x-ym-country: DE
content-length: 3
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 309
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "622b54c3-3"
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: x-ym-country, x-ym-ip, cdn-requestcountrycode
cache-control: public, max-age=86400
cdn-requestid: 5a59f6c8e967acd33640057bf5c7918c
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
546 B 119ms
118ms Fetch
application/x-amz-json-1.1 3.15.36.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/zer/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-78.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 8b33725dac29a96e8e2a1856d3574e0b31c3fce9d317f1ed228364d4a7fd53f0

Request headers

Referer: https://zn.ua/
X-Amz-Target: Kinesis_20131202.PutRecord
accept-language: de-DE,de;q=0.9
X-Amz-Date: 20231013T165725Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20231013/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=2adb3e1c06a1476b4ba35d69c8eadb12828b792e6cc5014c6ecbb17e33e11539
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 13 Oct 2023 16:57:26 GMT
x-amzn-RequestId: ce934f46-8d33-e733-9330-3670dc16d7b6
Content-Length: 110
x-amz-id-2: /1zgunWcikR1/fxfKqKAHatAQqHoMjIZXq7oMxxnz/yz263HtIvT1qQapXHmHPzVRcQmxdDF9Wm3OKFLygxmUaSiOLXpEt1I
Content-Type: application/x-amz-json-1.1

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 337 KB
106 KB 8ms
7ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/zer/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 65d22832c4f8e7133bc1e1f828a7f63fa463d2ccc27f8c8d57ae908d86576de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:25 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-storageserver: DE-588
cdn-cachedat: 10/13/2023 14:35:31
cdn-pullzone: 139012
last-modified: Fri, 13 Oct 2023 14:35:25 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 637
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"652955ad-545dc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 1868f1980705537165d964fa8c85b019
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 36ms
15ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231013

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/zer/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc199896e3265b455b71f95436abb463f1c18c78d2658a01256ed0932cfc000c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zn.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3396
x-jsd-version: 1.0.1842
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7023-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"63b-Y0+98qnTuk0TPS1Yvik3nzYvQfA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMHRDXw8R0E89r0FnznGseuYqRwly2T%2FNOgxbo28wDmJLt1tkd3XC%2FE%2BZAQnfbSpFA3I3zzsMgLJoToblTP%2Fdh7%2BsMR9RRNtXPEhhijZkhmZsp8RyS2oe9nOJ17dqRYlRNgNMYOkHP1HjrSN5zA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81591f218f982c6f-FRA

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D283%26mapped%3D%7Buser_id%7D%26gdpr%3D0
https://pixel.onaudience.com/?partner=283&mapped=7e2be0c3-9ffb-4eb2-ab9c-e2859d816e80&gdpr=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
149 B

109ms
35ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
200 B 18ms
17ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=266032395&t=pageview&_s=1&dl=https%3A%2F%2Fzn.ua%2Fukr%2Fwar%2Fu-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%B1%D1%81%D1%82%D1%80%D1%96%D0%BB%20%D0%9D%D1%96%D0%BA%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20-%20%D0%BF%D0%BE%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%BE%20%D0%B4%D0%B2%D0%BE%D1%85%20%D1%80%D1%8F%D1%82%D1%83%D0%B2%D0%B0%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D1%96%D0%B2%20-%20ZN.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1069997461&gjid=1051969651&cid=775695239.1697216246&tid=UA-3006560-33&_gid=819789474.1697216246&_r=1&gtm=457e3ab0&jsscut=1&z=2001907664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zn.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 322ms
107ms Preflight 3.15.36.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-78.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://zn.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 13 Oct 2023 16:57:26 GMT
x-amzn-RequestId: d13571f4-6104-c2d5-8c96-08c2e7d210f4

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 255 KB
63 KB 53ms
9ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:00:11 GMT
content-encoding: gzip
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 19:43:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 3436
etag: W/"e1caada96468a3b669d0d0cc6ec9a23c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 7Ao91pIStcs4ggcWB19bHitU5rz7EUOO6ZQjHHi-NPW3lGU52wK3_g==

GET
H2 200 geolocation.json Show response
cdn.membrana.media/ 3 B
678 B 7ms
7ms Fetch
text/plain 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/geolocation.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ym-ip: 2a03:1b20:6:f011::1e
date: Fri, 13 Oct 2023 16:57:26 GMT
cdn-edgestorageid: 1082
cdn-storageserver: DE-599
cdn-cachedat: 10/13/2023 10:13:43
cdn-pullzone: 139012
x-ym-country: DE
content-length: 3
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 309
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "622b54c3-3"
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: x-ym-country, x-ym-ip, cdn-requestcountrycode
cache-control: public, max-age=86400
cdn-requestid: 657a485239ffbad6e61f8029bf75b541
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 204 vpaid Show response
server.smartytech.io/ 0
243 B 90ms
26ms XHR
text/plain 146.59.110.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://server.smartytech.io/vpaid?id=45&referer=https%3A%2F%2Fzn.ua%2Fukr%2Fwar%2Fu-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv%2F

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.59.110.145 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3225527.ip-146-59-110.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin: https://zn.ua
date: Fri, 13 Oct 2023 16:57:26 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
x-content-type-options: nosniff
server: nginx

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
546 B 113ms
113ms Fetch
application/x-amz-json-1.1 3.15.36.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/zer/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-78.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: b612d3d278363998652e8b5d50c32229e60244e5e4149f7a32933060c58dfcb3

Request headers

Referer: https://zn.ua/
X-Amz-Target: Kinesis_20131202.PutRecord
accept-language: de-DE,de;q=0.9
X-Amz-Date: 20231013T165726Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20231013/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=db933c7f3a6d88afdb88ea3ac95e4ff49877847332f0225c1b588fc64bfa0ba3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 13 Oct 2023 16:57:26 GMT
x-amzn-RequestId: f4050562-fdc1-775c-a9a6-7c547b17a57d
Content-Length: 110
x-amz-id-2: 4s45WWnQQog8PC/Aip/hU1IHhMwORyGuOEbNsmuwzFu17j2kullUEIiEkhXdZc7NUXlQoFfOZAKGrgxO5dMObRtpx+8I/Bup
Content-Type: application/x-amz-json-1.1

POST
H2 200 load_playlist_attempt
ym-tack.b-cdn.net/ 688 B
1 KB 55ms
23ms Ping
text/html 2400:52e0:1e00::722:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/load_playlist_attempt?sellbe;ZER;https://cdn.membrana.media/video/zer/desktop/videoSources.json;aea6f383-2c12-4c63-bf7f-ad5bf6311787
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-722 /
Resource Hash: 2060077bd731e5532e89b2a0a84af61e9f8759dc3177f7bec0f0254ef2dbf954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
cdn-edgestorageid: 722
cdn-storageserver: DE-680
cdn-cachedat: 10/13/2023 16:57:26
cdn-pullzone: 749406
content-length: 688
server: BunnyCDN-DE1-722
cdn-fileserver: 256
cdn-requestpullcode: 405
cdn-proxyver: 1.04
etag: "64e0660d-2b0"
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=0
cdn-requestid: 526948bf5458c06f77fc1bbaaaea3fe1
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 videoSources.json Show response
cdn.membrana.media/video/zer/desktop/ 330 B
933 B 7ms
7ms XHR
text/plain 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/zer/desktop/videoSources.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 568947c14d67ce73d6b9be0122be4cb035f641227e6dc584332243bcd08f0ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-storageserver: DE-679
cdn-cachedat: 10/13/2023 10:15:04
cdn-pullzone: 139012
last-modified: Wed, 11 Oct 2023 21:04:51 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 646
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65270df3-14a"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 726caefd8481e51e0113bc7f56e1da02
timing-allow-origin: *
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 video-js.min.css
cdn.jsdelivr.net/npm/video.js@7.10.2/dist/ 39 KB
11 KB 43ms
26ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video-js.min.css

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20161429
x-jsd-version: 7.10.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-jnb7022-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"9c74-gctcuC69YhaG/DD9GQ5wdLQgH0k"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGqEisf3EceV2BV2EjR9DimBalWgjuerEI6XMzOVA%2BIdcplg67DQq0dzlkSuqLy9BQSrpXaPEyAFdnMXyCXy5N%2FtceQhVtZlZLaHNrjyJmc6pUHJ4QOtL4qA5PEhFi%2FB4ocbA%2BXCY1LJUI%2BesMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 81591f21dfd337e9-FRA

GET
H3 200 video.min.js Show response
cdn.jsdelivr.net/npm/video.js@7.10.2/dist/ 507 KB
141 KB 54ms
38ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video.min.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afdc0c9d333535763aa9bd3dfd8774ce5e91e25d7f88f94ed04dbcf15a37422a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14613297
x-jsd-version: 7.10.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230060-FRA, cache-yyz4568-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"7ea72-NUHhQfHLDs+4qjHF6W3MzXuUrNc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mB5rsDgOBV37A6%2Fw4HsqYxqs%2BzgXpkSbnIlvcbRObk4bBzCrW76qgRgCkuZxElGCeDQRE7CLRPKQLwmoJLTg5DSp85K9BqQxlCBBmL64jgWlXzhUqsBnm%2BhkCNuAHXB3m%2FZymQ9HxUvyJy6%2FCc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 81591f21dfd137e9-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3006560-33&cid=775695239.1697216246&jid=1069997461&gjid=1051969651&_gid=819789474.1697216246&_u=YADAAUAAAAAAACAAI~&z=1341746332

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zn.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 13 Oct 2023 16:57:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/ 420 KB
132 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 10:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22842
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134722
x-xss-protection: 0
server: cafe
etag: 2928310903106852838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 12 Oct 2024 10:36:44 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 334ms
111ms Preflight 3.15.36.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-78.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://zn.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 13 Oct 2023 16:57:26 GMT
x-amzn-RequestId: e2e6ec6c-db9f-60c2-bf45-955a1d07b805

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
546 B 119ms
119ms Fetch
application/x-amz-json-1.1 3.15.36.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/zer/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-78.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 473056457318cc0b32cad6b76f7e269ea7f6e3f55f84bae5ec33853503238029

Request headers

Referer: https://zn.ua/
X-Amz-Target: Kinesis_20131202.PutRecord
accept-language: de-DE,de;q=0.9
X-Amz-Date: 20231013T165726Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20231013/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=9721bbf064dff9409aae426bdac14951224a94f881db6f4bedb0f11b47b6e2bb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 13 Oct 2023 16:57:26 GMT
x-amzn-RequestId: fc3440b3-71d7-c65e-a197-3985b74f1e99
Content-Length: 110
x-amz-id-2: XVQrhjxvhhtkv2y37PXgV2885MJoA/Gcczudw82b2pQiCWT3ni4D/ZOdO0Wsp2Ci0Ajq8RxWtIqHgJtpJP76XKhK6DW5N+MJ
Content-Type: application/x-amz-json-1.1

POST
H2 200 load_playlist_success
ym-tack.b-cdn.net/ 688 B
1 KB 36ms
24ms Ping
text/html 2400:52e0:1e00::722:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/load_playlist_success?sellbe;ZER;https://cdn.membrana.media/video/zer/desktop/videoSources.json;aea6f383-2c12-4c63-bf7f-ad5bf6311787
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-722 /
Resource Hash: 2060077bd731e5532e89b2a0a84af61e9f8759dc3177f7bec0f0254ef2dbf954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
cdn-edgestorageid: 722
cdn-storageserver: DE-51
cdn-cachedat: 10/13/2023 16:57:26
cdn-pullzone: 749406
content-length: 688
server: BunnyCDN-DE1-722
cdn-fileserver: 332
cdn-requestpullcode: 405
cdn-proxyver: 1.04
etag: "64e06680-2b0"
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=0
cdn-requestid: c6ae697abd2d6c7a05e00b15eaf9eb2d
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 150ms
66ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3006560-33&cid=775695239.1697216246&jid=1069997461&_u=YADAAUAAAAAAACAAI~&z=1213048689

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 77ms
76ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3006560-33&cid=775695239.1697216246&jid=1069997461&_u=YADAAUAAAAAAACAAI~&z=1213048689

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 71d4b8ca-53d1-4309-a952-3306259fb046 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
803 B 59ms
9ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 05d57a77002e6b32591d8ea71e5814d7f8f133bf121b44e7f2841a218096f261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:04:44 GMT
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3162
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: DW7Xl87Vc17pA5dDhUDVXEPl459O64t014yY22MPZQ_yyK37L2Cw9Q==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 10ms
7ms XHR
text/plain 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fzn.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:25:12 GMT
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 12733
x-cache: Hit from cloudfront
access-control-allow-origin: https://zn.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: VEi7LsdkgHilmi7UD3Npl4OVusMs6xN6E5aaOEKZNJ_LcHre93kCVQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
8ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
date: Fri, 13 Oct 2023 06:04:00 GMT
x-amz-cf-pop: FRA56-P3
age: 39207
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: rsuUmCAx81d6jUJ-0Wa6x7FMFQWFAlGoMYgYW0JD7SHwZ7z8F1FZFA==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
124 KB 156ms
51ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126235
x-xss-protection: 0
expires: Fri, 13 Oct 2023 16:57:26 GMT

GET
BLOB 200
OK 7a64cada-68e6-41af-b120-81b320bfef61
https://zn.ua/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://zn.ua/7a64cada-68e6-41af-b120-81b320bfef61
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 427 KB
99 KB 646ms
645ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1875069853756377&correlator=832107932928091&eid=31078768%2C31068825%2C31078660%2C44769661&output=ldjh&gdfp_req=1&vrg=202310100101&ptt=17&impl=fifs&iu_parts=116515279%2Cnp-left-1%2Cnp-mobile-news%2Cnp-left-2%2Cnp-right-2%2Cnp-mobile-main%2Cnp-mobile%2Cnp-right-3%2Cnp-footer%2Cnp-right-4%2Cnp-right-1%2Cnp-square-main%2Cnp-mobile-main-2%2Cnp-mobile-main-3%2Cnp-mobile-main-4%2Cnp-mobile-main-5%2Cnp-mobile-main-6%2Cnp-anchor-mobile%2Cnp-anchor-desktop%2Cnp-in-article-desktop&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18%2C%2F0%2F19&prev_iu_szs=300x250%2C300x250%7C300x400%7C300x300%2C300x500%7C300x600%7C300x250%7C300x400%2C300x500%7C300x600%7C300x250%7C300x400%2C300x300%7C300x250%2C300x250%2C300x600%7C160x600%2C580x400%2C300x600%2C300x500%7C300x600%7C300x250%7C300x400%2C300x400%7C300x250%7C300x600%7C300x500%2C300x300%7C300x250%2C300x300%7C300x250%2C300x300%7C300x250%2C300x250%7C300x300%2C300x250%7C300x300%2C320x50%7C320x100%7C300x250%2C970x90%7C728x90%7C990x90%7C980x90%2C320x50&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697216246216&lmt=1697209010&adxs=1141%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C265%2C1141%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C315%2C-9&adys=1434%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C2272%2C144%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C1110%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C2%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fzn.ua%2Fukr%2Fwar%2Fu-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv%2F&vis=1&psz=300x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C770x400%7C300x600%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x-1%7C0x-1&msz=300x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C770x400%7C300x600%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C970x-1%7C0x-1&fws=4%2C2%2C2%2C2%2C2%2C2%2C2%2C516%2C4%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C516%2C2&ohw=1600%2C0%2C0%2C0%2C0%2C0%2C0%2C1600%2C1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1600%2C0&ga_vid=775695239.1697216246&ga_sid=1697216246&ga_hid=266032395&ga_fc=true&dlt=1697216245567&idt=611&adks=3105195299%2C1111349757%2C3637447060%2C248349400%2C1678884532%2C2531923183%2C1788019672%2C399345106%2C2772360799%2C2094445704%2C3302424636%2C3061631515%2C3847357983%2C669114676%2C4173144747%2C3560774174%2C250691527%2C2594685451%2C1144907398&frm=20&is_cau=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9f2deecbb90dbeab1ded4f9aa48dcda0fed3c4a78ef04d1a1fe04512d61afbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101734
x-xss-protection: 0
google-lineitem-id: -1,-1,6388569020,-2,-2,-2,-2,-1,-1,-2,-2,-2,-2,-2,-2,-2,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138448359385,-2,-2,-2,-2,-1,-1,-2,-2,-2,-2,-2,-2,-2,-2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zn.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F746 6 KB
3 KB 156ms
45ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 16:57:26 GMT
expires: Sat, 12 Oct 2024 16:57:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 videojs.ads.css
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/ 975 B
968 B 25ms
25ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/videojs.ads.css

