urlscan.io logo urlscan.io
SecurityTrails logo

nv.ua Open in urlscan Pro
51.89.96.192  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript...
Effective URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript...
Submission: On April 07 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 103 IPs in 14 countries across 100 domains to perform 350 HTTP transactions. The main IP is 51.89.96.192, located in London, United Kingdom and belongs to OVH, FR. The main domain is nv.ua.
TLS certificate: Issued by GeoTrust RSA CA 2018 on August 6th 2020. Valid for: 2 years.
This is the only time nv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 51.89.96.192 16276 (OVH)
19 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 213.174.135.2 39572 (ADVANCEDH...)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 4 54.37.238.28 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
5 2620:1ec:29::19 8068 (MICROSOFT...)
5 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a0c:5c81:514... 55081 (24SHELLS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 51.89.96.188 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 116.202.114.114 24940 (HETZNER-AS)
4 15 62.149.0.72 15497 (COLOCALL ...)
2 2a0c:5c81:513... 55081 (24SHELLS)
2 193.200.65.5 6681 (GIVEME-CLOUD)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::1c 44788 (ASN-CRITE...)
2 4 216.52.2.48 30282 (AS-INAPCD...)
3 178.250.2.131 44788 (ASN-CRITE...)
7 213.19.162.61 26667 (RUBICONPR...)
2 34.98.64.218 15169 (GOOGLE)
2 4 185.184.8.30 204995 (RTB-HOUSE...)
5 10 37.252.172.38 29990 (ASN-APPNEX)
11 20 188.42.191.196 7979 (SERVERS-COM)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 146.0.227.110 20773 (GODADDY)
1 9 46.249.52.248 50673 (SERVERIUS-AS)
5 184.30.24.198 16625 (AKAMAI-AS)
2 5 104.111.237.88 16625 (AKAMAI-AS)
2 3 37.157.3.28 198622 (ADFORM)
2 89.187.169.15 60068 (CDN77 (^_^)/)
2 2 35.170.112.41 14618 (AMAZON-AES)
1 178.250.0.157 44788 (ASN-CRITE...)
2 14 18.158.173.146 16509 (AMAZON-02)
1 1 66.155.71.25 13768 (COGECO-PEER1)
5 5.178.65.252 50673 (SERVERIUS-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 3.122.38.187 16509 (AMAZON-02)
2 2 35.227.252.103 15169 (GOOGLE)
4 8 35.170.39.52 14618 (AMAZON-AES)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 159.69.72.190 24940 (HETZNER-AS)
1 178.162.133.149 60781 (LEASEWEB-...)
7 7 18.156.0.31 16509 (AMAZON-02)
3 5.178.65.245 50673 (SERVERIUS-AS)
1 1 88.214.206.247 46636 (NATCOWEB)
1 1 184.30.212.16 20940 (AKAMAI-ASN1)
2 104.111.230.142 16625 (AKAMAI-AS)
3 185.64.190.78 62713 (AS-PUBMATIC)
2 67.202.110.34 32748 (STEADFAST)
16 51.89.9.254 16276 (OVH)
6 15 184.30.24.241 16625 (AKAMAI-AS)
1 18 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 213.155.156.167 1299 (TELIANET ...)
8 185.64.189.110 62713 (AS-PUBMATIC)
1 2 178.250.0.163 44788 (ASN-CRITE...)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
1 13 185.64.190.80 62713 (AS-PUBMATIC)
7 7 54.220.102.114 16509 (AMAZON-02)
18 22 142.250.186.34 15169 (GOOGLE)
1 1 185.86.137.132 201081 (SMARTADSE...)
2 2 198.148.27.139 19189 (PULSEPOINT)
1 1 94.23.171.206 16276 (OVH)
2 72.251.241.204 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 199.232.137.44 54113 (FASTLY)
1 151.101.13.44 54113 (FASTLY)
5 7 35.227.248.159 15169 (GOOGLE)
2 2 18.185.192.106 16509 (AMAZON-02)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 159.253.128.183 36351 (SOFTLAYER)
6 7 37.157.6.242 198622 (ADFORM)
7 7 185.29.132.68 30419 (MEDIAMATH...)
6 8 34.247.242.33 16509 (AMAZON-02)
1 4 2a00:1288:110... 34010 (YAHOO-IRD)
2 185.64.189.114 62713 (AS-PUBMATIC)
8 9 35.156.143.112 16509 (AMAZON-02)
2 2 35.210.215.44 15169 (GOOGLE)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (TURN)
6 6 151.101.114.49 54113 (FASTLY)
1 1 66.155.71.149 13768 (COGECO-PEER1)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
2 3 37.252.172.37 29990 (ASN-APPNEX)
1 1 54.77.242.172 16509 (AMAZON-02)
1 1 62.209.227.210 5588 (GTSCE GTS...)
1 2 52.46.130.13 16509 (AMAZON-02)
5 6 52.208.139.62 16509 (AMAZON-02)
1 35.241.40.233 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 52.222.179.19 16509 (AMAZON-02)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 51.158.28.83 12876 (Online SAS)
1 51.158.29.13 12876 (Online SAS)
1 1 37.252.173.135 29990 (ASN-APPNEX)
1 217.156.250.128 3549 (LVLT-3549)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.106 24961 (MYLOC-AS ...)
4 5 34.251.130.56 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.127.52.31 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
3 54.194.38.108 16509 (AMAZON-02)
1 1 184.30.20.207 16625 (AKAMAI-AS)
1 1 18.213.190.7 14618 (AMAZON-AES)
1 2 52.95.124.170 16509 (AMAZON-02)
1 2 23.45.110.176 20940 (AKAMAI-ASN1)
1 54.229.253.85 16509 (AMAZON-02)
4 5 69.173.144.138 26667 (RUBICONPR...)
3 6 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
1 1 157.90.167.185 24940 (HETZNER-AS)
4 4 52.57.10.248 16509 (AMAZON-02)
2 2 18.192.249.156 16509 (AMAZON-02)
4 4 51.75.146.200 16276 (OVH)
1 1 46.228.164.13 56396 (TURN)
1 4 52.30.140.199 16509 (AMAZON-02)
1 2 3.125.70.222 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
350 103
21    51.89.96.192 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: nv1.nv.ua
nv.ua
podcasts.nv.ua
19    2606:4700:3030::ac43:8f51 (United States)

ASN13335 (CLOUDFLARENET, US)
images.weserv.nl
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
11    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    54.37.238.28 (France)

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu
gaua.hit.gemius.pl
1    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
6    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2620:1ec:29::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
2    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    51.89.96.188 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: nv2.nv.ua
images.nv.ua
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    116.202.114.114 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
15    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
sync.console.adtarget.com.tr
2    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
s.adtelligent.com
2    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
543ff8d496f05274d4d8e0f4fbfaeba2.safeframe.googlesyndication.com
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
3    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
7    213.19.162.61 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adtelligent-d.openx.net
4    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
10    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
ib.adnxs.com
20    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    2606:4700:e0::ac40:6208 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adxpremium.services
1    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
9    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
ads.us.e-planning.net
u-ams02.e-planning.net
5    184.30.24.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    104.111.237.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-88.deploy.static.akamaitechnologies.com
js.adscale.de
tracking.m6r.eu
3    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
2    89.187.169.15 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-89-187-169-15.cdn77.com
cdn.admatic.com.tr
2    35.170.112.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
14    18.158.173.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
5    5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
s.e-planning.net
1    2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
2    3.122.38.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
8    35.170.39.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
2    2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
pubmatic-match.dotomi.com
3    159.69.72.190 (Germany)

ASN24940 (HETZNER-AS, DE)
sync.richaudience.com
1    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
7    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
3    5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
sync.e-planning.net
1    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    184.30.212.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    67.202.110.34 (United States)

ASN32748 (STEADFAST, US)
ic.tynt.com
16    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
15    184.30.24.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
18    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    213.155.156.167 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com
d5p.de17a.com
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
13    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
7    54.220.102.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-102-114.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
22    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    94.23.171.206 (France)

ASN16276 (OVH, FR)
green.erne.co
2    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2606:4700:3039::6815:c04d (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.taboola.com
7    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    18.185.192.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
7    37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
7    185.29.132.68 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    34.247.242.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-242-33.eu-west-1.compute.amazonaws.com
match.adsrvr.org
4    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
9    35.156.143.112 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    35.210.215.44 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
ads.programattik.com
1    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
6    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
3    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    54.77.242.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
1    62.209.227.210 (Zlín, Czech Republic)