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14613296
x-jsd-version: 6.7.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230065-FRA, cache-yyz4537-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"3cf-QkYNpQ1t+HGGuQzDGS8mZdpVWDg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BS4l9ijyXursQyzKgnGOZZWn6ZhEmF0RxPFHbScR8g8UH7aifWZh97yrW7%2BDtfAahyngGnJILE8S29Fw%2BTerlE3GMmwi6vBoo6vqNtPW2et5wdbh2ry63xVIl4isao9hMQUYC7NY04WIVpTsXs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 81591f242be537e9-FRA

GET
H3 200 videojs.ads.min.js Show response
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/ 27 KB
8 KB 26ms
25ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/videojs.ads.min.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20161427
x-jsd-version: 6.7.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230041-FRA, cache-yyz4554-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"6a3c-OUUBKv7icoV/OxPeKLpcAlpHAGg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHz8ib4YBhrr205GGKDiqJPO6ks%2FMZzWPMTi2KDO5jOwl1Ti2qJve8jrxQjF7fdovwbgpksbnZ0ka3VrpVaGpaxLPTev1fKi64g89Bl8jA7KOMQM5wdloszT2N40ZucA4GqfbdR%2B%2B%2BB5QWG8bEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 81591f242be837e9-FRA

GET
H3 200 videojs.ima.min.css
cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/ 3 KB
2 KB 23ms
22ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/videojs.ima.min.css

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

479a52faa72664b9318911a1f3cd1a082dd169090b9bf688fbf54981a7544f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20161427
x-jsd-version: 1.9.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-yyz4559-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"a4e-O74oHTnsIDZGOCZu1d1V6JdzQ/o"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCSVOFVYQ4d3xYaENWx044mZFCEcu%2FQRJWEycce4TDDp%2BVZ2e37Cd8EnU31uOvoAJiuXdWlgNs03qhUp7PzbiqIlO0i9EJBfyNBa%2BJmnDzAa52DgQtDWyvoBVy%2FkozmHBwnsAhd7bcXagsHp9JQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 81591f242beb37e9-FRA

GET
H2 200 videojs.ima.mod.min.js Show response
cdn.membrana.media/video/vast.vpaid/ 35 KB
8 KB 11ms
11ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/vast.vpaid/videojs.ima.mod.min.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 5592ad11c9602028561e12b5d951d8928b9ef7676e9a3b5e91b1a05e28d47678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-storageserver: DE-599
cdn-cachedat: 10/13/2023 10:13:43
cdn-pullzone: 139012
last-modified: Fri, 24 Feb 2023 11:28:26 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 406
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"63f89f5a-8b5f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: d18901184513f1634902b4c73cbd5f6a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs_5.vast.vpaid.js Show response
cdn.membrana.media/video/vast.vpaid/ 138 KB
46 KB 12ms
12ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/vast.vpaid/videojs_5.vast.vpaid.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?a386c7|e6412f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: c735950c8ab40de3cc8ad9784dedf0c960ae099855c69900c5ded77f82521afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-storageserver: DE-587
cdn-cachedat: 10/13/2023 10:13:42
cdn-pullzone: 139012
last-modified: Sun, 24 Sep 2023 10:00:05 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 659
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"651008a5-227b5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 00000bd918e01951698a19387278265c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 zn-ua-main25-23352-20231011.webp
membrana-cdn.media/zer/desktop/ 34 KB
35 KB 224ms
78ms Image
image/webp 91.218.212.13
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://membrana-cdn.media/zer/desktop/zn-ua-main25-23352-20231011.webp

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.218.212.13 , Ukraine, ASN42352 (QOS, UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

7444945e18f61c3067915672b55591657061e7c0636e84ac2ddda66604b43f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
strict-transport-security: max-age=63072000
last-modified: Wed, 11 Oct 2023 21:04:50 GMT
server: nginx
etag: "65270df2-89cc"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 35276
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://zn.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
546 B 117ms
117ms Fetch
application/x-amz-json-1.1 3.15.36.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/zer/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-78.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e92c1c68b9be9ffbfe727c153b46c6e76cd4363c59a0b20c0fc040c369532593

Request headers

Referer: https://zn.ua/
X-Amz-Target: Kinesis_20131202.PutRecord
accept-language: de-DE,de;q=0.9
X-Amz-Date: 20231013T165726Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20231013/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=ad14c25c86ef46d248c7bc8b538b932a46097c6816f4029adfcec58434b2057c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 13 Oct 2023 16:57:26 GMT
x-amzn-RequestId: e59cb3f3-46eb-983e-b83f-cac5807340f9
Content-Length: 110
x-amz-id-2: JqyP32kBWVkxX7yJl5bnGvDJl5fEsOVLnGvuzrqm44dM6fFJw8ts6KJAbAeI7jiJ4tzSumW32YhLb4XXlSRLU11gkOJN0X3C
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 156ms
155ms Preflight 3.15.36.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-78.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://zn.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 13 Oct 2023 16:57:26 GMT
x-amzn-RequestId: fcc33b6b-4633-c5bf-a160-425d80ab1d78

GET
H2 200 bridge3.595.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 87B1 726 KB
233 KB 39ms
39ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 335303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 238136
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 19:49:03 GMT
expires: Tue, 08 Oct 2024 19:49:03 GMT
last-modified: Mon, 09 Oct 2023 19:46:17 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 134ms
49ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Oct 2023 16:57:26 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E1E2 40 KB
14 KB 132ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 13 Oct 2023 17:16:40 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 167ms
90ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ddf36382f1222811a4c2382a4c8f6eeb513b600fc66a065fae12edc96c94a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12349
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame E496 196 KB
56 KB 129ms
35ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 258219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame E496 15 KB
5 KB 243ms
149ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 258219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame E496 94 KB
28 KB 231ms
137ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 258219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame E496 5 KB
2 KB 244ms
151ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 258219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame E496 40 KB
13 KB 225ms
132ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 258219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E496 6 KB
1 KB 124ms
45ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Oct 2023 16:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 16:04:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Oct 2023 16:57:26 GMT

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E496 3 KB
3 KB 157ms
76ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 07:38:49 GMT
x-content-type-options: nosniff
server: cafe
age: 33517
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Sat, 14 Oct 2023 07:38:49 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E496 344 B
449 B 159ms
78ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 14894
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 14 Oct 2023 12:49:12 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/9118233027301288181/ Frame E496 53 KB
53 KB 166ms
85ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9118233027301288181/2076313506083323656

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4e79b3e68fc49a65bbab44fb8210aeb164671f8083b6863f3f3465fcdf207c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 07:37:37 GMT
x-content-type-options: nosniff
age: 551989
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54228
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 00:26:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Oct 2024 07:37:37 GMT

GET
DATA 200
OK truncated
/ Frame E496 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b62f42d8bd3be4bc8ff4df964aab505b4ba6712ce94e54f57323f42b953c762c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E496 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 783779b4b1007b9c2b2557ff8542693703aff2b14f5f9b2d3dccd973e5efb1c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74A6 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 16:57:26 GMT
expires: Sat, 12 Oct 2024 16:57:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame 7C70 196 KB
55 KB 121ms
79ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 258219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 7C70 15 KB
5 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 258220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 7C70 94 KB
28 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 258220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 7C70 5 KB
2 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 258220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 7C70 40 KB
13 KB 129ms
128ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 17:13:47 GMT
age: 258220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 17:13:47 GMT

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7C70 3 KB
3 KB 110ms
78ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 07:38:49 GMT
x-content-type-options: nosniff
server: cafe
age: 33517
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Sat, 14 Oct 2023 07:38:49 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7C70 344 B
402 B 112ms
81ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 14894
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 14 Oct 2023 12:49:12 GMT

GET
H2 200 9828280142942883258
tpc.googlesyndication.com/daca_images/simgad/ Frame 7C70 37 KB
37 KB 67ms
37ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9828280142942883258?w=360&h=720&tw=1&q=75

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0372e9e592ae80152fbec08e51df31a20c9aa49cfda17f9a585fe1338ae85e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:05:03 GMT
x-content-type-options: nosniff
age: 132743
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37529
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 01:21:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Oct 2023 04:05:03 GMT

GET
DATA 200
OK truncated
/ Frame 7C70 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6c8eba9a4d17e6f2e2c56233c52b2d58d5f567a44ce76a99d15317179feadc9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5739 6 KB
3 KB 38ms
38ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 16:57:26 GMT
expires: Sat, 12 Oct 2024 16:57:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 16:57:27 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9647 624 B
827 B 165ms
79ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNX5XJDXP79a2OIkIGWja-bYJnWPghI40bMGIBl10kO8kq6bKchis2F_JtKpxjLTg-yX-FId1iWc04vvS_KHhXjec0EYWRNnmkRntyX4Zl0L4ZOqrF6AifGYYfC_QlHAKKwCl_ecr7999z6Hr18ETSg30Rc0kzSR4iOqUk9Qq2vF6D6uxwU

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 16:57:27 GMT
expires: Fri, 13 Oct 2023 16:57:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B86F 89 KB
31 KB 177ms
174ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 13 Oct 2023 16:57:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame B86F 3 KB
1 KB 92ms
89ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 14:27:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 14:27:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame B86F 20 KB
8 KB 89ms
86ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 22:47:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B86F 187 KB
59 KB 136ms
49ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Oct 2023 16:57:27 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B86F 42 B
173 B 75ms
73ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjisGaofvdn3AEykKdNukQ4w7Fo8CewRXOkDXnaNE6b9LInEI4zksV_9eoeYYvNPZO5V5dNa0kz1lUQouQhzHwXWuQUViFb3bEiBHi6DA13G7zsE8

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B86F 0
58 B 75ms
73ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7886150875537770451&x=1&ct=77

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7D84 624 B
505 B 153ms
79ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXllwEQkt7nuQQYjrmi-QEwAQ&v=APEucNVzEril9YOvTgQ58SikZkYaC595co1htCgQU0UyCgHy3H1vLUZegSM1chUnW5281b20zre6QjAaBPRTekjLMQ22mOar-jMe1Jfq7q0jsWMAljn6FjkW3MyEhsHvjxy72Ge03_hgxcomKHGaybDVzlpviPFp8jqrv03M7xetO5GO0exdOTw

Requested by

Host: ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
URL: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 16:57:27 GMT
expires: Fri, 13 Oct 2023 16:57:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 5739 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 23:02:13 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 5739 7 KB
3 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 00:26:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 00:26:14 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5739 0
0 169ms
83ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCMNqSdqQGEef5ROUpM0bw_x7-sMgq2JdKLuBxUeIhG2Teg43IcRXfOpz1i_ySEHBXY4gO1BQyUlF1tDpm1sWLxD24jA2d5l47neWnIoiaMTGK4Uju-vFrje1nhhgJGq6P6F1UKKuqHBejezVUoDGvPt51B1JsvjUPQY8KOVrwBE_Wyo-EEvE8ih-SQI5e4x7rksD8VMxPRrMmkfqrSRdHa1qKblAZJdJsG1T9e0vp2ajP4CoIYxfjs6R0B8rkU4rLbPIxUCV6fbp6AROECffXUtLF6bagXugjpgsQifpMD6-OZZpG26AgotH37xIkmQls_w12U0X9W67CaJV4f1RlVQoY5nX1v8BCYKlrdZuxv1WORD3FIgD14uJCF-HtpYEs3ojwwZXrqFvWV5V8NzT_tFUlUetlBKnC-ual27p9Ik3pCRmVHYnThzDYigAFSqno7Pf_6X-Kp9nVnTZsUkL25IliqJbQ-UhaXY7W-KXWvZqY4IYkfBwCIELcuAti-JVu8IoOcF5_WtV8_yNUgIgWJ3iDAktkvXUN218H_nEuoBJ9vBOhIwY4YWGvZLdItzWV1aJmjPsZ7IMAR-m3EUbv3h9Uwdv3_guFlt4NFZDbnmgRc89zc1ByP8gHBn-bIWfxFyE3wA1ponTyOB3askp4302QDU8mMcm-qB2m23wFcZDbnyBDc1NdIV0yBthb8mRHGS_GXnd5w3R_9dcidaSGm6mormhC7KeGPwROZG8LwNCpYshXElFwHqR-ZKj6W7xOzEZaayv1yHJImHVKo8Djy1kl3Rk0R8Af5UwsuXzQ-bIk-K4VfOz8HGZeienhKdFYbs_5DUzb6FE0IZU5tc7ctmWKL6oEyUiN8FWw-MhXWXUzFpQIu5A29XvkYXQn8UZNu5IsIHxhWFpUicce9mssbaZS-xJG-vblH-DxK-71--3oLTFcPM9wStxBuE-W_iV-Njv63AsLwK0uJ7valz2x4Fz04F0uRl4lWKxjj2EVQX2zzQz5Y3uCahm2T8r8VsxopDEGZbC7D00wx-soECNWxIK-PaDa_s3kQtYrhlc7YXEf5hF7UM1PdaYDbKDrK7Z2b8iyy_NmbiRDU0JNrl88OBpwzlgrfDiCN4_jqsfTTurEa9ij7uXl1Yp_Tm7gsje1bfJbXeKL1byxV1PnDBZL72D3B0D4mF-AmWzLlC-wSsre2Z9ISqwJz4N4yaumcU2YAR1dPxBMAlEAXlfkrPDsQB9W1huoZUxUgLMoqiR_big6l-ETTsGoDlh5KbDfBX9fPvC1eCcAeULgxx8I6nPEz-L9x75PZ2Lb3P_-Dk2SpE6soHw8zIPkNU8b-g&sai=AMfl-YSPvBTFWViAU0RdcizNiAG6LiTbN10f0V-LpUinQbbUnY5zkBMqMQNEVtHbsIHh2_2WC7P3ozdvOc9slLxnRmvFHtLErvyG3wFVqSoKHx_p2F137h38U56pn5_WC4GxKh5CxrEPLAx_WSf1bNMsEDyv1c3AVtZ_1UY44HA7r4WLFKYm4Epu7gSRhkxkNe9xQUslF38MKjW3ty5PKR17166XwFXW34-EHPbLs_A1Hbv4LpVHSTL6FghhCANLVBY-PEKDnx-oitAJv0KYUCjYSrhNb1gq01ra8mNBsIvSLa5_WkMkFwnpqPftkAENVPZdln6iI1ZNewp_0dUvHuku0_cKQt1PnDU6sIP0q7DApGUMs6Bvn23jeT1-7nkHOsPcl_dLK4ufPuKGVNOYBHYUckRVSX9CFI0RNL7i9CtBNN8wT7WYK4xcc5xCxQ9dHLCEICmM9AWbGOzGgKew9wP7i4tsxIoNA-mfm436oNvY&sig=Cg0ArKJSzMnTYTorVd4GEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231011.49179&arae=0&ftch=1&adurl=

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Oct 2023 16:57:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 13 Oct 2023 16:57:27 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5739 41 KB
14 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 12:26:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 5739 3 KB
1 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
URL: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 14:27:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 14:27:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 5739 20 KB
8 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
URL: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 22:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 22:47:03 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5739 42 B
107 B 74ms
73ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A__AFYrFfnASN3RcD8Ov8O7PG0AKNtahxMiFyG7jzXeCAVtr3M4tYXdFWP9o8bKjqg5ChZ304cvdVqZb4XCGXPFcoV-QcfCxe7KXM3nSjkQrZV9dk

Requested by

Host: ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
URL: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5739 187 KB
59 KB 174ms
112ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
URL: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Oct 2023 16:57:27 GMT

GET
H2 200 12727023977688262472
s0.2mdn.net/simgad/ Frame 5739 39 KB
40 KB 39ms
38ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12727023977688262472

Requested by

Host: ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
URL: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41c142f6f40ede98887c7f27aaaa5d3b14c20c8af5a35267f2732cd669d1b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 14:51:45 GMT
x-content-type-options: nosniff
age: 93942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40260
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 12:37:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Oct 2024 14:51:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E496 15 KB
16 KB 122ms
37ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zn.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 530408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 13:37:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E496 15 KB
15 KB 130ms
46ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zn.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 5672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 15:22:55 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5739 0
0 88ms
74ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCMNqSdqQGEef5ROUpM0bw_x7-sMgq2JdKLuBxUeIhG2Teg43IcRXfOpz1i_ySEHBXY4gO1BQyUlF1tDpm1sWLxD24jA2d5l47neWnIoiaMTGK4Uju-vFrje1nhhgJGq6P6F1UKKuqHBejezVUoDGvPt51B1JsvjUPQY8KOVrwBE_Wyo-EEvE8ih-SQI5e4x7rksD8VMxPRrMmkfqrSRdHa1qKblAZJdJsG1T9e0vp2ajP4CoIYxfjs6R0B8rkU4rLbPIxUCV6fbp6AROECffXUtLF6bagXugjpgsQifpMD6-OZZpG26AgotH37xIkmQls_w12U0X9W67CaJV4f1RlVQoY5nX1v8BCYKlrdZuxv1WORD3FIgD14uJCF-HtpYEs3ojwwZXrqFvWV5V8NzT_tFUlUetlBKnC-ual27p9Ik3pCRmVHYnThzDYigAFSqno7Pf_6X-Kp9nVnTZsUkL25IliqJbQ-UhaXY7W-KXWvZqY4IYkfBwCIELcuAti-JVu8IoOcF5_WtV8_yNUgIgWJ3iDAktkvXUN218H_nEuoBJ9vBOhIwY4YWGvZLdItzWV1aJmjPsZ7IMAR-m3EUbv3h9Uwdv3_guFlt4NFZDbnmgRc89zc1ByP8gHBn-bIWfxFyE3wA1ponTyOB3askp4302QDU8mMcm-qB2m23wFcZDbnyBDc1NdIV0yBthb8mRHGS_GXnd5w3R_9dcidaSGm6mormhC7KeGPwROZG8LwNCpYshXElFwHqR-ZKj6W7xOzEZaayv1yHJImHVKo8Djy1kl3Rk0R8Af5UwsuXzQ-bIk-K4VfOz8HGZeienhKdFYbs_5DUzb6FE0IZU5tc7ctmWKL6oEyUiN8FWw-MhXWXUzFpQIu5A29XvkYXQn8UZNu5IsIHxhWFpUicce9mssbaZS-xJG-vblH-DxK-71--3oLTFcPM9wStxBuE-W_iV-Njv63AsLwK0uJ7valz2x4Fz04F0uRl4lWKxjj2EVQX2zzQz5Y3uCahm2T8r8VsxopDEGZbC7D00wx-soECNWxIK-PaDa_s3kQtYrhlc7YXEf5hF7UM1PdaYDbKDrK7Z2b8iyy_NmbiRDU0JNrl88OBpwzlgrfDiCN4_jqsfTTurEa9ij7uXl1Yp_Tm7gsje1bfJbXeKL1byxV1PnDBZL72D3B0D4mF-AmWzLlC-wSsre2Z9ISqwJz4N4yaumcU2YAR1dPxBMAlEAXlfkrPDsQB9W1huoZUxUgLMoqiR_big6l-ETTsGoDlh5KbDfBX9fPvC1eCcAeULgxx8I6nPEz-L9x75PZ2Lb3P_-Dk2SpE6soHw8zIPkNU8b-g&sai=AMfl-YSPvBTFWViAU0RdcizNiAG6LiTbN10f0V-LpUinQbbUnY5zkBMqMQNEVtHbsIHh2_2WC7P3ozdvOc9slLxnRmvFHtLErvyG3wFVqSoKHx_p2F137h38U56pn5_WC4GxKh5CxrEPLAx_WSf1bNMsEDyv1c3AVtZ_1UY44HA7r4WLFKYm4Epu7gSRhkxkNe9xQUslF38MKjW3ty5PKR17166XwFXW34-EHPbLs_A1Hbv4LpVHSTL6FghhCANLVBY-PEKDnx-oitAJv0KYUCjYSrhNb1gq01ra8mNBsIvSLa5_WkMkFwnpqPftkAENVPZdln6iI1ZNewp_0dUvHuku0_cKQt1PnDU6sIP0q7DApGUMs6Bvn23jeT1-7nkHOsPcl_dLK4ufPuKGVNOYBHYUckRVSX9CFI0RNL7i9CtBNN8wT7WYK4xcc5xCxQ9dHLCEICmM9AWbGOzGgKew9wP7i4tsxIoNA-mfm436oNvY&sig=Cg0ArKJSzMnTYTorVd4GEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=73&vt=11&dtpt=72&dett=2&cstd=0&cisv=r20231011.49179&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 13 Oct 2023 16:57:27 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1368 22 KB
8 KB 39ms
36ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 07:38:48 GMT
expires: Sat, 12 Oct 2024 07:38:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C745 13 KB
5 KB 37ms
35ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 14:28:42 GMT
expires: Sat, 12 Oct 2024 14:28:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C273 829 B
999 B 52ms
50ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a126a1de8485ef884b7623d5e80b1af774082847eeff6f1ef01a4f3bca2ee557

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FeLz_uFnPBPZTwAxA4uRPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FeLz_uFnPBPZTwAxA4uRPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 16:57:27 GMT
expires: Fri, 13 Oct 2023 16:57:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 5739 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3d58b12f704e92c4b8a459fcb7700accd5cf822afed91560dac8dfd826f381d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9647
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnJN-_5cf0SV-quKiHkQ4s&google_cver=1

43 B
771 B

28ms
27ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnJN-_5cf0SV-quKiHkQ4s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNX5XJDXP79a2OIkIGWja-bYJnWPghI40bMGIBl10kO8kq6bKchis2F_JtKpxjLTg-yX-FId1iWc04vvS_KHhXjec0EYWRNnmkRntyX4Zl0L4ZOqrF6AifGYYfC_QlHAKKwCl_ecr7999z6Hr18ETSg30Rc0kzSR4iOqUk9Qq2vF6D6uxwU
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyXoCIsWwss9QBQBa4zDN7gtBtsxpdVYqL94sqr9T%2B4oeTsppoxSK5JeOXYecDN%2B%2F6qqu%2BytixERAR4Iv8DWKPDv5jNYNFbLCMSDjLpjblvftHN4HeumfeUdQeB6Ep00Ii0A6rxM%2FE89UA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81591f29db9dbbeb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnJN-_5cf0SV-quKiHkQ4s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9647
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSl292FPZtXpIzuChGQU8QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIf_dtX_tU7BfBI_TsRLkM8&google_cver=1

43 B
736 B

39ms
39ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIf_dtX_tU7BfBI_TsRLkM8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNX5XJDXP79a2OIkIGWja-bYJnWPghI40bMGIBl10kO8kq6bKchis2F_JtKpxjLTg-yX-FId1iWc04vvS_KHhXjec0EYWRNnmkRntyX4Zl0L4ZOqrF6AifGYYfC_QlHAKKwCl_ecr7999z6Hr18ETSg30Rc0kzSR4iOqUk9Qq2vF6D6uxwU
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pg0RigKH6Ng%2FOg43AfLJkMb8Owbi4Ox523rzCMfjdag21t4YxV6z%2Fxsp%2BVXpwMuHQBA%2FlS6t0QET5bvP6GG2jiw8a%2FWjaoE5jrXqkHsAsrbnshqSQ31Ra6ivTjXpcqRYDXhhGZAWfA%2BMsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81591f2a3c1abbeb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIf_dtX_tU7BfBI_TsRLkM8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9647
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdja5kInxjNi7giKX67lnU&google_cver=1

43 B
848 B

14ms
13ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAdja5kInxjNi7giKX67lnU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNX5XJDXP79a2OIkIGWja-bYJnWPghI40bMGIBl10kO8kq6bKchis2F_JtKpxjLTg-yX-FId1iWc04vvS_KHhXjec0EYWRNnmkRntyX4Zl0L4ZOqrF6AifGYYfC_QlHAKKwCl_ecr7999z6Hr18ETSg30Rc0kzSR4iOqUk9Qq2vF6D6uxwU

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
an-x-request-uuid: 3cd62bc2-b449-4f53-9526-1973de0b71bc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.134; 185.213.155.134; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAdja5kInxjNi7giKX67lnU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9647
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0Mzk2NTUwMzgzMTAxNDkyMg%3D%3D

170 B
232 B

47ms
46ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0Mzk2NTUwMzgzMTAxNDkyMg%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
an-x-request-uuid: d1e322ec-3129-4c85-a3c8-50432c2af995
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0Mzk2NTUwMzgzMTAxNDkyMg%3D%3D
x-proxy-origin: 185.213.155.134; 185.213.155.134; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7D84
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnJN-_5cf0SV-quKiHkQ4s&google_cver=1

43 B
730 B

28ms
28ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnJN-_5cf0SV-quKiHkQ4s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXllwEQkt7nuQQYjrmi-QEwAQ&v=APEucNVzEril9YOvTgQ58SikZkYaC595co1htCgQU0UyCgHy3H1vLUZegSM1chUnW5281b20zre6QjAaBPRTekjLMQ22mOar-jMe1Jfq7q0jsWMAljn6FjkW3MyEhsHvjxy72Ge03_hgxcomKHGaybDVzlpviPFp8jqrv03M7xetO5GO0exdOTw
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sc95tMWOnsZpG588P0WPtCfRSu1%2FEcEY1zFv0ybFGL3X72PYFuZq0pUe9vkgqddVCunr2Skx5y46PzoIJSqw0iwwm0Df5jBs9gE18GICq8lZ8MsvJtSz7HImzEuTGfWjmMePyh52kkJJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81591f29dba1bbeb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnJN-_5cf0SV-quKiHkQ4s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7D84
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSl292FPZtXpIzuChGQU8QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIf_dtX_tU7BfBI_TsRLkM8&google_cver=1

43 B
735 B

35ms
35ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIf_dtX_tU7BfBI_TsRLkM8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXllwEQkt7nuQQYjrmi-QEwAQ&v=APEucNVzEril9YOvTgQ58SikZkYaC595co1htCgQU0UyCgHy3H1vLUZegSM1chUnW5281b20zre6QjAaBPRTekjLMQ22mOar-jMe1Jfq7q0jsWMAljn6FjkW3MyEhsHvjxy72Ge03_hgxcomKHGaybDVzlpviPFp8jqrv03M7xetO5GO0exdOTw
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yDududC8100kAvB2mGDpOeZ1G3kjiwkFxvC%2B8B65PblmiriC94RHNm%2F7wyoCajLHUNxhAsEZRuP%2BMdrC2lxIyv1yXA8iV48EfNvcC4Pt1vsQKgv7kHVOdM50QKGqEOzMk3Y%2BMhh5J7Uww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81591f2a2bf8bbeb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIf_dtX_tU7BfBI_TsRLkM8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7D84
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdja5kInxjNi7giKX67lnU&google_cver=1

43 B
848 B

14ms
13ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAdja5kInxjNi7giKX67lnU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXllwEQkt7nuQQYjrmi-QEwAQ&v=APEucNVzEril9YOvTgQ58SikZkYaC595co1htCgQU0UyCgHy3H1vLUZegSM1chUnW5281b20zre6QjAaBPRTekjLMQ22mOar-jMe1Jfq7q0jsWMAljn6FjkW3MyEhsHvjxy72Ge03_hgxcomKHGaybDVzlpviPFp8jqrv03M7xetO5GO0exdOTw

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
an-x-request-uuid: 5638526f-a1d1-4402-a2f5-02d431df754c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.134; 185.213.155.134; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAdja5kInxjNi7giKX67lnU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7D84
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0Mzk2NTUwMzgzMTAxNDkyMg%3D%3D