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)
bbnaut.ibillboard.com
2    52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    52.208.139.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-139-62.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com
dmp.brand-display.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    52.222.179.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-19.ham50.r.cloudfront.net
tags.crwdcntrl.net
7    2606:4700:20::681a:24e (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
1    51.158.28.83 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-83.rev.poneytelecom.eu
js.cookieless-data.com
1    51.158.29.13 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-29-13.rev.poneytelecom.eu
sddan.mgr.consensu.org
1    37.252.173.135 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 830.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
adscale-emea.adnxs.com
1    217.156.250.128 (United Kingdom)

ASN3549 (LVLT-3549, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:cff3:ca6f:14e6:5ad7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Erba, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.frontend.weborama.fr
1    89.163.159.106 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
5    34.251.130.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
cms.analytics.yahoo.com
1    3.127.52.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
3    54.194.38.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
1    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    18.213.190.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
2    52.95.124.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    23.45.110.176 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-110-176.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    54.229.253.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    157.90.167.185 (Germany)

ASN24940 (HETZNER-AS, DE)
bidswitch-eu.splicky.com
4    52.57.10.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
2    18.192.249.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prod.perf-serving.com
4    51.75.146.200 (France)

ASN16276 (OVH, FR)
id5-sync.com
1    46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
4    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
2    3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
32 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
68 KB
31 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
128 KB
22 adtelligent.com
player.adtelligent.com
ghb.adtelligent.com
sync.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
s.adtelligent.com
146 KB
22 nv.ua
nv.ua
podcasts.nv.ua
images.nv.ua
391 KB
21 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
28 KB
20 betweendigital.com
ads.betweendigital.com
13 KB
19 weserv.nl
images.weserv.nl
184 KB
18 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
7 KB
17 adscale.de
js.adscale.de
ih.adscale.de
18 KB
17 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
s.e-planning.net
sync.e-planning.net
19 KB
16 onetag-sys.com
onetag-sys.com
7 KB
15 casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
18 KB
14 adnxs.com
ib.adnxs.com
secure.adnxs.com
adscale-emea.adnxs.com
12 KB
13 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
cms.analytics.yahoo.com
ads.yahoo.com
9 KB
11 gstatic.com
fonts.gstatic.com
178 KB
10 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
16 KB
10 adform.net
cm.adform.net
c1.adform.net
track.adform.net
dmp.adform.net
4 KB
9 bidswitch.net
x.bidswitch.net
3 KB
8 adsrvr.org
match.adsrvr.org
4 KB
8 mathtag.com
sync.mathtag.com
pixel.mathtag.com
4 KB
8 audrte.com
a.audrte.com
9 KB
8 criteo.com
gum.criteo.com
mug.criteo.com Failed
bidder.criteo.com
dis.criteo.com
2 KB
8 google.com
www.google.com
analytics.google.com
adservice.google.com
1 KB
8 googlesyndication.com
pagead2.googlesyndication.com
543ff8d496f05274d4d8e0f4fbfaeba2.safeframe.googlesyndication.com
tpc.googlesyndication.com
24 KB
7 quantumdex.io
sync.quantumdex.io
3 KB
7 tapad.com
pixel.tapad.com
3 KB
7 bidr.io
match.prod.bidr.io
4 KB
7 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr
4 KB
7 google.de
www.google.de
adservice.google.de
885 B
7 clarity.ms
www.clarity.ms
c.clarity.ms
22 KB
6 demdex.net
dpm.demdex.net
5 KB
6 everesttech.net
sync-tm.everesttech.net
2 KB
6 google-analytics.com
www.google-analytics.com
19 KB
4 id5-sync.com
id5-sync.com
6 KB
4 advertising.com
pixel.advertising.com
1 KB
4 krxd.net
beacon.krxd.net
usermatch.krxd.net
1 KB
4 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
2 KB
4 creativecdn.com
prebid-eu.creativecdn.com
creativecdn.com
1 KB
4 openx.net
adtelligent-d.openx.net
rtb.openx.net
1 KB
4 lijit.com
ap.lijit.com
2 KB
4 gemius.pl
gaua.hit.gemius.pl
12 KB
3 turn.com
ad.turn.com
d.turn.com
1 KB
3 taboola.com
trc.taboola.com
match.taboola.com
716 B
3 richaudience.com
sync.richaudience.com
1 KB
3 googleapis.com
fonts.googleapis.com
3 KB
2 eyeota.net
ps.eyeota.net
2 KB
2 perf-serving.com
prod.perf-serving.com
1 KB
2 bluekai.com
tags.bluekai.com
1 KB
2 weborama.fr
idsync.frontend.weborama.fr
842 B
2 tidaltv.com
sync.tidaltv.com
790 B
2 m6r.eu
tracking.m6r.eu
1 KB
2 criteo.net
static.criteo.net
51 KB
2 programattik.com
ads.programattik.com
1 KB
2 fiftyt.com
visitor.fiftyt.com
998 B
2 semasio.net
uipglob.semasio.net
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 adgrx.com
cm.adgrx.com
816 B
2 contextweb.com
bh.contextweb.com
906 B
2 adition.com
dsp.adfarm1.adition.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 tynt.com
ic.tynt.com
2 dotomi.com
prebid-match.dotomi.com
pubmatic-match.dotomi.com
207 B
2 360yield.com
ad.360yield.com
676 B
2 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
625 B
2 advangelists.com
nep.advangelists.com
462 B
2 admatic.com.tr
cdn.admatic.com.tr
21 KB
2 adxpremium.services
rtb.adxpremium.services
2 KB
2 trafmag.com
t.trafmag.com
464 B
2 googletagmanager.com
www.googletagmanager.com
91 KB
1 splicky.com
bidswitch-eu.splicky.com
220 B
1 rlcdn.com
id.rlcdn.com
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
38 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
382 B
1 theadex.com
dmp.theadex.com
378 B
1 bemail.it
bn01.er.bemail.it
659 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
361 B
1 consensu.org
sddan.mgr.consensu.org
109 B
1 cookieless-data.com
js.cookieless-data.com
2 KB
1 brand-display.com
dmp.brand-display.com
253 B
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 gumgum.com
rtb.gumgum.com
335 B
1 playground.xyz
ads.playground.xyz
488 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 quantserve.com
pixel.quantserve.com
541 B
1 simpli.fi
um.simpli.fi
609 B
1 ad4m.at
ad4m.at
1 KB
1 erne.co
green.erne.co
327 B
1 smartadserver.com
rtb-csync.smartadserver.com
760 B
1 admanmedia.com
cs.admanmedia.com
428 B
1 sonobi.com
sync.go.sonobi.com
478 B
1 navdmp.com
tag.navdmp.com
4 KB
1 admixer.net
inv-nets.admixer.net
477 B
1 loopme.me
csync.loopme.me
208 B
1 bing.com
c.bing.com
394 B
1 unpkg.com
unpkg.com
2 KB
0 1rx.io Failed
sync.1rx.io Failed
0 sndcdn.com Failed
i1.sndcdn.com Failed
350 100
Domain Requested by
22 cm.g.doubleclick.net 18 redirects eus.rubiconproject.com
bcp.crwdcntrl.net
20 ads.betweendigital.com 11 redirects nv.ua
19 images.weserv.nl nv.ua
podcasts.nv.ua
19 nv.ua 1 redirects nv.ua
16 onetag-sys.com s.adtelligent.com
sync.quantumdex.io
onetag-sys.com
15 mwzeom.zeotap.com 1 redirects ads.pubmatic.com
spl.zeotap.com
ads.us.e-planning.net
14 ih.adscale.de 2 redirects js.adscale.de
ih.adscale.de
13 simage2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
11 fonts.gstatic.com fonts.googleapis.com
10 dsum-sec.casalemedia.com 4 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
10 ib.adnxs.com 5 redirects player.adtelligent.com
spl.zeotap.com
9 x.bidswitch.net 8 redirects ssum-sec.casalemedia.com
9 sync.adtelligent.com 3 redirects player.adtelligent.com
s.console.adtarget.com.tr
s.adtelligent.com
onetag-sys.com
8 match.adsrvr.org 6 redirects ssum.casalemedia.com
eus.rubiconproject.com
8 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
8 a.audrte.com 4 redirects ads.us.e-planning.net
a.audrte.com
s.console.adtarget.com.tr
7 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
onetag-sys.com
7 sync.mathtag.com 7 redirects
7 pixel.tapad.com 5 redirects image6.pubmatic.com
spl.zeotap.com
7 match.prod.bidr.io 7 redirects
7 ups.analytics.yahoo.com 7 redirects
7 u-ams02.e-planning.net ads.us.e-planning.net
ads.pubmatic.com
ssum.casalemedia.com
7 fastlane.rubiconproject.com player.adtelligent.com
6 dpm.demdex.net 5 redirects ssum.casalemedia.com
6 sync-tm.everesttech.net 6 redirects
6 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
js.adscale.de
s.adtelligent.com
ads.us.e-planning.net
6 ghb.adtelligent.com player.adtelligent.com
6 www.google-analytics.com www.googletagmanager.com
nv.ua
www.google-analytics.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 bcp.crwdcntrl.net 4 redirects tags.crwdcntrl.net
5 dmp.adform.net 4 redirects spl.zeotap.com
5 s.e-planning.net ads.us.e-planning.net
5 ads.pubmatic.com s.console.adtarget.com.tr
ads.pubmatic.com
ads.us.e-planning.net
5 securepubads.g.doubleclick.net nv.ua
securepubads.g.doubleclick.net
5 www.clarity.ms nv.ua
www.clarity.ms
4 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
4 id5-sync.com 4 redirects
4 pixel.advertising.com 4 redirects
4 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 ap.lijit.com 2 redirects player.adtelligent.com
4 www.google.de nv.ua
podcasts.nv.ua
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
4 gaua.hit.gemius.pl 1 redirects nv.ua
gaua.hit.gemius.pl
4 pagead2.googlesyndication.com nv.ua
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 player.adtelligent.com nv.ua
player.adtelligent.com
3 pixel.rubiconproject.com eus.rubiconproject.com
3 pixel-eu.rubiconproject.com 3 redirects
3 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
bcp.crwdcntrl.net
3 secure.adnxs.com 2 redirects ssum-sec.casalemedia.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
3 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
3 sync.e-planning.net ads.us.e-planning.net
sync.quantumdex.io
eus.rubiconproject.com
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 bidder.criteo.com player.adtelligent.com
static.criteo.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 www.google.com nv.ua
3 fonts.googleapis.com nv.ua
2 ps.eyeota.net 1 redirects s.console.adtarget.com.tr
2 prod.perf-serving.com 2 redirects
2 tags.bluekai.com 1 redirects spl.zeotap.com
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 tracking.m6r.eu 2 redirects
2 track.adform.net 2 redirects
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 ssum-sec.casalemedia.com ssum.casalemedia.com
sync.quantumdex.io
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 ad.turn.com 2 redirects
2 ads.programattik.com 2 redirects
2 c1.adform.net 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 trc.taboola.com 1 redirects spl.zeotap.com
2 cm.adgrx.com image6.pubmatic.com
ssum.casalemedia.com
2 bh.contextweb.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dis.criteo.com 1 redirects image6.pubmatic.com
2 d5p.de17a.com 2 redirects
2 ic.tynt.com s.adtelligent.com
sync.quantumdex.io
2 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
2 rtb.openx.net 2 redirects
2 ad.360yield.com 2 redirects
2 nep.advangelists.com 2 redirects
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 creativecdn.com 2 redirects
2 rtb.adxpremium.services player.adtelligent.com
2 prebid-eu.creativecdn.com player.adtelligent.com
2 adtelligent-d.openx.net player.adtelligent.com
2 gum.criteo.com static.criteo.net
2 t.trafmag.com nv.ua
s.adtelligent.com
2 analytics.google.com www.googletagmanager.com
2 c.clarity.ms 1 redirects nv.ua
2 podcasts.nv.ua nv.ua
podcasts.nv.ua
2 www.googletagmanager.com nv.ua
podcasts.nv.ua
1 d.turn.com 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 id.rlcdn.com eus.rubiconproject.com
1 ads.yahoo.com eus.rubiconproject.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 adscale-emea.adnxs.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 sddan.mgr.consensu.org js.cookieless-data.com
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 dmp.brand-display.com ssum.casalemedia.com
1 bbnaut.ibillboard.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 match.taboola.com image6.pubmatic.com
1 ad4m.at image6.pubmatic.com
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 green.erne.co 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 sync.go.sonobi.com ads.us.e-planning.net
1 prebid-match.dotomi.com ads.us.e-planning.net
1 tag.navdmp.com ads.us.e-planning.net
1 pixel.sitescout.com 1 redirects
1 cm.adform.net s.console.adtarget.com.tr
1 s.adtelligent.com s.console.adtarget.com.tr
1 ghb2.adtelligent.com player.adtelligent.com
1 inv-nets.admixer.net player.adtelligent.com
1 ghb1.adtelligent.com player.adtelligent.com
1 mug.criteo.com nv.ua
1 543ff8d496f05274d4d8e0f4fbfaeba2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 s.console.adtarget.com.tr player.adtelligent.com
1 csync.loopme.me 1 redirects
1 images.nv.ua podcasts.nv.ua
1 c.bing.com 1 redirects
1 unpkg.com nv.ua
0 sync.1rx.io Failed ads.us.e-planning.net
0 i1.sndcdn.com Failed podcasts.nv.ua
350 157
Subject Issuer Validity Valid
*.nv.ua
GeoTrust RSA CA 2018		 2020-08-06 -
2022-10-12		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-22 -
2021-07-22		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2019-09-11 -
2021-09-24		 2 years crt.sh
www.clarity.ms
DigiCert SHA2 Secure Server CA		 2020-09-03 -
2021-09-03		 a year crt.sh
ghb.adtelligent.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
c.msn.com
Microsoft RSA TLS CA 02		 2021-02-03 -
2022-02-03		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
sync.adtelligent.com
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-04-03 -
2021-07-02		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-15 -
2021-06-21		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ghb1.adtelligent.com
R3		 2021-03-27 -
2021-06-25		 3 months crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2020-08-17 -
2021-11-26		 a year crt.sh
ghb2.adtelligent.com
R3		 2021-03-27 -
2021-06-25		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-04-07 -
2021-07-06		 3 months crt.sh
sync.console.adtarget.com.tr
R3		 2021-04-02 -
2021-07-01		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
cat.adscale.de
DigiCert SHA2 Secure Server CA		 2020-10-23 -
2021-11-21		 a year crt.sh
*.adform.net
DigiCert SHA2 Secure Server CA		 2020-04-02 -
2021-06-02		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-04-07 -
2021-07-06		 3 months crt.sh
*.adscale.de
Amazon		 2020-06-05 -
2021-07-07		 a year crt.sh
*.e-planning.net
R3		 2021-03-26 -
2021-06-24		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
onetag-sys.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
js.cookieless-data.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
sddan.mgr.consensu.org
R3		 2021-03-31 -
2021-06-29		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-03-24 -
2022-03-30		 a year crt.sh
*.redinuid.imrworldwide.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-05-05		 a month crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.eyeota.net
R3		 2021-02-28 -
2021-05-29		 3 months crt.sh