170 B
243 B

47ms
46ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0Mzk2NTUwMzgzMTAxNDkyMg%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
an-x-request-uuid: a7a9f18c-b5d0-42f1-9c3b-080e7bb7646d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0Mzk2NTUwMzgzMTAxNDkyMg%3D%3D
x-proxy-origin: 185.213.155.134; 185.213.155.134; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1368 38 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 154833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:54 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B86F 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1833800958661&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B86F 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1833800958661&version=m202309260101&ct=77&x=1&cor=7886150875537770000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B86F 16 KB
12 KB 78ms
74ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOOWGw8GqbS9dtZgIRumyIyJHHt7jy9FU4gJW363NXo373PcZMSKc4OuNFQBjb86vHQV7WuPqsg1JOkmQGnVQt84cDZIaXza7BInUKsOhVCjKcD1aHtr6Mz6T8Pmrx3xtwHkwOAgEfWYYxSEX0P5axchU_gQeBkj64IhSbJsQ7pCPzzIo&cry=1&dbm_d=AKAmf-DcSP9oFNNSHiw5kpIEPnfLdPrGJpIZdeu9ANz0T04TksC_CpsZWwK0LV4PNhFIjhGWWmFPKvhzJccHQoWFoLGyxXMmnO4VDTrT0PRynMiy7jmqtkXeQ0zhS-Wh4K3RhA5T1QWoUTHh0lGtVrDGuUzkhLa9XTwwDnxh51K1wNuYxlMPboZBm47BlscDX-5K_qCRi_-Zky5GjNO67CQWbZZ79-2PNnd32wr5P9q_Od6uy8sqa7lH3_c8uKWrHoLy6O4w5EUFZs9n5baM6HZejZc0mbSDrVHGK3kNXsaHbrMLNqsjoC2vKpdTr-FwvuGpFmobwaSocI3FoxTZLP8mg5ZIAzsjMaRUPZHC6ruV2eu7ORc74Dz44iDoYHmogCfl8X3HuhQc5bFD4gvxa1rwMcQOEi3vQrzfpDXmTS6lWAcmfzbzLxZq86aENIwj6KhzTbVfRXuzr3mTJESbWpq2NXWW5OLGTTJ1BVx2yjJzWiiQ8VjYrWjCAtpZLhlIGbyWB2GmB2gS3SCiWl7ZHIX2TB3EpvwQ9HTn5oSLBAdebxolz99iBLwUYL2CrXy1ZekhjxuafA8ZMsjs6Pj8CeE6Omj38IBHDxG5tY3tsxJhUxKuKf5AbMHIUubTx65OAJ1SuVRyw3-zf2E_pCTRLFYr8kmSNty10c2hNY64jJr5bpPfIaqzzJAssX6jwoMyTvErINWwxFVOcbSieSwaF41Qjmw9lpMNRLl_vX8D2SODjIb-uhVq-qVAWM9pYvVghbvdkAAn0UnnyP5JAA2YkiZ2smQqjBBJwsZw5_ljaUhjqrs0dhi9MxXj-Vz82TJ5BiA9IFBxWwDEHzYMiqw_Wwa2QesknJTEAanFnAfSnZPRJ48Q89cKuoouuJqYJlS5Wf55OcN5QkDpMamPGU2EJfGFQHkAFzSdmsv4GSvNbkfcuZeaubpzsiTyJe0rPD3F5hPUg7tf2kVM4fWnm789EwS2RIWLyKWTw2_bmg46rzAyiocQzxiIEiARF6ZT6MIRcqAXVGtGYNpAG6lXhi8mDRHQKTnYZ4rY38c2IxgvLjSQr1TnbZNjD4LhY3A_xvdR62-3Lp44KzuHBuQ0SRPUHtVB0Ctaha5g6M6u1RMuj9tQyL6G9yDW9Y-VPadPVbAmRyapWrrQYyPeRDlgvgi8ArLuDLPZ6WCkgdsFoyGe9L28JYmJEm-2T-ic6kUQfnIf1tVlpcOHlT34rFWE9eNj1okQSdyy36u4_Rx4lWHp22RV_-fvUTuolMY0ftffkzJgmuPpsLzd-39BH1fQNXkK955IVe2gu2BGBJL5kDbyE4QqDFVF1s69qesq0vT_a131hKm_jBIF6iOY8ZIO2ILoI02binvmfi8XVGRdA4Koh_Bp9EBvJ5ppg3mxn3R0yJav6Ox2pbxm7l-6aVmfHD7nPk0NrlmGerzNrwqUy513xMEaLjRpjWWSexmVVQC3N4ak9fWQozGi9wPgKlcUOSknEe0jUc1KkmLlf50wm-051ePwEz_Fe4gwHhrzuyHMo5KL-zO3bFdKRpFtRCKYCI5foLT74oROKoa_4dxDiPCKM89IdBzLTuylrrnbHsIOVm6Cw297xvQg4yVI5nQo69_rhqGDPJTk4337CoBmGxBqvMACzPX9PaKFMJGIx7UM2Bu5bmMUFkko3eYQoJyfuo_ufcgUji0cxLHlaNvVRcVqMElkjj-HaaoVsMM4NkyisR2mWZClC8LejzpgubhOlsgpgcUMQm30qMT7wRwHbar_MqnJv0WmFS_meMWwIXX_dj9YBBDH7U2QrPP-UX-EApIjvPqsXAd47z0XZPFoGxWIWJwUShfADtckDH0rVFWryFmuftpr6ybUFawkzCOj1lVqIrOshiw6dVOEl7zpWnNgWLiiSiK7AKO150_sv2oB7WzFP9D5JDQWsKHialsdOhX4Tays5upfhvaRbjEtk4gNm4Atw9o7Yrw3VOImrBduf6Pu0jaBJLA2rAIqs1ibIfxjizJJvdQyZWJM248Xrh9BxuWvSdreUZtp0L09yQXRxdZePWEWMErMkQAgNyhxJ5-aEF7EPCfvGcrJjTaLGWUG1ct5mhG_ZQkyuglAclVfduOLnYQHdWpuSe1MBPb4Ju792w0wW5L5hdLklkodcNt2Vsj5NjSSPJ6DwE_l2Dghwb56BK6LgI3C3AxdmoQrz1nQ0XI4FUtqD_mbSIWyPGcej3yIAMi0nevdl90WUDnUMjrhCuSw5T5mUSvTl-vguV4ol1EwxHpH587jxPpuyNi3094kUfwpNYKgy-0I5DlKG5uF7886y2nkSFUVw6wkN5ugg55IDVk70sjGyOWHXKP9nCLe50nrRrXGM3cueJK4-THhViPnny0mXCYO-rOUqHkH0CwMnOVW4o3rwmvEko2L8bFTluhhyBTft_xE_KJeMAkP8DkLonBmmZ6a1WiT4TIDsVdlFmqf19U0X0KMP3UogRunZ1efezVS_Xi9t8AK7LjpaIKuBX2-4uY2wC_3rzBiMwX7DLeJ5bLjN5FNcg24UkjGTMuJJg2RL8Aenly1-iLMu5wmmuQwhrOuqi5XBkZ3QT2lbGDj3lTBrJfDcaPBbEkuocXZWp3O_XKUd73e2eSbHL2SSW4ULMVsnZOuF62bbHz9jS3N8TkbFf-UM4hfAOiwWooUPyhrkp025yZHQcM8yjVnz_LW2tZseqXweJ58pEmt_org_QX2C1b2ZkHOeuNl8DlLRzREf_QTnU0dszbecmumydJJzqjPlnAF7TJcsf5dizUwmNyJEQLh_4pVtAvmrXbKmoA7Fe7yOFR_QuqR-xmPpK4IBUHAqU4ezazTXMxMllauqcQ91NsqJLyioPyv5vqXX87TzSkwqqpEQJ7VN5EQBneFiZBKO3E6CIl4ETlSEUPHkjwuXdOq2QBUyeE29m2w1OnulwTR2pzjOhDAMWRM3x8DuJUqKyzvgbTtFlwLlUu3GhQqYujuT0W9H5nFZVnv11X1JgoFYCysoAjKPg-nyKbncABitlekJdluuDOey3UtXmZfejkG2BR8mETFLwXPq_SYcMa3d2HjdgAgipedIQTszkZzU7zorn2K0FaEPrifRTHsBxJp0eoTgNbIEoGhjvFCBSzFatPUf9eHHFnwodS-6_IBCvMO9ifyhLPmYcxe7Fz1TJEHSoie_OBVH73dG7AMp_rowUlIU6OY0ItmI3IJMIrv1d8dnx-C5E2gCKEy7TaswhiEO8Jik5HI-Db4lB1XUYwAMjkR2N3igkWOuNfUez3R4xOjQ3ZkhiOCSK4RVqV_g8DFW5zLEfkI6CVmti52jpskQ3pIYCfrKe_2noLw0Gf2thKbpV5TkPxj-7Xk6dL2HD1nX3QuVaH1799n4WKwSBBWlILQ11GCzopJ9EY2BLKvGr9_Qj48pYeAjP13agGHKf7zghZg-dm4_xrh00Cnm8i4FdTwqncOO-7QJh0gjR_Bfh55f4o8acvkIdKeGeHuaXue5fqvWqY6W9teqjMrCGMIiO8NR9oGKOtEZNjyftLLc_684yNfGGWJnrB2vazE2TMe179oqyN148EdZIf9rlrlYIRoedylaYR3R8EyB145tsLVTP4ozpYZJwI7mr-RcHc2lfEcogoLikNeGbK1tfysKtEOKZmGoxZoyqlcp2SqJvEzBcTWidriuGP4B6JO-UAQiLciaq2KyJiTOTDtgDMZuvCfJjzCNemMnftLLALgrgfTYxUOPdhg6ql5PC8Hwt5EXMwq6syXAOpCmZmYlNRoswqahRcFDfRQRWnFKil_A4ENebY7PLwUhVqqvN9JL5WJ22-40rfghRjQmvqS0SspTQFeO5cGSXzlVShGByZiTsN8v4DWLpRN_Rfyz0qXttdNgu9OzPMTYYjegDUvLFF8Snh4cuJQ8Zdq_SUeYfBdsKbxyEME4H-lzIfnVYFjmU8CEddYVL7_3J5T06i-AV3ZVx85jKLZcJc0IIC8HFPQxN0i6w6-8NY7aqNHS4inkiBHD0VTXLcHvtZvmFhu6GYbMSLuQrx-r6f4EBMZcOKfB45RBIzLuNCmJxYO8bXSLGOljlImlO0PECI2bclXQosfNc0JeWr0nWVMKOmdZv-zvdp9ejh_W2ZwwnuvObgzdOUzRbxIcSmVuGClHEfnBClRnaWHbKrqgLEtxUdMv3hqghwHlu7gmg2lPYTWdsIomvWdEDvoTl6kcvMHB3sjXinfMWcrfaTDyGeZnTSsvFIazhjAcGvUY6ubJ0hUluIDbGePloEW-rXt0fnTexbZ5DDeuvrkh1Pj3T23v8TJOaiCPrYJiN3XS84a_N-qafW025KspBVWE7PWjrY5Iie-xDwc_7Hlle5gv898bxrAShdOIFdRU9NN60hYF44wuNaWEarEMcnTor6EJgkKpawIOJY1_GOo376tq2UGWKi4x-Xg6Waeyz3GPuzdzQmhqR1cqGsgh7foetZoGw_1rdmOmC-B84blmYKW67dy2uBgRc2c&cid=CAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fzn.ua%2F&ds=l&xdt=1&iif=1&cor=7886150875537770000&adk=1761367587&idt=227&cac=0&dtd=29

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2019c4e4315e2fb25c4fbe8e77c33c6d5e30c23c177995632871d4310c5e800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E496 0
0 85ms
84ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7GRR9nYpZc2fFNCn9u8Pr9WWkAiav-ahc4-2_sbZEYjx0M6fPxABIIie-50BYJXikIKgB6AB6f31zwPIAQngAgCoAwHIAwqqBPUCT9DrO3K_HQqzAkcRhyFSsqOv4LWq36lB4x2OYRYHPV-VNW15F5sunBnUbGxUM6Vm_nIj2GNirlI3HAB7aLMFa_3BZMsQGH5ET-wN_14qOEpRkjqMMAUonNRXWr-s5NEFiHtRh7H0TSIZ7mA_Eonc97yrVQ7ml8nqvwTrpfYgZIN5p0W91tp7K9zFnYcZeR6vaG7C1AKCLziquGMXLafNbLEeOk679XBGHHl9QxMsVSbST-D2zCaMxqiPXGJFXcatyp5C117urq7FmAaqcLtHiocU93SF4N05o1Yff8ppM9CYRVaSzfCL1WJdSm2LEheK-KwnHJ7KAPPp5KYZStaayVJo0-Pc0bDKY0n6nSmkwOWRr9BcBhafB9pHtS0QPZsBJecyrfQet-Vu8gxfnpBLRZP0PEQiq4lK3H-y1UNwjhXl6WcTp7jiS_AK4EyBddaUfuhasH5CgcHLfyj6WxaSaFE6lM6FnBKL7nUL3b_TVz7yMd5qp8AE4IPL9c4E4AQBiAWM59WCTJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeKmsScAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMHUCtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCTtodHRwczovL3NlYXJjaGZhdm9yaXRlcy5uZXQvaW5kZXgucGhwP3JnaWQ9NjkzMjUwJnN1Yj1nY2xpZIAKA8gLAeINEwj22N2bv_OBAxXQk_0HHa-qBYK4E-QD2BMM0BUBgBcBshceChwIABIUcHViLTU1MTU5NjE1MzgwMzc5MTQYz-kj&sigh=O4xkkc0PxWA&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7C70 0
0 80ms
80ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdeJF9nYpZdSfFNCn9u8Pr9WWkAiav-ahc4-2_sbZEYjx0M6fPxABIIie-50BYJXikIKgB6AB6f31zwPIAQHgAgCoAwHIAwiqBPYCT9AH5fIc2yhTuOnj4o1xyy6s6NNKrVBCjdEK6m_DIIQwcoYvCBnGk5Wx4jXiYgjNrUHdwcE9Rslw5C4JUhHamMhwa2tZCorhzCVJceJcHE51I37y_-XUO0kM2MMwIX5O2Bw9uA6HVEfY0eIEHL7jjo0eMWCaC9Jo8LURV2yWFVYnGbS9SbdOx9RQNukHVxcaObxVgSzOXCme_Y3rxFLuvu39gpABG1m-vqMGlXXFUMe_GJnHaW7EAryHuOHaOZK4MYSS1F4uL4mIml2i2Lnawq3C4endt_qJ4jtXf3ZO4O0sCRqrCnw0440DXjqIq1pPL9dtYtpKreojvUWmLxcH7F4dEDzGHyeFTyVb4wLtsJc28iSjHWTA_nZZEROCbET8n8T6Vg__vZoty2oqpKBcxLQmS0Kp7FjgtIwSCk6mXBS9rIr5qHcxsy61-8IQy-DNLZIlbz6K35FdASO3P3rGrdIfjUwxUTz3wqADyVx8ZGEIUuB23aXABOCDy_XOBOAEAYgFjOfVgkySBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHiprEnAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDmugnSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgk7aHR0cHM6Ly9zZWFyY2hmYXZvcml0ZXMubmV0L2luZGV4LnBocD9yZ2lkPTY5MzI1MCZzdWI9Z2NsaWSACgPICwHiDRMI_tjdm7_zgQMV0JP9Bx2vqgWC2BMM0BUBgBcBshceChwIABIUcHViLTU1MTU5NjE1MzgwMzc5MTQYz-kj&sigh=A-qS0BaXsGE&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame C745 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:44:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Oct 2024 16:44:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C273 0
0 71ms
71ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310100101&jk=1875069853756377&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B86F 41 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOOWGw8GqbS9dtZgIRumyIyJHHt7jy9FU4gJW363NXo373PcZMSKc4OuNFQBjb86vHQV7WuPqsg1JOkmQGnVQt84cDZIaXza7BInUKsOhVCjKcD1aHtr6Mz6T8Pmrx3xtwHkwOAgEfWYYxSEX0P5axchU_gQeBkj64IhSbJsQ7pCPzzIo&cry=1&dbm_d=AKAmf-DcSP9oFNNSHiw5kpIEPnfLdPrGJpIZdeu9ANz0T04TksC_CpsZWwK0LV4PNhFIjhGWWmFPKvhzJccHQoWFoLGyxXMmnO4VDTrT0PRynMiy7jmqtkXeQ0zhS-Wh4K3RhA5T1QWoUTHh0lGtVrDGuUzkhLa9XTwwDnxh51K1wNuYxlMPboZBm47BlscDX-5K_qCRi_-Zky5GjNO67CQWbZZ79-2PNnd32wr5P9q_Od6uy8sqa7lH3_c8uKWrHoLy6O4w5EUFZs9n5baM6HZejZc0mbSDrVHGK3kNXsaHbrMLNqsjoC2vKpdTr-FwvuGpFmobwaSocI3FoxTZLP8mg5ZIAzsjMaRUPZHC6ruV2eu7ORc74Dz44iDoYHmogCfl8X3HuhQc5bFD4gvxa1rwMcQOEi3vQrzfpDXmTS6lWAcmfzbzLxZq86aENIwj6KhzTbVfRXuzr3mTJESbWpq2NXWW5OLGTTJ1BVx2yjJzWiiQ8VjYrWjCAtpZLhlIGbyWB2GmB2gS3SCiWl7ZHIX2TB3EpvwQ9HTn5oSLBAdebxolz99iBLwUYL2CrXy1ZekhjxuafA8ZMsjs6Pj8CeE6Omj38IBHDxG5tY3tsxJhUxKuKf5AbMHIUubTx65OAJ1SuVRyw3-zf2E_pCTRLFYr8kmSNty10c2hNY64jJr5bpPfIaqzzJAssX6jwoMyTvErINWwxFVOcbSieSwaF41Qjmw9lpMNRLl_vX8D2SODjIb-uhVq-qVAWM9pYvVghbvdkAAn0UnnyP5JAA2YkiZ2smQqjBBJwsZw5_ljaUhjqrs0dhi9MxXj-Vz82TJ5BiA9IFBxWwDEHzYMiqw_Wwa2QesknJTEAanFnAfSnZPRJ48Q89cKuoouuJqYJlS5Wf55OcN5QkDpMamPGU2EJfGFQHkAFzSdmsv4GSvNbkfcuZeaubpzsiTyJe0rPD3F5hPUg7tf2kVM4fWnm789EwS2RIWLyKWTw2_bmg46rzAyiocQzxiIEiARF6ZT6MIRcqAXVGtGYNpAG6lXhi8mDRHQKTnYZ4rY38c2IxgvLjSQr1TnbZNjD4LhY3A_xvdR62-3Lp44KzuHBuQ0SRPUHtVB0Ctaha5g6M6u1RMuj9tQyL6G9yDW9Y-VPadPVbAmRyapWrrQYyPeRDlgvgi8ArLuDLPZ6WCkgdsFoyGe9L28JYmJEm-2T-ic6kUQfnIf1tVlpcOHlT34rFWE9eNj1okQSdyy36u4_Rx4lWHp22RV_-fvUTuolMY0ftffkzJgmuPpsLzd-39BH1fQNXkK955IVe2gu2BGBJL5kDbyE4QqDFVF1s69qesq0vT_a131hKm_jBIF6iOY8ZIO2ILoI02binvmfi8XVGRdA4Koh_Bp9EBvJ5ppg3mxn3R0yJav6Ox2pbxm7l-6aVmfHD7nPk0NrlmGerzNrwqUy513xMEaLjRpjWWSexmVVQC3N4ak9fWQozGi9wPgKlcUOSknEe0jUc1KkmLlf50wm-051ePwEz_Fe4gwHhrzuyHMo5KL-zO3bFdKRpFtRCKYCI5foLT74oROKoa_4dxDiPCKM89IdBzLTuylrrnbHsIOVm6Cw297xvQg4yVI5nQo69_rhqGDPJTk4337CoBmGxBqvMACzPX9PaKFMJGIx7UM2Bu5bmMUFkko3eYQoJyfuo_ufcgUji0cxLHlaNvVRcVqMElkjj-HaaoVsMM4NkyisR2mWZClC8LejzpgubhOlsgpgcUMQm30qMT7wRwHbar_MqnJv0WmFS_meMWwIXX_dj9YBBDH7U2QrPP-UX-EApIjvPqsXAd47z0XZPFoGxWIWJwUShfADtckDH0rVFWryFmuftpr6ybUFawkzCOj1lVqIrOshiw6dVOEl7zpWnNgWLiiSiK7AKO150_sv2oB7WzFP9D5JDQWsKHialsdOhX4Tays5upfhvaRbjEtk4gNm4Atw9o7Yrw3VOImrBduf6Pu0jaBJLA2rAIqs1ibIfxjizJJvdQyZWJM248Xrh9BxuWvSdreUZtp0L09yQXRxdZePWEWMErMkQAgNyhxJ5-aEF7EPCfvGcrJjTaLGWUG1ct5mhG_ZQkyuglAclVfduOLnYQHdWpuSe1MBPb4Ju792w0wW5L5hdLklkodcNt2Vsj5NjSSPJ6DwE_l2Dghwb56BK6LgI3C3AxdmoQrz1nQ0XI4FUtqD_mbSIWyPGcej3yIAMi0nevdl90WUDnUMjrhCuSw5T5mUSvTl-vguV4ol1EwxHpH587jxPpuyNi3094kUfwpNYKgy-0I5DlKG5uF7886y2nkSFUVw6wkN5ugg55IDVk70sjGyOWHXKP9nCLe50nrRrXGM3cueJK4-THhViPnny0mXCYO-rOUqHkH0CwMnOVW4o3rwmvEko2L8bFTluhhyBTft_xE_KJeMAkP8DkLonBmmZ6a1WiT4TIDsVdlFmqf19U0X0KMP3UogRunZ1efezVS_Xi9t8AK7LjpaIKuBX2-4uY2wC_3rzBiMwX7DLeJ5bLjN5FNcg24UkjGTMuJJg2RL8Aenly1-iLMu5wmmuQwhrOuqi5XBkZ3QT2lbGDj3lTBrJfDcaPBbEkuocXZWp3O_XKUd73e2eSbHL2SSW4ULMVsnZOuF62bbHz9jS3N8TkbFf-UM4hfAOiwWooUPyhrkp025yZHQcM8yjVnz_LW2tZseqXweJ58pEmt_org_QX2C1b2ZkHOeuNl8DlLRzREf_QTnU0dszbecmumydJJzqjPlnAF7TJcsf5dizUwmNyJEQLh_4pVtAvmrXbKmoA7Fe7yOFR_QuqR-xmPpK4IBUHAqU4ezazTXMxMllauqcQ91NsqJLyioPyv5vqXX87TzSkwqqpEQJ7VN5EQBneFiZBKO3E6CIl4ETlSEUPHkjwuXdOq2QBUyeE29m2w1OnulwTR2pzjOhDAMWRM3x8DuJUqKyzvgbTtFlwLlUu3GhQqYujuT0W9H5nFZVnv11X1JgoFYCysoAjKPg-nyKbncABitlekJdluuDOey3UtXmZfejkG2BR8mETFLwXPq_SYcMa3d2HjdgAgipedIQTszkZzU7zorn2K0FaEPrifRTHsBxJp0eoTgNbIEoGhjvFCBSzFatPUf9eHHFnwodS-6_IBCvMO9ifyhLPmYcxe7Fz1TJEHSoie_OBVH73dG7AMp_rowUlIU6OY0ItmI3IJMIrv1d8dnx-C5E2gCKEy7TaswhiEO8Jik5HI-Db4lB1XUYwAMjkR2N3igkWOuNfUez3R4xOjQ3ZkhiOCSK4RVqV_g8DFW5zLEfkI6CVmti52jpskQ3pIYCfrKe_2noLw0Gf2thKbpV5TkPxj-7Xk6dL2HD1nX3QuVaH1799n4WKwSBBWlILQ11GCzopJ9EY2BLKvGr9_Qj48pYeAjP13agGHKf7zghZg-dm4_xrh00Cnm8i4FdTwqncOO-7QJh0gjR_Bfh55f4o8acvkIdKeGeHuaXue5fqvWqY6W9teqjMrCGMIiO8NR9oGKOtEZNjyftLLc_684yNfGGWJnrB2vazE2TMe179oqyN148EdZIf9rlrlYIRoedylaYR3R8EyB145tsLVTP4ozpYZJwI7mr-RcHc2lfEcogoLikNeGbK1tfysKtEOKZmGoxZoyqlcp2SqJvEzBcTWidriuGP4B6JO-UAQiLciaq2KyJiTOTDtgDMZuvCfJjzCNemMnftLLALgrgfTYxUOPdhg6ql5PC8Hwt5EXMwq6syXAOpCmZmYlNRoswqahRcFDfRQRWnFKil_A4ENebY7PLwUhVqqvN9JL5WJ22-40rfghRjQmvqS0SspTQFeO5cGSXzlVShGByZiTsN8v4DWLpRN_Rfyz0qXttdNgu9OzPMTYYjegDUvLFF8Snh4cuJQ8Zdq_SUeYfBdsKbxyEME4H-lzIfnVYFjmU8CEddYVL7_3J5T06i-AV3ZVx85jKLZcJc0IIC8HFPQxN0i6w6-8NY7aqNHS4inkiBHD0VTXLcHvtZvmFhu6GYbMSLuQrx-r6f4EBMZcOKfB45RBIzLuNCmJxYO8bXSLGOljlImlO0PECI2bclXQosfNc0JeWr0nWVMKOmdZv-zvdp9ejh_W2ZwwnuvObgzdOUzRbxIcSmVuGClHEfnBClRnaWHbKrqgLEtxUdMv3hqghwHlu7gmg2lPYTWdsIomvWdEDvoTl6kcvMHB3sjXinfMWcrfaTDyGeZnTSsvFIazhjAcGvUY6ubJ0hUluIDbGePloEW-rXt0fnTexbZ5DDeuvrkh1Pj3T23v8TJOaiCPrYJiN3XS84a_N-qafW025KspBVWE7PWjrY5Iie-xDwc_7Hlle5gv898bxrAShdOIFdRU9NN60hYF44wuNaWEarEMcnTor6EJgkKpawIOJY1_GOo376tq2UGWKi4x-Xg6Waeyz3GPuzdzQmhqR1cqGsgh7foetZoGw_1rdmOmC-B84blmYKW67dy2uBgRc2c&cid=CAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fzn.ua%2F&ds=l&xdt=1&iif=1&cor=7886150875537770000&adk=1761367587&idt=227&cac=0&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 12:26:28 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame B86F 12 KB
4 KB 52ms
12ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1697216246331731&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChGXV9nYpZdOfFNCn9u8Pr9WWkAim5b2gab2TnKfJD_AuEAEgiJ77nQFgleKQgqAHyAEJqQIo5zLYNqWxPqgDAcgDmwSqBJYCT9C1mDR1nmid6l-Z-Bhdyr_xwX42Guj-x5vNBiLCmh5RlZJPN1e2kxDX2ScvcB1-AZtf_6XCRRPmBNTBiU5XfXT8QlZft-hVze3EUrMvU5G2qTA72z3PKPpjzix6jfAGKCT_D-uUxbLOBa8XBR_ldt8LqczyKPBdvWuvCv_nH6ZcboGhvvY7imT_EXltwqhoH6pgtnyoaTQs6Y9MYvE53PhIiZhB0h1CdacQGzjfqFhk10w5lXgRPJp6ucRGMzU02xbv_a9TfSz1DCOVUBZjqmIvGKXVnSAh2xzn1AUaovBB9nOr9txlJQsBbWbCCnU_UxWcNolf31Lr7IKIatJXlVbNuioJkwapI5Y5oVgKfekDi3sRvTLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAeINEwj92N2bv_OBAxXQk_0HHa-qBYKwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI0_Lgm7_zgQMV0JP9Bx2vqgWCEAEYASAAEgIKuvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB%26sig%3DAOD64_37iAtBY0ibLgLXFQ6tDC5ONh7DyA%26client%3Dca-pub-8369123401073978%26dbm_c%3DAKAmf-D_WOdN-DUPDkUMkPCZetrH4gBd69Ao2aNL0_wIyLOZUf6HobGaelJDLTRo3xcsU3NzDq4qIFhlYJR5tDMd3fwawGd0XFXhKY6AvnJNPTR4nYJtD1IC2swe18yZQjM_4wUm5AVhxqA2PlP5bmc1vbYFpIa70UKuZVYT1AH2F2VPeRRndus%26cry%3D1%26dbm_d%3DAKAmf-BGVSESh9Jx9eaBg0m11p5txcLSZ5wn00qNZ7qHT2i3HTvCh3lemXGVIf18XtP1s0PjmN5JJyx6pP6BN4m1XsVepIoPq1j2oPveuBKiASgh_TZ1gD5b7b6mc0ot1Z_EpIN_aZSlMXEcX4NDpht60nBu2_sNnexTrWzDmrMPaGNuFBXKfWuOIrISONnd7_Xa3dJ59CsGHqxX9XHOrSK9qYo3rFsVWwsQ2l1aPUCve6kIRVx7aKjCkNExijSQRHYp6sRAShKlGdOrOKGRzqZNHx9btubr_ffAYQeJuEwgZwFRamWlELtOr5RawN-WDtebCfYhKOEEihr6qeTW10hhxyrrRfW1pZPIsWJ29InxqZcxlmX3UrJwyOB_AuTV0T1ozWuDI2o_5sRyAAmyzFIqEQ1Hb29rfAOopIdi3aTYMXcbrYGPCUiGKtkoORiT8C2w8HcigU4kgu4SmtECCDEbuvz-XprlpWj-pm-fH0OTmA77Gf0gSUyMSBgXhqZV3SCfhz5Z5FPHjXBDMwUMbGExVSxcyx7C980vSM8Qy2EMW4Qu66a9L3Szsmm1vgDkq65x3VlLdiLGb-sl1AYErFZ5JOYD11NMy_E8Kt-FjP_zRWgSwGvgpE0IWRjHq9xKpkjL6SBOQ7oSYOUcJnTw9UggfQwS4C2oMg%26adurl%3D
Requested by: Host: ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
URL: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 0ad112d74d959749e407fb632d8efb34d124b85fec07f45e303ca3f9c815c1ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:57:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4357
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9D44 22 KB
8 KB 36ms
35ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 07:38:48 GMT
expires: Sat, 12 Oct 2024 07:38:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900028.redintelligence.net/ Frame B86F
Redirect Chain

https://hal900028.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a008a75b13&subid=&uid=1470d53721bc324d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900028.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a008a75b13&subid=&uid=1470d53721bc324d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

111ms
88ms

Script
application/x-javascript

88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a008a75b13&subid=&uid=1470d53721bc324d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChGXV9nYpZdOfFNCn9u8Pr9WWkAim5b2gab2TnKfJD_AuEAEgiJ77nQFgleKQgqAHyAEJqQIo5zLYNqWxPqgDAcgDmwSqBJYCT9C1mDR1nmid6l-Z-Bhdyr_xwX42Guj-x5vNBiLCmh5RlZJPN1e2kxDX2ScvcB1-AZtf_6XCRRPmBNTBiU5XfXT8QlZft-hVze3EUrMvU5G2qTA72z3PKPpjzix6jfAGKCT_D-uUxbLOBa8XBR_ldt8LqczyKPBdvWuvCv_nH6ZcboGhvvY7imT_EXltwqhoH6pgtnyoaTQs6Y9MYvE53PhIiZhB0h1CdacQGzjfqFhk10w5lXgRPJp6ucRGMzU02xbv_a9TfSz1DCOVUBZjqmIvGKXVnSAh2xzn1AUaovBB9nOr9txlJQsBbWbCCnU_UxWcNolf31Lr7IKIatJXlVbNuioJkwapI5Y5oVgKfekDi3sRvTLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAeINEwj92N2bv_OBAxXQk_0HHa-qBYKwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI0_Lgm7_zgQMV0JP9Bx2vqgWCEAEYASAAEgIKuvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB%26sig%3DAOD64_37iAtBY0ibLgLXFQ6tDC5ONh7DyA%26client%3Dca-pub-8369123401073978%26dbm_c%3DAKAmf-D_WOdN-DUPDkUMkPCZetrH4gBd69Ao2aNL0_wIyLOZUf6HobGaelJDLTRo3xcsU3NzDq4qIFhlYJR5tDMd3fwawGd0XFXhKY6AvnJNPTR4nYJtD1IC2swe18yZQjM_4wUm5AVhxqA2PlP5bmc1vbYFpIa70UKuZVYT1AH2F2VPeRRndus%26cry%3D1%26dbm_d%3DAKAmf-BGVSESh9Jx9eaBg0m11p5txcLSZ5wn00qNZ7qHT2i3HTvCh3lemXGVIf18XtP1s0PjmN5JJyx6pP6BN4m1XsVepIoPq1j2oPveuBKiASgh_TZ1gD5b7b6mc0ot1Z_EpIN_aZSlMXEcX4NDpht60nBu2_sNnexTrWzDmrMPaGNuFBXKfWuOIrISONnd7_Xa3dJ59CsGHqxX9XHOrSK9qYo3rFsVWwsQ2l1aPUCve6kIRVx7aKjCkNExijSQRHYp6sRAShKlGdOrOKGRzqZNHx9btubr_ffAYQeJuEwgZwFRamWlELtOr5RawN-WDtebCfYhKOEEihr6qeTW10hhxyrrRfW1pZPIsWJ29InxqZcxlmX3UrJwyOB_AuTV0T1ozWuDI2o_5sRyAAmyzFIqEQ1Hb29rfAOopIdi3aTYMXcbrYGPCUiGKtkoORiT8C2w8HcigU4kgu4SmtECCDEbuvz-XprlpWj-pm-fH0OTmA77Gf0gSUyMSBgXhqZV3SCfhz5Z5FPHjXBDMwUMbGExVSxcyx7C980vSM8Qy2EMW4Qu66a9L3Szsmm1vgDkq65x3VlLdiLGb-sl1AYErFZ5JOYD11NMy_E8Kt-FjP_zRWgSwGvgpE0IWRjHq9xKpkjL6SBOQ7oSYOUcJnTw9UggfQwS4C2oMg%26adurl%3D&documentReferer=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fzn.ua&random=5106349066658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
URL: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: aa126833d286164d2ae625d09ee75655bbd516f0edc5572340be7877b24fa348