This page contains 42 frames:

Primary Page: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Frame ID: 3228F4D28C984648FCF864413695A1AD
Requests: 137 HTTP requests in this frame

Frame: https://podcasts.nv.ua/embed_v2/2317.html
Frame ID: 3F64390D77E3A2FE27EE462D2EEAB0B7
Requests: 14 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=061a6dc1-6058-4727-ae6b-4b16b4b81c87
Frame ID: F9E679050CD7AC29EB9FCACB05CB417B
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=609096
Frame ID: 48319C7482374F81E655A26CA66FF484
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=609724
Frame ID: FC5175380F190650C617CA2574FA443B
Requests: 6 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ROzRuSJyhi1Tw5CUOlDj&pi=admatic&tc=1
Frame ID: F82DD9F9CDA4CEEDB32BFEAA1FDA5540
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 356E7223F9EF6B92F8DE6970827A3723
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: C6BE0972C23B96C59E44EF8F8521386D
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: C6124E8EFFA61AB7A38BB59A78E3D640
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: D7C839B10121CC8819A76C851CC25922
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: B55B595452C7CD6F269A1731CB44B6FB
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 25E075FD4EA8D0F3D0D8012FAF8BF4FC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 5B45C02519A7AF64D309CA7020F8645E
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D98397851985d2331%26uid%3D
Frame ID: 0974C49C5B96769306D447537F237418
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 598CAADE5727B84F8AE039E455C7B079
Requests: 25 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: A6B8B465883B69C522E247762B1A4317
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 395F7E2F76B53E207F5A34DC63442E80
Requests: 9 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
Frame ID: 43C69D33DC2EF807CB9DF27C007CAB48
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361&cmp=0
Frame ID: 6F0F7F925E5070BAC3A99B65A9D5817E
Requests: 31 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
Frame ID: 72056DF305D21FDD7CF9A025AA40C95C
Requests: 11 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8783245925063885997
Frame ID: 49C7086BDB661E08E4D56C0D80FB67A6
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: DC1AA646D0DAF68C597CB9C6F3B4D9E9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6948435543608522903
Frame ID: 541500DD06C85D5A251A5A30F428C2CC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACuQk7A25sAACh_I23Ciw
Frame ID: 36564C25E32E35B16605AB2D611A932E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=vNdKcNZh8IIub5T9HrMiWmjW
Frame ID: EFB7153424C655A36A952966D317BDC3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F1476E1FDD821116DE0A628446902135
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1FCF8C4D80475925D9F237A3BA4A9A79
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=g2fCgVMuKvd5&pid=557219
Frame ID: B03F66465D5928181849D91E139DCB72
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 424705E2AA6B5B7F670852E2BCD4DFB2
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e93db864-1388-43df-886a-e797989f933d-tuct76752d2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: E9680033F007DC68213F8D805C45F308
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: EB7750F43E56241D5930E01D3B860F67
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:edwwv8Ze1Lu9X55&gdpr=0&gdpr_consent=
Frame ID: C08E76A523BA219E0BC0B4F74004693C
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=98397851985d2331&uid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1
Frame ID: 454A644B426CF28CF40E5B60F1D7886F
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 7E9F4AD46390DFD5D973890A77AFF49D
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: E9814DC9EBF52BDBF14D266CD046684C
Requests: 6 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AN3HAUIltVjjJEcv
Frame ID: 3742109FDFE20558B8B35A263C64E28C
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 7DDA7CD96B91A76C960C0305D8C8D4F3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 80DC35E35EB5284880B6CF2B5585A5F6
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: DFE5FA09C0CFAE14F266606A16DCE975
Requests: 9 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: 37320D156CA96FEE6134B20B4D27DE0F
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=nv.ua
Frame ID: B74674D06403919ACC947794F9392BF9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: CD42D278C2A41CCE8574B12E9E4C1EA5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_me... HTTP 301
    https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_me... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