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Oct 2023 16:57:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 29404900102827804444994012476028
Connection: close
Content-Length: 1359
Expires: Fri, 13 Oct 2023 17:57:27 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 13 Oct 2023 16:57:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a008a75b13&subid=&uid=1470d53721bc324d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChGXV9nYpZdOfFNCn9u8Pr9WWkAim5b2gab2TnKfJD_AuEAEgiJ77nQFgleKQgqAHyAEJqQIo5zLYNqWxPqgDAcgDmwSqBJYCT9C1mDR1nmid6l-Z-Bhdyr_xwX42Guj-x5vNBiLCmh5RlZJPN1e2kxDX2ScvcB1-AZtf_6XCRRPmBNTBiU5XfXT8QlZft-hVze3EUrMvU5G2qTA72z3PKPpjzix6jfAGKCT_D-uUxbLOBa8XBR_ldt8LqczyKPBdvWuvCv_nH6ZcboGhvvY7imT_EXltwqhoH6pgtnyoaTQs6Y9MYvE53PhIiZhB0h1CdacQGzjfqFhk10w5lXgRPJp6ucRGMzU02xbv_a9TfSz1DCOVUBZjqmIvGKXVnSAh2xzn1AUaovBB9nOr9txlJQsBbWbCCnU_UxWcNolf31Lr7IKIatJXlVbNuioJkwapI5Y5oVgKfekDi3sRvTLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAeINEwj92N2bv_OBAxXQk_0HHa-qBYKwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI0_Lgm7_zgQMV0JP9Bx2vqgWCEAEYASAAEgIKuvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB%26sig%3DAOD64_37iAtBY0ibLgLXFQ6tDC5ONh7DyA%26client%3Dca-pub-8369123401073978%26dbm_c%3DAKAmf-D_WOdN-DUPDkUMkPCZetrH4gBd69Ao2aNL0_wIyLOZUf6HobGaelJDLTRo3xcsU3NzDq4qIFhlYJR5tDMd3fwawGd0XFXhKY6AvnJNPTR4nYJtD1IC2swe18yZQjM_4wUm5AVhxqA2PlP5bmc1vbYFpIa70UKuZVYT1AH2F2VPeRRndus%26cry%3D1%26dbm_d%3DAKAmf-BGVSESh9Jx9eaBg0m11p5txcLSZ5wn00qNZ7qHT2i3HTvCh3lemXGVIf18XtP1s0PjmN5JJyx6pP6BN4m1XsVepIoPq1j2oPveuBKiASgh_TZ1gD5b7b6mc0ot1Z_EpIN_aZSlMXEcX4NDpht60nBu2_sNnexTrWzDmrMPaGNuFBXKfWuOIrISONnd7_Xa3dJ59CsGHqxX9XHOrSK9qYo3rFsVWwsQ2l1aPUCve6kIRVx7aKjCkNExijSQRHYp6sRAShKlGdOrOKGRzqZNHx9btubr_ffAYQeJuEwgZwFRamWlELtOr5RawN-WDtebCfYhKOEEihr6qeTW10hhxyrrRfW1pZPIsWJ29InxqZcxlmX3UrJwyOB_AuTV0T1ozWuDI2o_5sRyAAmyzFIqEQ1Hb29rfAOopIdi3aTYMXcbrYGPCUiGKtkoORiT8C2w8HcigU4kgu4SmtECCDEbuvz-XprlpWj-pm-fH0OTmA77Gf0gSUyMSBgXhqZV3SCfhz5Z5FPHjXBDMwUMbGExVSxcyx7C980vSM8Qy2EMW4Qu66a9L3Szsmm1vgDkq65x3VlLdiLGb-sl1AYErFZ5JOYD11NMy_E8Kt-FjP_zRWgSwGvgpE0IWRjHq9xKpkjL6SBOQ7oSYOUcJnTw9UggfQwS4C2oMg%26adurl%3D&documentReferer=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fzn.ua&random=5106349066658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 13 Oct 2023 17:57:27 +0200

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1368 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxIpr9nYpZd2fFNCn9u8Pr9WWkAgAAAAAOAHgBAI&bg=!j4yljMPNAAZy-tsgUvo7ADQBe5WfOGBlH_Gs_MbS2oOPU32VnYr1FE1mKEQMcQPzL-Vcv1gTbFpSNm15QaxNU2-HbDWYAgAAAHlSAAAABWgBB5kDKTqN0kJD_87fxvzZcOllgcPYApQ1dPrJWwmCVwMOeLr6D4iVfnyMPeQgeFWQcnbRuxjIkqrw3gtEN91M5nb1el9R643xZ_YE3tNjgP4ua62JbCzrqZJjAfNlQAkHUEc8idl3ZXk57guhYD-842FdO4zDW5sn-OCXdIJggZ7DS3FJ1ahB7otNlJumrCZ8NQj7N8zXg8fNkQQBCIXLU5F_acV-gDesi7oLivUQDIIc30hJgJrs7w-qrz-UWzDCn_Htdk41sTxFveXwtnOrk0xgetkEqX1vvpLSp6T9U_8ZPNUs9ddZYGj_q52iblKu1rUYMRveOWz5VEKw6bY23XFpl5ztvEmHR2GR1jrI3jwImhJ3zNC94DGpO4tT9Vv053XaqO7Nl_vOx7rOh8P0Q2MjZ3pS6lz71wIxFlIitaE5mKPDOoiJ1hWs_YHkl5b4GtQYKXZ0EtwbWVF9mOEuk-23pL6kvSQQhtmpVURFzN03O9O4bmaSyAsN_qul9yUffwd3CMj39WdnuFF5oRVRZCj-altDT4yaHkZCqKeq3Zml1m5EYIRDVw6NAts94ro6tTlYN3aAmPp2naob-geX1TUGM_vxzTlLeCSY4Z1xv97jHRntCpgEcwJD0sPl_sotANU_kVquvbjHnDnv47DAAS5uFTsfWgTySYGxn9NenxHXEKoVgZFM8GPU_F2T1rBa9257CYzHuoH3qr952vwlOjQO4X3LoBfmGVVAsUyrFA3TbdjfXDi3GTBJVxOHEES14I3ct3OGJF_ijJpoVo1RxHEUn48tvBhecEpZda27KiZ6UmzLUi70uqyatSNEM3letrMScnheRUoskcHMwOfIp2nV5aJcLe0VAgea7G0zLHjFf1V4hbjHxDg2YUj6bNubu3nfZoyzjylnn3tiU2cMA55t3fq-Dn8zIykcAPG43tcP0N7UbXdygWYaAcvqbFZfajroXAKQd22lY7WRvRei5C2MkuvSLxvQ54zL7s9-QRpYqVrQ5jbzkuRKDj7S41ndsb3jnFv2MbPBrWzeGxtD7CgpOZ3dpQVzOtFnk6M_tZWZi3uQHythrWbloDUT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D44 38 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 154833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C745 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kNXmuQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 7E14 0
465 B 213ms
143ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=29404900102827804444994012476028&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a008a75b13&subid=&uid=1470d53721bc324d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChGXV9nYpZdOfFNCn9u8Pr9WWkAim5b2gab2TnKfJD_AuEAEgiJ77nQFgleKQgqAHyAEJqQIo5zLYNqWxPqgDAcgDmwSqBJYCT9C1mDR1nmid6l-Z-Bhdyr_xwX42Guj-x5vNBiLCmh5RlZJPN1e2kxDX2ScvcB1-AZtf_6XCRRPmBNTBiU5XfXT8QlZft-hVze3EUrMvU5G2qTA72z3PKPpjzix6jfAGKCT_D-uUxbLOBa8XBR_ldt8LqczyKPBdvWuvCv_nH6ZcboGhvvY7imT_EXltwqhoH6pgtnyoaTQs6Y9MYvE53PhIiZhB0h1CdacQGzjfqFhk10w5lXgRPJp6ucRGMzU02xbv_a9TfSz1DCOVUBZjqmIvGKXVnSAh2xzn1AUaovBB9nOr9txlJQsBbWbCCnU_UxWcNolf31Lr7IKIatJXlVbNuioJkwapI5Y5oVgKfekDi3sRvTLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAeINEwj92N2bv_OBAxXQk_0HHa-qBYKwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI0_Lgm7_zgQMV0JP9Bx2vqgWCEAEYASAAEgIKuvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB%26sig%3DAOD64_37iAtBY0ibLgLXFQ6tDC5ONh7DyA%26client%3Dca-pub-8369123401073978%26dbm_c%3DAKAmf-D_WOdN-DUPDkUMkPCZetrH4gBd69Ao2aNL0_wIyLOZUf6HobGaelJDLTRo3xcsU3NzDq4qIFhlYJR5tDMd3fwawGd0XFXhKY6AvnJNPTR4nYJtD1IC2swe18yZQjM_4wUm5AVhxqA2PlP5bmc1vbYFpIa70UKuZVYT1AH2F2VPeRRndus%26cry%3D1%26dbm_d%3DAKAmf-BGVSESh9Jx9eaBg0m11p5txcLSZ5wn00qNZ7qHT2i3HTvCh3lemXGVIf18XtP1s0PjmN5JJyx6pP6BN4m1XsVepIoPq1j2oPveuBKiASgh_TZ1gD5b7b6mc0ot1Z_EpIN_aZSlMXEcX4NDpht60nBu2_sNnexTrWzDmrMPaGNuFBXKfWuOIrISONnd7_Xa3dJ59CsGHqxX9XHOrSK9qYo3rFsVWwsQ2l1aPUCve6kIRVx7aKjCkNExijSQRHYp6sRAShKlGdOrOKGRzqZNHx9btubr_ffAYQeJuEwgZwFRamWlELtOr5RawN-WDtebCfYhKOEEihr6qeTW10hhxyrrRfW1pZPIsWJ29InxqZcxlmX3UrJwyOB_AuTV0T1ozWuDI2o_5sRyAAmyzFIqEQ1Hb29rfAOopIdi3aTYMXcbrYGPCUiGKtkoORiT8C2w8HcigU4kgu4SmtECCDEbuvz-XprlpWj-pm-fH0OTmA77Gf0gSUyMSBgXhqZV3SCfhz5Z5FPHjXBDMwUMbGExVSxcyx7C980vSM8Qy2EMW4Qu66a9L3Szsmm1vgDkq65x3VlLdiLGb-sl1AYErFZ5JOYD11NMy_E8Kt-FjP_zRWgSwGvgpE0IWRjHq9xKpkjL6SBOQ7oSYOUcJnTw9UggfQwS4C2oMg%26adurl%3D&documentReferer=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fzn.ua&random=5106349066658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
content-length: 0
content-type: application/javascript; charset=utf-8
date: Fri, 13 Oct 2023 16:57:27 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: B9D59B86:8BC4_91EFC182:01BB_652976F7_6F9A76:1193D

GET
H2 200 / Show response
adv.office-partner.de/ Frame ED93 930 B
931 B 90ms
15ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a008a75b13&subid=&uid=1470d53721bc324d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChGXV9nYpZdOfFNCn9u8Pr9WWkAim5b2gab2TnKfJD_AuEAEgiJ77nQFgleKQgqAHyAEJqQIo5zLYNqWxPqgDAcgDmwSqBJYCT9C1mDR1nmid6l-Z-Bhdyr_xwX42Guj-x5vNBiLCmh5RlZJPN1e2kxDX2ScvcB1-AZtf_6XCRRPmBNTBiU5XfXT8QlZft-hVze3EUrMvU5G2qTA72z3PKPpjzix6jfAGKCT_D-uUxbLOBa8XBR_ldt8LqczyKPBdvWuvCv_nH6ZcboGhvvY7imT_EXltwqhoH6pgtnyoaTQs6Y9MYvE53PhIiZhB0h1CdacQGzjfqFhk10w5lXgRPJp6ucRGMzU02xbv_a9TfSz1DCOVUBZjqmIvGKXVnSAh2xzn1AUaovBB9nOr9txlJQsBbWbCCnU_UxWcNolf31Lr7IKIatJXlVbNuioJkwapI5Y5oVgKfekDi3sRvTLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAeINEwj92N2bv_OBAxXQk_0HHa-qBYKwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI0_Lgm7_zgQMV0JP9Bx2vqgWCEAEYASAAEgIKuvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB%26sig%3DAOD64_37iAtBY0ibLgLXFQ6tDC5ONh7DyA%26client%3Dca-pub-8369123401073978%26dbm_c%3DAKAmf-D_WOdN-DUPDkUMkPCZetrH4gBd69Ao2aNL0_wIyLOZUf6HobGaelJDLTRo3xcsU3NzDq4qIFhlYJR5tDMd3fwawGd0XFXhKY6AvnJNPTR4nYJtD1IC2swe18yZQjM_4wUm5AVhxqA2PlP5bmc1vbYFpIa70UKuZVYT1AH2F2VPeRRndus%26cry%3D1%26dbm_d%3DAKAmf-BGVSESh9Jx9eaBg0m11p5txcLSZ5wn00qNZ7qHT2i3HTvCh3lemXGVIf18XtP1s0PjmN5JJyx6pP6BN4m1XsVepIoPq1j2oPveuBKiASgh_TZ1gD5b7b6mc0ot1Z_EpIN_aZSlMXEcX4NDpht60nBu2_sNnexTrWzDmrMPaGNuFBXKfWuOIrISONnd7_Xa3dJ59CsGHqxX9XHOrSK9qYo3rFsVWwsQ2l1aPUCve6kIRVx7aKjCkNExijSQRHYp6sRAShKlGdOrOKGRzqZNHx9btubr_ffAYQeJuEwgZwFRamWlELtOr5RawN-WDtebCfYhKOEEihr6qeTW10hhxyrrRfW1pZPIsWJ29InxqZcxlmX3UrJwyOB_AuTV0T1ozWuDI2o_5sRyAAmyzFIqEQ1Hb29rfAOopIdi3aTYMXcbrYGPCUiGKtkoORiT8C2w8HcigU4kgu4SmtECCDEbuvz-XprlpWj-pm-fH0OTmA77Gf0gSUyMSBgXhqZV3SCfhz5Z5FPHjXBDMwUMbGExVSxcyx7C980vSM8Qy2EMW4Qu66a9L3Szsmm1vgDkq65x3VlLdiLGb-sl1AYErFZ5JOYD11NMy_E8Kt-FjP_zRWgSwGvgpE0IWRjHq9xKpkjL6SBOQ7oSYOUcJnTw9UggfQwS4C2oMg%26adurl%3D&documentReferer=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fzn.ua&random=5106349066658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 13 Oct 2023 16:57:27 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 20 Oct 2023 16:57:27 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame B86F 2 KB
2 KB 173ms
85ms Script
text/html 18.170.8.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=29404900102827804444994012476028&nw=1
Requested by: Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.8.157 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-8-157.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 94ad27283b063383d4f5fcd40b02f158ac0c88305e6c4ecd311bdcee21229306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:27 GMT
last-modified: Fri, 13 Oct 2023 16:57:27 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 13 Oct 2023 16:58:27 GMT

GET
H2

200

activityi;dc_pre=CIbXvJy_84EDFVQMogMdBrMFqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4071267935282.4497 Show response
5994599.fls.doubleclick.net/ Frame 3D2B
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4071267935282.4497?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIbXvJy_84EDFVQMogMdBrMFqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4071267935282.4497?

392 B
327 B

87ms
84ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CIbXvJy_84EDFVQMogMdBrMFqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4071267935282.4497?

Requested by

Host: zn.ua
URL: https://zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

71dbbe0bd63d9f8498b28eda68081853246486b4d0c526c650e3413bfaf92092

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 16:57:28 GMT
expires: Fri, 13 Oct 2023 16:57:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 16:57:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIbXvJy_84EDFVQMogMdBrMFqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4071267935282.4497?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900028.redintelligence.net/ Frame 10AC 7 KB
2 KB 34ms
12ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request_content.php?s=29404900102827804444994012476028&a=e1453eea
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a008a75b13&subid=&uid=1470d53721bc324d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChGXV9nYpZdOfFNCn9u8Pr9WWkAim5b2gab2TnKfJD_AuEAEgiJ77nQFgleKQgqAHyAEJqQIo5zLYNqWxPqgDAcgDmwSqBJYCT9C1mDR1nmid6l-Z-Bhdyr_xwX42Guj-x5vNBiLCmh5RlZJPN1e2kxDX2ScvcB1-AZtf_6XCRRPmBNTBiU5XfXT8QlZft-hVze3EUrMvU5G2qTA72z3PKPpjzix6jfAGKCT_D-uUxbLOBa8XBR_ldt8LqczyKPBdvWuvCv_nH6ZcboGhvvY7imT_EXltwqhoH6pgtnyoaTQs6Y9MYvE53PhIiZhB0h1CdacQGzjfqFhk10w5lXgRPJp6ucRGMzU02xbv_a9TfSz1DCOVUBZjqmIvGKXVnSAh2xzn1AUaovBB9nOr9txlJQsBbWbCCnU_UxWcNolf31Lr7IKIatJXlVbNuioJkwapI5Y5oVgKfekDi3sRvTLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAeINEwj92N2bv_OBAxXQk_0HHa-qBYKwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI0_Lgm7_zgQMV0JP9Bx2vqgWCEAEYASAAEgIKuvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB%26sig%3DAOD64_37iAtBY0ibLgLXFQ6tDC5ONh7DyA%26client%3Dca-pub-8369123401073978%26dbm_c%3DAKAmf-D_WOdN-DUPDkUMkPCZetrH4gBd69Ao2aNL0_wIyLOZUf6HobGaelJDLTRo3xcsU3NzDq4qIFhlYJR5tDMd3fwawGd0XFXhKY6AvnJNPTR4nYJtD1IC2swe18yZQjM_4wUm5AVhxqA2PlP5bmc1vbYFpIa70UKuZVYT1AH2F2VPeRRndus%26cry%3D1%26dbm_d%3DAKAmf-BGVSESh9Jx9eaBg0m11p5txcLSZ5wn00qNZ7qHT2i3HTvCh3lemXGVIf18XtP1s0PjmN5JJyx6pP6BN4m1XsVepIoPq1j2oPveuBKiASgh_TZ1gD5b7b6mc0ot1Z_EpIN_aZSlMXEcX4NDpht60nBu2_sNnexTrWzDmrMPaGNuFBXKfWuOIrISONnd7_Xa3dJ59CsGHqxX9XHOrSK9qYo3rFsVWwsQ2l1aPUCve6kIRVx7aKjCkNExijSQRHYp6sRAShKlGdOrOKGRzqZNHx9btubr_ffAYQeJuEwgZwFRamWlELtOr5RawN-WDtebCfYhKOEEihr6qeTW10hhxyrrRfW1pZPIsWJ29InxqZcxlmX3UrJwyOB_AuTV0T1ozWuDI2o_5sRyAAmyzFIqEQ1Hb29rfAOopIdi3aTYMXcbrYGPCUiGKtkoORiT8C2w8HcigU4kgu4SmtECCDEbuvz-XprlpWj-pm-fH0OTmA77Gf0gSUyMSBgXhqZV3SCfhz5Z5FPHjXBDMwUMbGExVSxcyx7C980vSM8Qy2EMW4Qu66a9L3Szsmm1vgDkq65x3VlLdiLGb-sl1AYErFZ5JOYD11NMy_E8Kt-FjP_zRWgSwGvgpE0IWRjHq9xKpkjL6SBOQ7oSYOUcJnTw9UggfQwS4C2oMg%26adurl%3D&documentReferer=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fzn.ua&random=5106349066658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 63ec6f567a4da4bd34a006df7120358bd72be1d6b2f764ee61b5584167f30900