350
Requests

99 %
HTTPS

26 %
IPv6

100
Domains

157
Subdomains

103
IPs

14
Countries

1481 kB
Transfer

3657 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2 HTTP 301
    https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=D4F30DBACBB34C31BA2912BBE8AE0F3C&RedC=c.clarity.ms&MXFR=3E813D07DD606A0A002E2D15D96064DF HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=D4F30DBACBB34C31BA2912BBE8AE0F3C&MUID=27BE23EC4C7167B02E9A33FE4DA3665B
Request Chain 78
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=061a6dc1-6058-4727-ae6b-4b16b4b81c87
Request Chain 80
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=2b719674595d7be7
Request Chain 81
  • https://gaua.hit.gemius.pl/_1617808715273/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=YCTcUdKNBddpAoA5ziUFoM9GFQEHbp6.miLjGWGO.aP.W7&vis=1 HTTP 301
  • https://gaua.hit.gemius.pl/__/_1617808715273/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=YCTcUdKNBddpAoA5ziUFoM9GFQEHbp6.miLjGWGO.aP.W7&vis=1
Request Chain 89
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnv.ua%2F&domain=nv.ua&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=wgkeFXwwSG9aaTN3QTdKSDE4UFZFOERUUEJ5K25lOVg2Nk5MalkyK2V3Y0o5UHVEcXU5bk52SjNuV1dyVU90eGRDMFhUdllkT0pra0daZk5LNWtFYVY1RVYvdWNFQTB0TzdqZFJ4TEJKeEUzeUdoUXAxUUFpcEhsdnM0eFdobzR3MTNxUkdhZndKSUg5ZXlvTnl1ZE1ZZFltWVlaWjFhaWk1eFZ1aFpla0FveFdlaDkxN0JzS2RDMGNSVVpZa3UyNFNGMnNKdU4zQ0hiTXRYMlo1dGU1SXdtS2JnPT18&cppv=2
Request Chain 99
  • https://ads.betweendigital.com/adjson?sizes=240x400%252C240x350%252C300x600%252C240x600%252C300x250&jst=hb&ord=9650328798446906&tz=-120&fl=0&rr=direct&s=2777838&bidid=3358b0d365b1fd&transactionid=53222bc8-afcf-4708-bef0-611ee75613d9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2 HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=240x400%252C240x350%252C300x600%252C240x600%252C300x250&jst=hb&ord=9650328798446906&tz=-120&fl=0&rr=direct&s=2777838&bidid=3358b0d365b1fd&transactionid=53222bc8-afcf-4708-bef0-611ee75613d9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Request Chain 100
  • https://ads.betweendigital.com/adjson?sizes=240x400%252C240x350%252C300x600%252C240x600%252C300x250&jst=hb&ord=1357688866185853.2&tz=-120&fl=0&rr=direct&s=2777839&bidid=34161fa589224d2&transactionid=53222bc8-afcf-4708-bef0-611ee75613d9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2 HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=240x400%252C240x350%252C300x600%252C240x600%252C300x250&jst=hb&ord=1357688866185853.2&tz=-120&fl=0&rr=direct&s=2777839&bidid=34161fa589224d2&transactionid=53222bc8-afcf-4708-bef0-611ee75613d9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Request Chain 101
  • https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=7392365229082625&tz=-120&fl=0&rr=direct&s=2777838&bidid=35166f52b180061&transactionid=29d86a0d-f248-4607-8489-3a556e556ce9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2 HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=7392365229082625&tz=-120&fl=0&rr=direct&s=2777838&bidid=35166f52b180061&transactionid=29d86a0d-f248-4607-8489-3a556e556ce9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Request Chain 102
  • https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=4909784655604394&tz=-120&fl=0&rr=direct&s=2777839&bidid=36ce25b99caa9d3&transactionid=29d86a0d-f248-4607-8489-3a556e556ce9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2 HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=4909784655604394&tz=-120&fl=0&rr=direct&s=2777839&bidid=36ce25b99caa9d3&transactionid=29d86a0d-f248-4607-8489-3a556e556ce9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Request Chain 108
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ROzRuSJyhi1Tw5CUOlDj&pi=admatic&tc=1
Request Chain 109
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 114
  • https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-65630d45-18e5-4e38-a919-532042def264
Request Chain 115
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=69e83e2a26d1fc0e
Request Chain 117
  • https://ih.adscale.de/uu?cbfn=receive&t=1617808715 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1617808715&nut&uu=f65cd029e7164a47a77fedea8ac516de
Request Chain 120
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D98397851985d2331 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=98397851985d2331
Request Chain 125
  • https://ad.360yield.com/server_match?partner_id=1556&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D4238ca06ef07aea3%26fi%3D98397851985d2331%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1556&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D4238ca06ef07aea3%26fi%3D98397851985d2331%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=4238ca06ef07aea3&fi=98397851985d2331&uid=31e2d0ee-4e9f-492e-b5f3-572caf59fc7c
Request Chain 126
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D98397851985d2331%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=98397851985d2331&uid=ea0d4234-ca82-40ba-a1c9-3748683086d8
Request Chain 130
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D98397851985d2331 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 131
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D98397851985d2331%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=98397851985d2331&uid=285258492267925334
Request Chain 133
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-IUiF8P1E2uFgLYEcaBHIIaNlHGRo_vGHHyNAwZc-~A
Request Chain 134
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D98397851985d2331%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=98397851985d2331&uid=caa40e5e9f084bac79b39925f4ca87f206b88a4d
Request Chain 136
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 144
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=2b719674595d7be7
Request Chain 145
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=
Request Chain 146
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=ea0d4234-ca82-40ba-a1c9-3748683086d8
Request Chain 147
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=285258492267925334
Request Chain 148
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=2b719674595d7be7
Request Chain 153
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
Request Chain 155
  • https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0 HTTP 302
  • https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
Request Chain 157
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8783245925063885997
Request Chain 159
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6948435543608522903
Request Chain 160
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIWHMwN0EyNXNBQUNseFk3c21QUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHXs07A25sAAClxY7smPQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=262024465861990039 HTTP 303
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=262024465861990039&_bee_ppp=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACuQk7A25sAACh_I23Ciw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D262024465861990039%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=262024465861990039&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACuQk7A25sAACh_I23Ciw&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACuQk7A25sAACh_I23Ciw
Request Chain 161
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=vNdKcNZh8IIub5T9HrMiWmjW
Request Chain 163
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 164
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=g2fCgVMuKvd5&pid=557219
Request Chain 166
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e93db864-1388-43df-886a-e797989f933d-tuct76752d2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 167
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 168
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:edwwv8Ze1Lu9X55&gdpr=0&gdpr_consent=
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VPonLG-NSUqbVNKdv47S4Q%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VPonLG-NSUqbVNKdv47S4Q%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 172
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 173
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&addseg=19,36,42
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTRGQTI3MkMtNkY4RC00OTRBLTlCNTQtRDI5REJGOEVEMkUx&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTRGQTI3MkMtNkY4RC00OTRBLTlCNTQtRDI5REJGOEVEMkUx&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENh1cs7Q9FwVxLIlyewWges&google_cver=1
Request Chain 177
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8555319055327058093
Request Chain 178
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3112606d-cd4e-4300-a06e-d592868289d1&gdpr=0&gdpr_consent=
Request Chain 179
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01
Request Chain 180
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=285258492267925334&gdpr=0&gdpr_consent=
Request Chain 182
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J5lQILZE2uUGEUsJImrSeGBNr31tdSA-~A&gdpr=0&gdpr_consent=
Request Chain 183
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=b8dee4c4-51b3-4ade-9384-b165f77c47ac&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=156&expires=14&user_id=b8dee4c4-51b3-4ade-9384-b165f77c47ac&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 184
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hHgNTtEsD06fKV4bhSoWGIMuCk6fLgoeinovDOvL
Request Chain 185
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8673652470810723903&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 186
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YG3NUQAAAJGgiBcV HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YG3NUQAAAJGgiBcV&gdpr=0&gdpr_consent=&_test=YG3NUQAAAJGgiBcV
Request Chain 187
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 188
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9a77f845-ab6f-49db-a23a-60dc2494cdfe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 190
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3064146525886796892
Request Chain 191
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_0c62619d-751b-4a50-8123-02f8c2043b34
Request Chain 193
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=08c2ea102d094e63877f747c7abf1bbc&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f677e48e622c9%2F1617808716088%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/img?tpid=101&tpuid=BBID-01-02925227174221268-16255224
Request Chain 195
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=bcce7b5721efd99dd53ca6faab3fb536d1d73136deb419ec2b7e6887d946e970&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f677e48e622c9%2F1617808716088%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=5123606d-cd4e-4b00-8d49-5709f7d0c378&gdpr=0&gdpr_consent=
Request Chain 196
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB&dcc=t
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEl3Roo8ssNqTzugaodIKjk&google_cver=1
Request Chain 198
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YG3NTfMFHxS4zXOY16dCYAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA2CAFn_oqYMueiAhgl5yEI&google_cver=1&gdpr=1
Request Chain 200
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YG3NTfMFHxS4zXOY16dCYAAA%261102 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YG3NTfMFHxS4zXOY16dCYAAA%261102
Request Chain 202
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3684606d-cd4e-4700-8558-048be67be027&gdpr=1&gdpr_consent=
Request Chain 213
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=285258492267925334
Request Chain 214
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-IUiF8P1E2uFgLYEcaBHIIaNlHGRo_vGHHyNAwZc-~A
Request Chain 215
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=285258492267925334
Request Chain 216
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=059f9ee6-6ec9-5261-b617-fa4cd67a3701
Request Chain 223
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f677e48e622c9%2F1617808716088%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/img?tpid=75&tpuid=285258492267925334&gdpr=0
Request Chain 227
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB
Request Chain 228
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8673652470810723903
Request Chain 229
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b2f8db42-9e65-4058-9f2b-36fa2b435e18 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b2f8db42-9e65-4058-9f2b-36fa2b435e18&C=1
Request Chain 230
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YG3NTfMFHxS4zXOY16dCYAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA2CAFn_oqYMueiAhgl5yEI&google_cver=1&gdpr=1
Request Chain 232
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHXs07A25sAAClxY7smPQ&expiration=1619018319&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHXs07A25sAAClxY7smPQ&expiration=1619018319&gdpr=1&C=1
Request Chain 234
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=9fc38c70c3e9e6d74943b300c12044e06391707106fa7f432ab91c95018a4bc7&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f677e48e622c9%2F1617808716088%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YG3NTfMFHxS4zXOY16dCYAAA%261102
Request Chain 235
  • https://track.adform.net/serving/cookie/match/?party=9&uid=28d9d623e85ca4b1193356c2d502ee7439462aaadb99b774e56bac99d7c6b10f&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f677e48e622c9%2F1617808716088%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=28d9d623e85ca4b1193356c2d502ee7439462aaadb99b774e56bac99d7c6b10f&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f677e48e622c9%2F1617808716088%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/img?tpid=42&gdpr=0&tpuid=8555319055327058093
Request Chain 236
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=85d8f608a66011576900d0291f766eadbbfec97235e4d60a858965a586b24de6&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f677e48e622c9%2F1617808716088%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=6154f6a8-5758-4300-9ca1-617f8fe83193
Request Chain 237
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=4bc6e40f241fe2dd9f466bb79801d62e6d73c47073441501b478f085ab28ae58&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f677e48e622c9%2F1617808716088%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=a7e0606d-cd4e-4500-8126-117b87a004bb&gdpr=0&gdpr_consent=
Request Chain 238
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=5274d9dd631857ef094c5dd329ad447d2a60a0cf40cfb5f26fe189b5cc0b2cd5&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f677e48e622c9%2F1617808716088%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=5274d9dd631857ef094c5dd329ad447d2a60a0cf40cfb5f26fe189b5cc0b2cd5&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f677e48e622c9%2F1617808716088%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/js?tpid=48&tpuid=0d6a5429f10e960d0d5ed320d53dd7e3
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEKz3Kh0Qhuj1ikD5n1hTzZ8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Request Chain 241
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=879a83d1-97b4-11eb-8fcf-f279d8f436ca&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Request Chain 243
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Request Chain 247
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f630e86c-6361-4d02-a186-32bcbebbce0f&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 248
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a2e0a5ae-819b-4945-796d-b4263e15b0e7&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a2e0a5ae-819b-4945-796d-b4263e15b0e7&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=10077136527970323730717355754798254487&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Request Chain 250
  • https://bn01.er.bemail.it/zeotap.php?_bid=a2e0a5ae-819b-4945-796d-b4263e15b0e7&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021040717-92003-0.823539001617808718-3a13784eedd8364ffefc169415dbb64a&zdid=533&env=mWeb
Request Chain 251
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6948435543608457367&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Request Chain 253
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a2e0a5ae-819b-4945-796d-b4263e15b0e7&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a2e0a5ae-819b-4945-796d-b4263e15b0e7&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361&bounce=1&random=633262388 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=WyFVB9QNYZQo/7LwSS.Ap.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Request Chain 255
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a2e0a5ae-819b-4945-796d-b4263e15b0e7?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a2e0a5ae-819b-4945-796d-b4263e15b0e7?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=7e428f778ee12e7fedc0c770b72db67e&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Request Chain 256
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-OhpqjFZE2oooSAMbJfkhH55xrooPjRVPog--~A&zpartnerid=570&env=mWeb
Request Chain 257
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lqY%2Btg%2BtbDUtBiX8NObLeoNQcRXQ9apD%2BS41iYitP1U%3D
Request Chain 261
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361&_test=YG3NUQAAAFGgeRcV HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YG3NUQAAAFGgeRcV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361&_test=YG3NUQAAAFGgeRcV
Request Chain 262
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a7e0606d-cd4e-4500-8126-117b87a004bb&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Request Chain 263
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=ODB68IA-&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=a2e0a5ae-819b-4945-796d-b4263e15b0e7
Request Chain 264
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a2e0a5ae-819b-4945-796d-b4263e15b0e7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a2e0a5ae-819b-4945-796d-b4263e15b0e7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361&dcc=t
Request Chain 274
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186 HTTP 302
  • https://sync.e-planning.net/um?uid=KN7LJKEI-U-2L2Q&dc=9bcc91305985f0db&iss=1
Request Chain 275
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TEpLRUktVS0yTDJR
Request Chain 276
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7LJKEI-U-2L2Q&sigv=1&esig=2~fb88866072bfe5af2c251ec8f438df6408ae95b3
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDdmiWLAuxkl7dbuIqHggFs&google_cver=1
Request Chain 278
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/itecFxtVFJktTQ_D24fKfA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1566793014741488708
Request Chain 279
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a7e0606d-cd4e-4500-8126-117b87a004bb
Request Chain 282
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTUwYTJiNzgxOTVhMjgxMmZkOTExMjMyOTVhZmI0YzMwNTIxN2E4NA
Request Chain 283
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
  • https://onetag-sys.com/sync/i,1/a7e0606d-cd4e-4500-8126-117b87a004bb
Request Chain 284
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag HTTP 302
  • https://onetag-sys.com/sync/i,2/KN7LJKEI-U-2L2Q
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
  • https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEAjVV5hE0L9L4nmPc8rnTBY&google_cver=1
Request Chain 286
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/sync/i,29/?tdid=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&ttl=1620400725
Request Chain 287
  • https://x.bidswitch.net/sync?ssp=onetag HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=onetag&bsw_custom_parameter=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=onetag&expires=10&bsw_param=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88&gdpr=&gdpr_consent=&us_privacy=
Request Chain 288
  • https://dmp.adform.net/serving/cookie/match?party=1167&cid=zeHQ01JLZdpTba1y5lUGPwMS4GtLrvUUyuUoAv2-eEw HTTP 302
  • https://onetag-sys.com/sync/i,34/8555319055327058093
Request Chain 289
  • https://pixel.advertising.com/ups/58198/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58198/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58198/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac HTTP 302
  • https://onetag-sys.com/sync/i,39/y-I4YEceNE2uF0H3_lKzquuRrocRXmcM7Q~A~UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac
Request Chain 291
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
  • https://onetag-sys.com/sync/i,1/a7e0606d-cd4e-4500-8126-117b87a004bb
Request Chain 292
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag HTTP 302
  • https://onetag-sys.com/sync/i,2/KN7LJKEI-U-2L2Q
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
  • https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEAjVV5hE0L9L4nmPc8rnTBY&google_cver=1
Request Chain 294
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/sync/i,29/?tdid=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&ttl=1620400725
Request Chain 295
  • https://x.bidswitch.net/sync?ssp=onetag HTTP 302
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=23e7fee0-63a5-49c5-b9a7-7b9bd2145600&ssp=onetag&user_group=1 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88&gdpr=&gdpr_consent=&us_privacy=
Request Chain 296
  • https://pixel.advertising.com/ups/58198/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58198/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58198/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac HTTP 302
  • https://onetag-sys.com/sync/i,39/y-I4YEceNE2uF0H3_lKzquuRrocRXmcM7Q~A~UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac
Request Chain 297
  • https://dmp.adform.net/serving/cookie/match?party=1167&cid=khhY-nehOBibIeKziHAAUqHbdpRzGBxcwlhkWbulolo HTTP 302
  • https://onetag-sys.com/sync/i,34/8555319055327058093
Request Chain 300
  • https://bcp.crwdcntrl.net/5/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Request Chain 301
  • https://id5-sync.com/s/19/9.gif?puid=7e428f778ee12e7fedc0c770b72db67e&gdpr=1 HTTP 302
  • https://id5-sync.com/c/19/19/9/1.gif?puid=7e428f778ee12e7fedc0c770b72db67e&gdpr=1&gdpr_consent= HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMO4Jo_tII0hrhx8ZGRyR5kPysSTguYGDf2gqorZg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F8%2F2.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/224/8/2.gif?puid=3138294914315962372&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F7%2F3.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://tags.bluekai.com/site/5907?limit=0&id=5088917182012ee78a509cab447e041f&redir=https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMO4Jo_tII0hrhx8ZGRyR5kPysSTguYGDf2gqorZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=N2U0MjhmNzc4ZWUxMmU3ZmVkYzBjNzcwYjcyZGI2N2U&google_redir={xENCODEDURL}&id5id=ID5-ZHMO4Jo_tII0hrhx8ZGRyR5kPysSTguYGDf2gqorZg
Request Chain 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=7e428f778ee12e7fedc0c770b72db67e&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=7e428f778ee12e7fedc0c770b72db67e&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=47709057555172077863879574066002009980
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=N2U0MjhmNzc4ZWUxMmU3ZmVkYzBjNzcwYjcyZGI2N2U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=N2U0MjhmNzc4ZWUxMmU3ZmVkYzBjNzcwYjcyZGI2N2U&google_tc=
Request Chain 305
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YG3NZAAAAHr8RwUS HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YG3NZAAAAHr8RwUS&_test=YG3NZAAAAHr8RwUS
Request Chain 306
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=7e428f778ee12e7fedc0c770b72db67e&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=7e428f778ee12e7fedc0c770b72db67e&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=941c1d3b-97b4-11eb-aa8c-2aa9088e5f87
Request Chain 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cacDFwiEQ6-QYyUH7GHZoZhVA&gdpr=0&gdpr_consent=null HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cacDFwiEQ6-QYyUH7GHZoZhVA&gdpr=0&gdpr_consent=null&google_gid=CAESEKTwCIArecInL_E0zqa0qYA&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 308
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=null HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=null HTTP 302
  • https://a.audrte.com/a?adform_uid=7160053622482955105 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19 HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&google_gid=CAESEKTwCIArecInL_E0zqa0qYA&google_cver=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=cacDFwiEQ6-QYyUH7GHZoZhVA&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D HTTP 302
  • https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 309
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=cacDFwiEQ6-QYyUH7GHZoZhVA&gdpr=0&gdpr_consent=null HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=cacDFwiEQ6-QYyUH7GHZoZhVA&gdpr=0&gdpr_consent=null
Request Chain 332
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6815395128319985&tz=-120&fl=0&rr=direct&s=2777852&bidid=113ba927bbf4ff2e&transactionid=36b5fc44-969c-4cbf-85b9-63c67b08ad80&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2 HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6815395128319985&tz=-120&fl=0&rr=direct&s=2777852&bidid=113ba927bbf4ff2e&transactionid=36b5fc44-969c-4cbf-85b9-63c67b08ad80&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Request Chain 333
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=4260908111633981&tz=-120&fl=0&rr=direct&s=2777852&bidid=11454aa2cddf7825&transactionid=b36ad888-3983-4d2f-8db2-32cee744c0d2&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2 HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=4260908111633981&tz=-120&fl=0&rr=direct&s=2777852&bidid=11454aa2cddf7825&transactionid=b36ad888-3983-4d2f-8db2-32cee744c0d2&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Request Chain 334
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6738821789312899&tz=-120&fl=0&rr=direct&s=2777852&bidid=1154bf3874b974e4&transactionid=2c15a3c9-8a25-4652-b15d-b4a6a5204e31&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2 HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6738821789312899&tz=-120&fl=0&rr=direct&s=2777852&bidid=1154bf3874b974e4&transactionid=2c15a3c9-8a25-4652-b15d-b4a6a5204e31&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Request Chain 335
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=58985650924949.78&tz=-120&fl=0&rr=direct&s=2777852&bidid=11672bb38dbc539e&transactionid=df9278c5-45f9-403d-b0c0-bc051d91d679&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2 HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=58985650924949.78&tz=-120&fl=0&rr=direct&s=2777852&bidid=11672bb38dbc539e&transactionid=df9278c5-45f9-403d-b0c0-bc051d91d679&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Request Chain 336
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=838417673802116.5&tz=-120&fl=0&rr=direct&s=2777852&bidid=117dcc8b5cb002dc&transactionid=3a4f7af2-8d75-46f8-bde9-1b997d48ecf3&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2 HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=838417673802116.5&tz=-120&fl=0&rr=direct&s=2777852&bidid=117dcc8b5cb002dc&transactionid=3a4f7af2-8d75-46f8-bde9-1b997d48ecf3&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1