Request headers

Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2124
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Oct 2023 16:57:27 GMT
Expires: Fri, 13 Oct 2023 17:57:27 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame B86F
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29404900102827804444994012476028&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29404900102827804444994012476028&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
481 B

128ms
105ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29404900102827804444994012476028&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
URL: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:27 GMT
strict-transport-security: max-age=15768000
server: nginx
host: pv.medialead.de
x-iplb-request-id: B9D59B86:8BE6_91EFC182:01BB_652976F7_705056:19773
x-iplb-instance: 40028
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29404900102827804444994012476028&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Fri, 13 Oct 2023 16:57:27 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H2 200 impression.php
t23.intelliad.de/ Frame B86F 43 B
559 B 72ms
13ms Image
image/gif 18.185.8.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1697216247&co=
Requested by: Host: ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
URL: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.8.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-8-23.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
server: Apache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type: image/gif
cache-control: no-store, no-cache, max-age=0, must-revalidate
content-length: 43
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B86F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e64981b08d5a20ea3bc26fef4c294c04a7861b9e91fe7c7509403c1d2871c668

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D44 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B29Yp93YpZZTlEpjc7_UPhP2D4AoAAAAAOAHgBAI&bg=!ZmWlZSrNAAZy-tsgUvo7ADQBe5WfOE5vMCfo6cM9FZJktGRlHI2gAXb1My4NnNb65m9wNBI0BIogD0wMxI-NN8nwaWf4AgAAAFhSAAAABGgBB5kDlQ9NyfulKGi0Hm-4IQm8auCeLbtNE0z8C86sa-S31yWFmL10pTGQHEfQI4SbVB-456Pq1jd69WF_9_yWSskDsNTmsp54gAWxKc6Gp9XD5ddJdMInpx_L5GAesFnhb1MXSoggtNVgvxIc4VNbaAzjD9EXU2y-QmHuNDf0d8YnD2RTKMqnJz2d0xrgpkWu-hbcAXv8E2CKFe_g_Gs3x3k4Uz08nLdQDNB2iinyKoRtVkwFr2bZfp8f9uVOgWeW1FvVRSO-I8841jfiFKVmvKKSYkejXmiaeBwf60qfEzp_dyCI6wkQfTnsTn8eJtaEWotm5noC7YdiC18KDKlE5qGhkl-7Le0Ja49oqOe2cCLlf45nMGdsWnXyMCgkmR6U5nXVQs2xG8QTHT3paFPa2iG3bcfsGh39zsxxWG7ngofGGFvKfG0DgAzvUfZ0raPl2fGcMcOubq6--v8Un0QsEmmnVgK1ycOKgqin0YkQWYdZCfSq---KfVW4DxJu7Iw14ZB9Fco_JYnEXZtB6J3AVQeuq8z8jzkBBOCawYdel8rZ73LwyVJv0tph1yQQi8TrySZXrng8ghvNcLoUVWOsTOymNWYdPaNLcQy4WSZfoa7N6AUXGwLs1LsH6Scz2iwPtY7aJs80dFm-5pDLYpjqyjRiN6wYuejMFUj7ZV11OwDyXXXI9oyPk4rdlyXmIe76IrjWzpCiWEGQGzn7G3mjssF6kqzqsgxTCxSGsUY3Ggu6ogf2jbkjcc6v4bgAJKMkMhSJp6XZo7exWCkdwskORZb-4FzwupWefzAqo51dxLys6PDZ2qD-3m_wRwRXs7Aaq11jVW8eKawStFKOW8CkssG8WUczhuNZwe-ARotoijxfzY4KlHhk8s-ued1rNGmCBA9IhQ8usrfKoQ9tmpT9mWkr9Tlbbk9a-KlUYHnKR3cBu-8h369KlXPKwSWhc9CCXHGXv7sqyAvuNwoAQKTqyHIG3NglBQyosIWIQzFQXWh-YlcmY5XHHsw-zWo7XjpwgS2yMit1a_YohjzP5sTyKia_Thih5Dxbkdo_wvIHgkL9ze7vBKcqZIFI0QKy9aqR-uBh43KL-h5GtJUlefDleFTYt2WOeL72-UCVsZrP_pM86q4tiQ6uS3AxKs-5Ra5zhayXmarWGyFPZL83NjpHrbuyy41sMU433FzeWBQsd3N63CyY9LxUmcMigIMxxO5Rf8EhqbOQt_SX

Requested by

Host: ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
URL: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 10AC 5 KB
778 B 46ms
44ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=29404900102827804444994012476028&a=e1453eea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Oct 2023 16:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 16:10:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Oct 2023 16:57:27 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 10AC 17 KB
17 KB 160ms
136ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=29404900102827804444994012476028&a=e1453eea
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 04fb594133adcb42782c05a2690dcb2f102c0cffaf8cd54a04e5c6014742de95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:57:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16985
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 10AC 16 KB
16 KB 37ms
13ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=29404900102827804444994012476028&a=e1453eea
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: ef788e7c69e8429263783a631c53ffa617052c1fd6cb441393bf83a6d3b5446d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:57:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16514
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 10AC 10 KB
10 KB 37ms
13ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_1200x627px.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=29404900102827804444994012476028&a=e1453eea
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 79b9dd338a4696cf8509616b088e1b25a89ff909496d4c4c7d44a6dde817dee0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:57:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10144
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame 10AC 0
150 B 35ms
12ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=29404900102827804444994012476028&a=d0c9b7bb&vb=m
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=29404900102827804444994012476028&a=e1453eea
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=29404900102827804444994012476028&a=e1453eea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:57:27 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame ED93 173 KB
62 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c3903e2b87bc0fd0540d2436d2d6437c326720dc294341fca4053ea86713587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63274
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Oct 2023 16:57:27 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 10AC 14 KB
15 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900028.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 582761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 23:04:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 10AC 15 KB
15 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900028.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 47786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 03:41:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame ED93 271 KB
90 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fc439e7a7592a686c65fd26a5bf470275c1deb43df83db001b046549b5f3dbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:57:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 13 Oct 2023 16:57:27 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame B86F 52 KB
18 KB 342ms
15ms Script
text/javascript 18.65.39.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=29404900102827804444994012476028&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-98.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 10:03:47 GMT
content-encoding: gzip
via: 1.1 19f569e782b5b925c41d8bc4e292cc7a.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 14:06:37 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 42331
etag: W/"2c13a74e288a2942ad3d2af9bad52cdf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: gE5dexoIelGj9qg741BQ8_rp7n_AUzFQpQph6nouVIcnaSSjZUyiaA==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame B86F 3 KB
3 KB 340ms
14ms Image
image/png 18.239.50.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1697216547&Signature=NxabZejmuwzAIf1pQX2iLGk4T87hjoKwfLN~fg~utbhXTo~eXTUBFRS1jw9Zgg6bG51I4Pmfb2cPdKMKKLtTzeSuQ4lNq0DeGpMEhgnKfIDH-1K5tG5YV4M8OKlDSEEh6B1PtsMNRcIMW7W51zbBLuD3lT6lLM0WW81xTS0x2EtDl6EQuh8PVqdl69MZ3NFtmBIGIY7dvtf6Xh41iXD7IJGSttOiWmPSavZiN5KrZmEVy2g7Kh8~kQJ11ySaNNUGEbrhLRQPD6LElCqzcLwMvahQ17kaw7Ya8iyLFGBg8qiVd6WBv-RA~j2lku4VI5dZF6vLhGarWFrVSAl87xFhXA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
URL: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-115.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 06:09:25 GMT
x-amz-version-id: null
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 38884
etag: "4e57de0506fbdb487ffcd53b450caee1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: l0b-h_8xKKRs7YMsZiVdDGXncCRh2cMgJ64nFue7yjgbLyIV3aCe6g==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
79ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310100101&jk=1875069853756377&bg=!Xl2lXRLNAAbFpEfJ5aQ7ADQBe5WfOBEDhPEVAuARSMUHcNyuxal7L0y0jZXUYVpI3HVIHukQdLVfJr7iwj5jZ-YYs9R8AgAAAG5SAAAAB2gBB5kC7MG0BniEVH1CWOEKXNi4Qt-V197zP5jvG2GuxPfA6jCjxEK0wusPLN_YxgzZd0czl_6MIwmHc96TQKW75GVswmAS3Yt-Ci4FKymsk64Ngvr_FVJKaSN6RtxCfj1J-jN9bukXscagFIA2o4sy4RQDLsP-m-d-c4jF6r83kBUTzjvPq_DfBfGpoTZAmYqRdQ99u2lY-0lPB3Foh8wqXg2GhDSv2AeuWMppphIbCVUBKH_rpwOMsVIkt2EQHa8KiNijFGNFrE8TpCran7FHRexG97W_TY60TtkZV8p5ANHhB0E4xk9u8akmkOufe7gu0wKp5hmH4zD7yjE2gLfG4QcPdAebMkPSC87XuDkUNGpY4fpuB8nuUcYTk2G_P6P6PLac-IcIEO8WQYzif71P8xv0ZLo12enAytVnCNkV7NS58aiFwfrpcS2JZBqE4uTH0lWOFSPZeUk2exeOnJBzLZfpaLvb8ZObOxQmdOS_r5MQYNu7QzedKvm_gNe_KnFf_vBNPPdoaiKf380QPtAVmtXSwmMh30mi0H3wfERSHM4KPlKT9Da-GuQ5zWH1Sy_zkGRkCK51LW00pWDc3MwHyfkH5G3pVt7dvRIL7elHV8OtJ2TKPGZFmlgoBaJpwbZQhaJ88LUVpWgSi2bKHU-wWiHNH1P60zUM5489S-YufpOxP7G7h0j-ZpxVF4L-bz9P5oNlYsSNInZQtztoMfRlJfsPLM9dW22zOdLHs7Q_LMU93dmEO0dxN14DV2DNpKfLMbHNQgKPTWgCX0k_uc5FzGkcA99HwQ2EgrgtY4dlgl9_75cqbf8HgIg-y4uE0MyiKCWGCXFJkeAD7ahxolBDeSV4SlQceiP7cVInqG5lPllyKQTl-8vQYc4VNdLyrsIMWt8A9bnRxy28RowAZXIJvPRL-Dq3zJTG_w-bnOfugDsTdOajQgHLRAfR4u9UdECqfxyec34sSCYSRw-QiMOlUG-hHpnkYeSatzO7p3tT0DA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 dc_pre=CIbXvJy_84EDFVQMogMdBrMFqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4071267935282.4497
adservice.google.com/ddm/fls/z/ Frame 3D2B 42 B
401 B 154ms
75ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIbXvJy_84EDFVQMogMdBrMFqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4071267935282.4497