350 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request allnews.html
nv.ua/
Redirect Chain
  • http://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3...
  • https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%...
91 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
800092769e38c69393e7e0f6e6812f26c12c7454af68c2d14fa0425cb0e427a5

Request headers

:method
GET
:authority
nv.ua
:scheme
https
:path
/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
date
Wed, 07 Apr 2021 15:18:34 GMT
set-cookie
XSRF-TOKEN=eyJpdiI6Ik42WmlWbDhUQzNvalhoWDNZSVgra0E9PSIsInZhbHVlIjoiNjRsenhhN1piV1hFdXpSNktMS09Ta0FOd0JZM3p0eFc3dFFSV0pMRTVDSHFzNkVFaXdSYXVtMDN3RDJKVk9yZFRTNjJqemVMQmU0RlVoRGI1dkVzaXhNL2pQQit2dHRnWjJGaE44RjQvU0VybjQrSlBKREZDV1ZPTXNDWFRhalAiLCJtYWMiOiI0M2QzNDllY2IwYThhMGViZjc5ZDg4OWU4M2ZmODQ5MGQ0ZWEzNjkzOWE4MDI4MzUyOTAyNWYwM2Q3ZTRjNmFhIn0%3D; expires=Wed, 07-Apr-2021 15:28:34 GMT; Max-Age=600; path=/; domain=nv.ua nvnew_session=eyJpdiI6Ilh2SCtIL3pWWFpaYWZSdGZlN2VmNnc9PSIsInZhbHVlIjoic3QrUlRLTVJOVHhRUWQ5K3I3aTdkL2h0dWpxRUY5eWFLdjR6VHlPazIwaS9ZUEoyc3BSMFlyeWE2N1MwSEdCZTRIMGZ6Z0tHVVpqdTh0L3piK0N2eklzdVFVcWpBVmNGZThjbkVoU2pQUlZyKzgybUhzSzhERnBSK0VqUWFXZXIiLCJtYWMiOiJlYTdjMzFkMzBjZjRlNWNlZTI4NGNkZTlhNjM1YzZlMGIzMzZiZGVkMGJkYTMzNGY1OWM0MDIwNzVmNDYxMGRmIn0%3D; expires=Wed, 07-Apr-2021 15:28:34 GMT; Max-Age=600; path=/; domain=nv.ua; httponly device_type=desktop; expires=Wed, 07-Apr-2021 15:28:34 GMT; Max-Age=600; path=/; domain=nv.ua
content-encoding
br

Redirect headers

Server
nginx
Date
Wed, 07 Apr 2021 15:18:33 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
icomoon.ttf
nv.ua/fonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nv.ua/fonts/icomoon.ttf?ac0b8b2ae7cb442ff8e3e5a66699f6d7
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
acb78f109a4a5b5c802f4951c81f7c5ac8998b00adb623e46620dc437b69e929

Request headers

Origin
https://nv.ua
Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Mon, 16 Mar 2020 21:45:05 GMT
server
nginx
etag
"5e6ff361-754c"
content-type
application/octet-stream
cache-control
max-age=31622400, max-age=31557600
accept-ranges
bytes
content-length
30028
expires
Fri, 08 Apr 2022 15:18:34 GMT
nvua-icons.woff2
nv.ua/fonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nv.ua/fonts/nvua-icons.woff2?02836d3970fb4d607aad597e0eff230e
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
30b7ccfa12a2c42daec35ea57c2c277e7b3c873a53a9a85bef3e55322853a0e4

Request headers

Origin
https://nv.ua
Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Wed, 07 Apr 2021 13:40:58 GMT
server
nginx
etag
"606db66a-35a8"
content-type
font/woff2
cache-control
max-age=31622400, max-age=31557600
accept-ranges
bytes
content-length
13736
expires
Fri, 08 Apr 2022 15:18:34 GMT
styles_main.css
nv.ua/css/ 		424 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nv.ua/css/styles_main.css?3.344
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
76744a3be2fd9683d85859cd42db6b6a3f78098a8763072616772b7d68937c39

Request headers

Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
br
last-modified
Wed, 07 Apr 2021 13:42:13 GMT
server
nginx
etag
W/"606db6b5-6a00c"
content-type
text/css
cache-control
max-age=31622400, max-age=31557600
expires
Fri, 08 Apr 2022 15:18:34 GMT
label_nv.png
nv.ua/upload/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.ua/upload/label_nv.png
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
5f661bd0db00a7bf9f68a1630925f3f68983533ed3766287d39b69c3d7e970c3

Request headers

Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Mon, 16 Mar 2020 21:45:06 GMT
server
nginx
etag
"5e6ff362-2914"
content-type
image/png
cache-control
max-age=31622400, max-age=31557600
accept-ranges
bytes
content-length
10516
expires
Fri, 08 Apr 2022 15:18:34 GMT
/
images.weserv.nl/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://nv.ua/system/top_images/images/000/000/079/original/382846103a71e07d4bd9229da9b75010.png&q=85&output=webp
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
652377ab7d580a4124cc4d47f9704e5a4dcc6ddcb25b04e694a3c45bb1d602fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3816824
content-disposition
inline; filename=image.webp
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11006
cf-request-id
094e83029200004dd6d7097000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XdtiLU8rkpeZxhARnPbkF1863sEjccAWDRcFEjwhKn3yCwMNWNeqde23OvHYr%2BpQgnar9SjVbIDYW6MsHByLkM2WN5Aizw44ja9TTSUWDLYAQc%2FlyN0cfbSFDLdN"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab0ed904dd6-FRA
expires
Tue, 22 Feb 2022 11:00:27 GMT
gtm.js
www.googletagmanager.com/ 		118 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a980f4692ff779d4ad61947051f7c3751220cab55d1fdeaf6b73ee643e98be30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42564
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Apr 2021 15:18:34 GMT
wrapper_hb_285119_882.js
player.adtelligent.com/prebidlink/449391/ 		204 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/449391/wrapper_hb_285119_882.js
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
76d2932c72bc6eee0fe4d7f75828aa013df3ae07028184330d0b9c8a1abb279b

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 18:16:39 GMT
server
nginx
etag
W/"606ca587-330ce"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 07 Apr 2021 16:18:34 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
/
images.weserv.nl/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&url=https://nv.ua/system/Article/posters/002/310/804/300x150/6d198c80a04a6131a24e2831575f2323.jpg?stamp=20210407163617
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60138ac95b0a4f3de9b750b08b4ef13b1ec1fc1d3f54ffc7beb397457d9e23fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
5434
content-disposition
inline; filename=image.jpg
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14193
cf-request-id
094e83029700004dd60420f000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=70u9tGHtzKmC3f9iRC4Vod0u4uLu2XySGUDrRUv%2F5eXtMjjeN18mPDeiMrTT12ql1YL2XxF1uDOPjQvTKtKmB2R%2ByM1s4zuu7ta%2B67eCWhknJp7xcEEMZM7Yz%2FMD"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab0fda74dd6-FRA
expires
Thu, 07 Apr 2022 13:47:20 GMT
/
images.weserv.nl/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&url=https://nv.ua/system/Article/posters/002/310/788/300x150/c8b25e49bbefbccaddfdd70fa2885923.jpg?stamp=20210407160713
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3099ac9af9882acead3c56398aba8e7c303ec6c3e2e395f666f40bd0510ae5e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7008
content-disposition
inline; filename=image.jpg
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6924
cf-request-id
094e83029a00004dd6a3989000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qkuHkgvzf8WL6iLy9aSz0RiVhz1CLHJIIgBb4co8Mn3iobBgYmtAQeViImW%2F5knWHEjcYnEQ7H4cDqq9cKMwyRC2k4rMIX3SdPUDju3dC407%2FeoDyZxVRP2Vmaaa"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab0fdaa4dd6-FRA
expires
Thu, 07 Apr 2022 13:21:46 GMT
/
images.weserv.nl/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&url=https://nv.ua/system/Article/posters/002/310/660/300x150/ae463f39d7acdccb5eedc01c2e9e009d.jpg?stamp=20210407123749
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35343e080a770f8f56e0862265a7db5eca0ccd0448fb8b6ae5820da73055b8d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
9845
content-disposition
inline; filename=image.jpg
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15260
cf-request-id
094e83029800004dd6b3b9f000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DtE71wbLpNJD1r26%2FdSrBvpPgSIQDOz7jbV8SacZoZzn%2BVs%2Bjz29eeexyK%2BmLj8P86fwLF9UPcxPpZDmk2Ou8CY73v48Fl21UA9gAVHjK%2FqvEFlRXppbdVrdzIlb"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab0fdab4dd6-FRA
expires
Thu, 07 Apr 2022 12:34:29 GMT
main_scripts.min.js
nv.ua/scripts/ 		97 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nv.ua/scripts/main_scripts.min.js?3.344
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
af2f3a56f03af12beb410aefc703ad0fe7ec3da5df2f6bd25a1b9d34e040eeb7