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIbXvJy_84EDFVQMogMdBrMFqg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4071267935282.4497?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5739 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEs2jrVEA5unRMqbpmUAN-MiW05lVhVH7GiYEjJBQjXYrn4tj_YGE44QD79b7tFcIwy9EeMLqbioaE6v0sUT-_-43sJQadwQLcTIXKSosFFOWUlC7o0RkS7rRv-bj3SWFRKXko0oB0evSq&sai=AMfl-YT8J2Tu0XitW_RgMTVeK98K2ENT1DQ1cpRAWcmOvNr9sN8N4N4xC3oL1j9Dz4Q84hK0eDqvqX3d3DT_r9SxTvmLRf_744Uuhf6dvjmvWRUrRjotG_wGjw3UbsVfPpPMMydFtINoXZ1J6AQd&sig=Cg0ArKJSzJdxuMrtlMieEAE&cid=CAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB&id=lidar2&mcvt=1001&p=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2594685451&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697216246961&rpt=365&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7C70 42 B
64 B 75ms
74ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudUAG-eq_0CfyYCIH7NXhSphF7wqNNQyU0YRjGL7J1Jov6cVz-dQAf-jg7EnXbHuJpQ_9KLuaMDvbG8lOlZW8orhxuguxDDI_eAM37ZceSareBAc4tkJUPTFgvxEfSLTTUOIAoiNgOm8Xx&sai=AMfl-YS3HvSPP8YOTdOiODQCji-xopPir3Br84glvDQlrsdnKhVKTM7Gva-j9i2KNMsWX5TuuBMozdzZtfTlNxgnEVCh1LXKmZiToNWzv-wn53QsSWpmrQyQSZAV8aV-ADqELL53HKYnEup2Zxt-&sig=Cg0ArKJSzIYY8iijsj_GEAE&cid=CAQSSwDICaaNOY6vm3EBnP8-Yw0AYdreEfaVuhlrUPuxyKSahfuSATnKeBrpi9AD3crftm8AHF94u5gE5GxeTz4QmLOkud6qr8RjqFTLKBgB&id=ampim&o=1141,144&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=431&tls=1431&g=100&h=100&tt=1431&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 107ms
19ms Preflight 13.43.175.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.43.175.127 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-43-175-127.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 13 Oct 2023 16:57:28 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame B86F 16 B
209 B 64ms
64ms Fetch
application/json 13.43.175.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.43.175.127 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-43-175-127.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Oct 2023 16:57:29 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B86F 0
20 B 72ms
71ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1833800958661&version=m202309260101&ct=77&x=1&cor=7886150875537770000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 19ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5BRSB4FRED&gtm=45je3ab0&_p=266032395&cid=775695239.1697216246&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1697216245&sct=1&seg=0&dl=https%3A%2F%2Fzn.ua%2Fukr%2Fwar%2Fu-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv%2F&dt=%D0%9E%D0%B1%D1%81%D1%82%D1%80%D1%96%D0%BB%20%D0%9D%D1%96%D0%BA%D0%BE%D0%BF%D0%BE%D0%BB%D1%8F%20-%20%D0%BF%D0%BE%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%BE%20%D0%B4%D0%B2%D0%BE%D1%85%20%D1%80%D1%8F%D1%82%D1%83%D0%B2%D0%B0%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D1%96%D0%B2%20-%20ZN.ua&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5BRSB4FRED
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zn.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:57:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
zn.ua/ukr/war/u-nikopoli-pid-chas-povtornoho-obstrilu-rosijani-poranili-dvokh-rjatuvalnikiv	1969-12-31 23:59:59	Name: b Value: b
.zn.ua/	1970-01-21 01:02:56	Name: vs Value: b76a9e2ce0fd04b7025345d397917ffb
zn.ua/	1970-01-20 15:28:22	Name: bn_membrana_reviewed Value: 1229
.hit.ua/	1970-01-21 01:02:56	Name: uid Value: 3972405575.1697216245.4027634231
.zn.ua/	1970-01-21 00:12:32	Name: ym_long_lasting_session_id Value: 891467058210
.zn.ua/	1970-01-21 01:02:56	Name: _ga Value: GA1.2.775695239.1697216246
.zn.ua/	1970-01-20 15:28:22	Name: _gid Value: GA1.2.819789474.1697216246
.zn.ua/	1970-01-20 15:26:56	Name: _gat_gtag_UA_3006560_33 Value: 1
server.smartytech.io/	1970-01-21 00:13:58	Name: uid Value: 82b50bed-1160-46a5-9da7-54018b51322d
a4p.adpartner.pro/	1970-01-20 16:53:20	Name: apuid Value: 7e2be0c3-9ffb-4eb2-ab9c-e2859d816e80
.onaudience.com/	1970-01-21 00:12:32	Name: cookie Value: 58006e9ccf632ddc
.onaudience.com/	1970-01-20 15:28:22	Name: done_redirects147 Value: 1
.zn.ua/	1970-01-21 00:48:32	Name: __gads Value: ID=688c469e2ef1acf0:T=1697216246:RT=1697216246:S=ALNI_MbuzgJEQwT2Synv0xpSer7PBuJ9dw
.zn.ua/	1970-01-21 00:48:32	Name: __gpi Value: UID=00000c978de04c82:T=1697216246:RT=1697216246:S=ALNI_MYE0qFZCUskqctosMPvwrOVss1mCQ
.zn.ua/	1970-01-21 01:02:56	Name: _ga_5BRSB4FRED Value: GS1.1.1697216245.1.0.1697216246.59.0.0
.doubleclick.net/	1970-01-21 00:48:32	Name: IDE Value: AHWqTUmtRXP1rkxR6VOkAKYSvMp2kUx6G0TXVwTlHftoYP2luOIkFBU6a8JiNBJcqnk
.adnxs.com/	1970-01-20 17:36:32	Name: uuid2 Value: 4943965503831014922
.casalemedia.com/	1970-01-21 00:12:32	Name: CMID Value: ZSl292FPZtXpIzuChGQU8QAA
.casalemedia.com/	1970-01-20 17:36:32	Name: CMPS Value: 3208
.casalemedia.com/	1970-01-20 17:36:32	Name: CMPRO Value: 3208
.adnxs.com/	1970-01-20 17:36:32	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In@uCB77!]tbPl1M>e)ZlrFUfJ+tGXxoP<qm`$`Z(t<UA%Q:LH^sBV@dT9[822>=6<Ho3If)y3KL9D3I?--Tt'>?
.doubleclick.net/	1970-01-20 19:46:08	Name: APC Value: AfxxVi4lp3bMWdMoPEW2HG23SSoEjHI_s-oWo8eglBWvsCt7ouu_Ew
.redintelligence.net/	1970-01-20 17:36:32	Name: 8lcfmzhxc8d6_uid Value: fd54ef918111b660
.t23.intelliad.de/	1970-01-20 17:50:56	Name: iact Value: 0001EF664CBC4B147BD99CE29A44BB377AEF
.t23.intelliad.de/	1970-01-20 17:50:56	Name: iaimp_42842 Value: 1697216247:42842:100:137:101:248:101:2023101316572774528709473679f6
.office-partner.de/	1970-01-21 01:02:56	Name: source Value: {"webgains_webgains":{"timestamp":1697216247869,"clickCookie":false}}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a4p.adpartner.pro
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
c.amazon-adsystem.com
c.hit.ua
ca4b5228328bebd55a271379efbf4a87.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.membrana.media
cdn.track.production.webgains.team
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
hal9000.redintelligence.net
hal900028.redintelligence.net
ib.adnxs.com
imasdk.googleapis.com
kinesis.us-east-2.amazonaws.com
match.adsrvr.org
medialead.de
membrana-cdn.media
pagead2.googlesyndication.com
pixel.onaudience.com
pv.medialead.de
region1.analytics.google.com
s0.2mdn.net
securepubads.g.doubleclick.net
server.smartytech.io
stats.g.doubleclick.net
t23.intelliad.de
tpc.googlesyndication.com
track.webgains.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
ym-tack.b-cdn.net
zn.ua
104.18.27.193
13.43.175.127
141.94.171.212
142.250.186.162
145.239.193.130
146.59.110.145
172.217.18.6
18.170.8.157
18.185.8.23
18.239.50.115
18.65.39.98
185.89.210.20
2001:4860:4802:32::36
2001:4860:4802:36::178
216.58.206.34
2400:52e0:1e00::1082:1
2400:52e0:1e00::722:1
2606:4700:3030::ac43:9a5a
2606:4700::6810:5614
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:400c:c06::9d
2a03:2880:f084:10d:face:b00c:0:2
2a0b:4d07:101::1
3.15.36.78
3.33.220.150
51.83.220.94
52.222.208.154
88.99.165.19
89.184.81.35
91.218.212.13
94.23.99.218
99.86.4.39
0372e9e592ae80152fbec08e51df31a20c9aa49cfda17f9a585fe1338ae85e18
0434b256be543691428aa936a4e854a6312bf4061b16b6d22203c61fc7f45a76
04fb594133adcb42782c05a2690dcb2f102c0cffaf8cd54a04e5c6014742de95
05d57a77002e6b32591d8ea71e5814d7f8f133bf121b44e7f2841a218096f261
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
087a3b2b9c7bce486f28d28f71e590a92fdb5702e7f56db221bcca3002dff00f
0ad112d74d959749e407fb632d8efb34d124b85fec07f45e303ca3f9c815c1ae
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b
0d2f19363612cfe8c5f8bc4f58cce29db0263f4ff0d0151186e0da3ee5f7b3c9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
1b4eb65dbdc19aec43a5798199e6c06d6648936e251b3965fad7137f6dc8d134
1c3903e2b87bc0fd0540d2436d2d6437c326720dc294341fca4053ea86713587
1d6474aca23751d36527610637bceff92ee4620f709e05dcf725a69e79a73b42
20260673f24e4100f0ede6bc919b4d38b31b587d26fe06e36ab8e76e43bdcd4b
2060077bd731e5532e89b2a0a84af61e9f8759dc3177f7bec0f0254ef2dbf954
20ab9eda712b60e9f7fc2c4ef2ef2661c593ad8364489ad3b7ab669b663ad748
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
2a514431cbec190325ad3d75ecc857dca3dfb9407090b3aabd0c6a64b5a162cd
2d7baf36b8f7d741531d2e8755086e6d5930a7b72e35bf0d617477eb8a84ff40
2ddf36382f1222811a4c2382a4c8f6eeb513b600fc66a065fae12edc96c94a12
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
359501180b779548ad4e1ca74f38b08474350c38bed64ad69b278837d179e792
35c1a6ae87efaec3767bf434cf5154411e97cd64fb9969667eb8575b400fc6cc
35fccc04b246dd0a782a707b2437ee552e605d3e573d344d80e082f1aea5a4e6
36651c9cc2fe9ac82dcb198a92a38e63ba6104e5070729cb9af0e643666c5d9f
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3fe0574900e2c4eb4b587e8a37ce88d1918326debb4c70e73a48aac40dacb1b2
426a54009853d3963f25cef9772bd5ea506050acdf5d5cf35345ac8a426403f7
43be74711ecdcbdef115a331ac4aa595db8b4fb94c716835070ac5254eb413dd
43f4198deae083fb29aded1389e37b1e0014cd40033821676de2004f4dbce569
452a44e815d8098d377f4d8102ad9b2f47d629c943c8f4853ea0c0235ea8c09b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
473056457318cc0b32cad6b76f7e269ea7f6e3f55f84bae5ec33853503238029
479a52faa72664b9318911a1f3cd1a082dd169090b9bf688fbf54981a7544f3d
47aefa28218dcc6208b959765326f00325dc4deadb2284f45d8a9c47395bca39
4868c1110a6c693c651533ed086a32e2d281e85394ae6a14b4028c228f3b640f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e92760be1225a35ab31794b9682fbcb6072b1eddb39e475c73b19009efec229
4f07e78f48b93bcea6daf1e52d20273d383c14504c10be6c7df04de0fb95e335
4f928733b66be2f5fc09279cbb04005f453b4f24088c55440f690497ce013e99
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
517bc6086408f4de8eb448f58574b9faa771c95de9b1dbb1e9c144da5153a6b6
51906a46cedc27ed5e349475e3bf0eb36d464f0e642eaad0f3d430f5f89af2bf
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5592ad11c9602028561e12b5d951d8928b9ef7676e9a3b5e91b1a05e28d47678
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568947c14d67ce73d6b9be0122be4cb035f641227e6dc584332243bcd08f0ad3
56e852a11b709e61ad947b2a575ad63efc7f5088ca7c18c73f1c3dc7518f7bad
57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63ec6f567a4da4bd34a006df7120358bd72be1d6b2f764ee61b5584167f30900
648def3c93d008e2b5521a0e24533de01f3b02190390fc84e49a4c0f44fcc690
650115e8722b6ddaf49f747300950a591a7090bfbf6eae8d570d33ddabee8691
65c0ae1dafeff2eed02b817d34e7ad87ca9996c401d6fbb7b1018dfedbbbaaf3
65d22832c4f8e7133bc1e1f828a7f63fa463d2ccc27f8c8d57ae908d86576de1
6736aa8bcc1dd09e5cd679651d7fe92ab6421004cf6d1bc2decc922f6aba2a72
68734e554a4bed47e46730f9ebc2009bde03bb2ba61154eeb008c211c2f15844
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
705a66f3d9ba6d0c0ae1184fbe67ed1b3c66cbc5db742c3a8ee72916f00ff9bc
71dbbe0bd63d9f8498b28eda68081853246486b4d0c526c650e3413bfaf92092
7201b9e5f807d20627f60122c4584d79952560148274251260b7d8da8f4bd1dd
7444945e18f61c3067915672b55591657061e7c0636e84ac2ddda66604b43f32
761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
783779b4b1007b9c2b2557ff8542693703aff2b14f5f9b2d3dccd973e5efb1c9
79b9dd338a4696cf8509616b088e1b25a89ff909496d4c4c7d44a6dde817dee0
7ac355904c2c4a945cf94483532ee05acc93669ad7f82b4e14c52056af496271
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d1e28fbcfac83728f11b9deadcf4a7ee296bb7276d35ef66e90625d2d33c07f
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7f905bfe55a0dc3b952c907ccf022460d41b1cc87e77ffc413af4d11c67a524e
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
8011a28355d5987a70eb6ff537d4e9b4b18817fe93e231cda448b5e629fd9f71
8282cb2491c39ecc88efd40ffbbb85969e72c25aa7c756eb97da100822f2fae2
83c555d4932a8c9783cf35f89e22b35c0125070bed843664cacfd10fdf303fd9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
893e48a98f99e087947c04b2147ea76bbcd3987d3a6ad85c09f8159233ddce48
8b33725dac29a96e8e2a1856d3574e0b31c3fce9d317f1ed228364d4a7fd53f0
8bf241517f10115d2b4aa3169e2dd883bd7496a58b83d2af8ad558f9011506ce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93f68199484a5982f48fbf5441697eb4abb5d55745e3c29ba2f5de66a6999272
94ad27283b063383d4f5fcd40b02f158ac0c88305e6c4ecd311bdcee21229306
94ecc29da944ec5d2eee063f5c607212fbbd0d7f8a084d54f1c8ffe41a2b680c
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9e45b63d80a1565e05da3a20e1be385a4b0a7481d199e71516df84a650da57fd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a126a1de8485ef884b7623d5e80b1af774082847eeff6f1ef01a4f3bca2ee557
a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d
aa126833d286164d2ae625d09ee75655bbd516f0edc5572340be7877b24fa348
ad490a42a1de3eaaac94e0a224168185942698fe780dc35af842fcfcc797fbd9
ad930fe72caf6fe9a3f24e9cf42b44f5602932f5246a9a9907600c03b90b2af6
ae1e80a6e045ed78ed79de490b26cfe2135171530676563e6765ab0c53240262
aede8cc1a7098eedd8bae08f6b692854754f576b8032e772ea32bd30d74c1e00
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afdc0c9d333535763aa9bd3dfd8774ce5e91e25d7f88f94ed04dbcf15a37422a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e79b3e68fc49a65bbab44fb8210aeb164671f8083b6863f3f3465fcdf207c7
b612d3d278363998652e8b5d50c32229e60244e5e4149f7a32933060c58dfcb3
b62f42d8bd3be4bc8ff4df964aab505b4ba6712ce94e54f57323f42b953c762c
bf9bd542074c807245624ae2ee63906fdfc582c42c286dc2380402d758c0cb96
bfc2cae944faffa143a7a53cf248eed4f78d30d852361c9d8c11f0a34e666e50
c1e748ab144e6dbf5af27093685acc54125d05e5eb16d5c2a2417f080427b42d
c3d58b12f704e92c4b8a459fcb7700accd5cf822afed91560dac8dfd826f381d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c735950c8ab40de3cc8ad9784dedf0c960ae099855c69900c5ded77f82521afa
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cabcd9e28d34ad04e637006d3ff8c92a55613ce8fa2a3eec53fa277e790e7588
cbeee0546ea5b8cf7ce821a9e45524e13e49bb869a98b4c08a25f10cf96f609f
ccdaf3e8dd7f87bb9065c03282a0c14f48421298cf77e5b9fb4cac5a0264611a
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2a715a2f5f4fcb3223a7b4da2c9a4a2d84d3fb2891157e96a3c2c85d95e4e37
d6c8eba9a4d17e6f2e2c56233c52b2d58d5f567a44ce76a99d15317179feadc9
d95625f8e5d497ab3b1a8a713c3236dbbea75e5c069a4511ebe4349a3856cd4e
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
dbd48b7efffe5e680ae99792ad796411ce389f2a2854e5372e95f3b8acd0deec
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea4be4a6a09c4babb6d7015423cbc8f1ddeaeda04cd8d15f01fe67e24058ada
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
df85d683949489406b472d3a7d5ac9e1c095b0ddb645dd6134e13d5a2329f3bb
e05315c2f149bd0acccd46fb982164a41547fb10c582eb66365bf1d04f28f950
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e2019c4e4315e2fb25c4fbe8e77c33c6d5e30c23c177995632871d4310c5e800
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3da86e752774700df94e0efd81efc64c5fde8fee95ecea9fd9611013d7e999a
e41c142f6f40ede98887c7f27aaaa5d3b14c20c8af5a35267f2732cd669d1b0b
e55869541d8d62428b5dbe5b9fb103a5f6d4279d92d501ffefc6933f09327c42
e64981b08d5a20ea3bc26fef4c294c04a7861b9e91fe7c7509403c1d2871c668
e836a7a249438eeb2454e04650bb42d467d828d660eaff3b81eb1e1dd6764237
e92c1c68b9be9ffbfe727c153b46c6e76cd4363c59a0b20c0fc040c369532593
e98acab7bbcc53d7b86f0b656e5012aa1bef12de3fd0911027fcf258e14a9da3
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef788e7c69e8429263783a631c53ffa617052c1fd6cb441393bf83a6d3b5446d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9f2deecbb90dbeab1ded4f9aa48dcda0fed3c4a78ef04d1a1fe04512d61afbc
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
fc199896e3265b455b71f95436abb463f1c18c78d2658a01256ed0932cfc000c
fc439e7a7592a686c65fd26a5bf470275c1deb43df83db001b046549b5f3dbfe
fcf23f1c6ea8dd30d15c436eff997f2b8e4d60d3a72ad938d5dbd8faa96202aa
fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c

zn.ua Open in urlscan Pro 2606:4700:3030::ac43:9a5a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

206 Requests

94 %HTTPS

52 %IPv6

33 Domains

47 Subdomains

44 IPs

8 Countries

3415 kBTransfer

8402 kBSize

26 Cookies

8 Outgoing links

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zn.ua Open in urlscan Pro
2606:4700:3030::ac43:9a5a Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

94 %
HTTPS

52 %
IPv6

33
Domains

47
Subdomains

44
IPs

8
Countries

3415 kB
Transfer

8402 kB
Size

26
Cookies

206 HTTP transactions
7 data transactions