Request headers

Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
br
last-modified
Wed, 07 Apr 2021 13:40:59 GMT
server
nginx
etag
W/"606db66b-18374"
content-type
application/javascript
cache-control
max-age=31622400, max-age=31557600
expires
Fri, 08 Apr 2022 15:18:34 GMT
after_scripts.min.js
nv.ua/scripts/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nv.ua/scripts/after_scripts.min.js?3.344
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
7ad56205516bec6fb9a3e6ab708aaa4113951400f5c6bf67f01f279a512a31c8

Request headers

Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
br
last-modified
Wed, 07 Apr 2021 13:42:13 GMT
server
nginx
etag
W/"606db6b5-67ab"
content-type
application/javascript
cache-control
max-age=31622400, max-age=31557600
expires
Fri, 08 Apr 2022 15:18:34 GMT
css
fonts.googleapis.com/ 		4 KB
731 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,700&display=swap&subset=cyrillic-ext
Requested by
Host: nv.ua
URL: https://nv.ua/css/styles_main.css?3.344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b216b43f9b11a8ceaf584e09277b78e39f205ecbe4a871c9c974a7d8ff116bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 15:11:24 GMT
server
ESF
date
Wed, 07 Apr 2021 15:18:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Apr 2021 15:18:34 GMT
css
fonts.googleapis.com/ 		10 KB
995 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic-ext
Requested by
Host: nv.ua
URL: https://nv.ua/css/styles_main.css?3.344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f2cd7f69651e0b2958aad2c842b4e4e8a7c13cb883e5ed7f87d930a1079c0d9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 13:27:41 GMT
server
ESF
date
Wed, 07 Apr 2021 15:18:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Apr 2021 15:18:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
14156890614107234780
vary
Accept-Encoding, Origin
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 07 Apr 2021 15:18:34 GMT
o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2
fonts.gstatic.com/s/notosans/v12/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc06e0839b8c3e8054a4daaba2fa9ed5a4d0d509a3ffbe3799cc749f7bc4720c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nv.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 18:40:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:50:13 GMT
server
sffe
age
592669
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10812
x-xss-protection
0
expires
Thu, 31 Mar 2022 18:40:45 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v12/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nv.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 18:30:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:43:44 GMT
server
sffe
age
593255
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
expires
Thu, 31 Mar 2022 18:30:59 GMT
2317.html
podcasts.nv.ua/embed_v2/ Frame 3F64 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://podcasts.nv.ua/embed_v2/2317.html
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
f7b250566eed1a676bbe25f093daa798fb7b2bb1520a981ba0c9845c20d62d00

Request headers

:method
GET
:authority
podcasts.nv.ua
:scheme
https
:path
/embed_v2/2317.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nv.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
XSRF-TOKEN=eyJpdiI6Ik42WmlWbDhUQzNvalhoWDNZSVgra0E9PSIsInZhbHVlIjoiNjRsenhhN1piV1hFdXpSNktMS09Ta0FOd0JZM3p0eFc3dFFSV0pMRTVDSHFzNkVFaXdSYXVtMDN3RDJKVk9yZFRTNjJqemVMQmU0RlVoRGI1dkVzaXhNL2pQQit2dHRnWjJGaE44RjQvU0VybjQrSlBKREZDV1ZPTXNDWFRhalAiLCJtYWMiOiI0M2QzNDllY2IwYThhMGViZjc5ZDg4OWU4M2ZmODQ5MGQ0ZWEzNjkzOWE4MDI4MzUyOTAyNWYwM2Q3ZTRjNmFhIn0%3D; nvnew_session=eyJpdiI6Ilh2SCtIL3pWWFpaYWZSdGZlN2VmNnc9PSIsInZhbHVlIjoic3QrUlRLTVJOVHhRUWQ5K3I3aTdkL2h0dWpxRUY5eWFLdjR6VHlPazIwaS9ZUEoyc3BSMFlyeWE2N1MwSEdCZTRIMGZ6Z0tHVVpqdTh0L3piK0N2eklzdVFVcWpBVmNGZThjbkVoU2pQUlZyKzgybUhzSzhERnBSK0VqUWFXZXIiLCJtYWMiOiJlYTdjMzFkMzBjZjRlNWNlZTI4NGNkZTlhNjM1YzZlMGIzMzZiZGVkMGJkYTMzNGY1OWM0MDIwNzVmNDYxMGRmIn0%3D; device_type=desktop
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nv.ua/

Response headers

server
nginx
date
Wed, 07 Apr 2021 15:18:34 GMT
content-type
text/html
content-length
2241
content-encoding
gzip
redis-cache-key
laravel:redis-responsecache:GET:podcasts.nv.ua/embed_v2/2317.html:desktop
cache-control
max-age=30
author-arrow.svg
nv.ua/images/ 		419 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.ua/images/author-arrow.svg
Requested by
Host: nv.ua
URL: https://nv.ua/css/styles_main.css?3.344
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23

Request headers

Referer
https://nv.ua/css/styles_main.css?3.344
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Mon, 16 Mar 2020 21:45:05 GMT
server
nginx
etag
"5e6ff361-1a3"
content-type
image/svg+xml
cache-control
max-age=31622400, max-age=31557600
accept-ranges
bytes
content-length
419
expires
Fri, 08 Apr 2022 15:18:34 GMT
main-news-icon.png
nv.ua/images/ 		607 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.ua/images/main-news-icon.png
Requested by
Host: nv.ua
URL: https://nv.ua/css/styles_main.css?3.344
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
f847059cba2fe6b6f8c5bf2092c5b765db9b81710b3631523a057a6b4dd549c5

Request headers

Referer
https://nv.ua/css/styles_main.css?3.344
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Mon, 16 Mar 2020 21:45:05 GMT
server
nginx
etag
"5e6ff361-25f"
content-type
image/png
cache-control
max-age=31622400, max-age=31557600
accept-ranges
bytes
content-length
607
expires
Fri, 08 Apr 2022 15:18:34 GMT
o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
fonts.gstatic.com/s/notosans/v12/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d6464c93e8743d8773dd26c4daa08ff90201029322b1e2ec5f6ddc5599170e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nv.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 19:36:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:50:34 GMT
server
sffe
age
589312
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10504
x-xss-protection
0
expires
Thu, 31 Mar 2022 19:36:42 GMT
ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v9/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700&display=swap&subset=cyrillic-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nv.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:52 GMT
server
sffe
age
450897
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23924
x-xss-protection
0
expires
Sat, 02 Apr 2022 10:03:37 GMT
ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2
fonts.gstatic.com/s/notoserif/v9/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700&display=swap&subset=cyrillic-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9aeb04131df1322b44d201b4298aff834e34a31cf3fc2e72dc2341896bff49d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nv.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:51 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:53 GMT
server
sffe
age
450883
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18288
x-xss-protection
0
expires
Sat, 02 Apr 2022 10:03:51 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v12/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nv.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 18:29:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:50:31 GMT
server
sffe
age
593339
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
expires
Thu, 31 Mar 2022 18:29:35 GMT
nvua-icons.woff2
nv.ua/fonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nv.ua/fonts/nvua-icons.woff2?900a114597cef91c2802bd29fb8a5f2d
Requested by
Host: nv.ua
URL: https://nv.ua/css/styles_main.css?3.344
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
30b7ccfa12a2c42daec35ea57c2c277e7b3c873a53a9a85bef3e55322853a0e4

Request headers

Origin
https://nv.ua
Referer
https://nv.ua/css/styles_main.css?3.344
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Wed, 07 Apr 2021 13:40:58 GMT
server
nginx
etag
"606db66a-35a8"
content-type
font/woff2
cache-control
max-age=31622400, max-age=31557600
accept-ranges
bytes
content-length
13736
expires
Fri, 08 Apr 2022 15:18:34 GMT
ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v9/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700&display=swap&subset=cyrillic-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nv.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:59 GMT
server
sffe
age
450897
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27344
x-xss-protection
0
expires
Sat, 02 Apr 2022 10:03:37 GMT
ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
fonts.gstatic.com/s/notoserif/v9/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700&display=swap&subset=cyrillic-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd15990b17d2d9fc3f84859e5cc778ee22113b01592f5d98433d44ca4a4ffee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nv.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:24 GMT
server
sffe
age
450893
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16064
x-xss-protection
0
expires
Sat, 02 Apr 2022 10:03:41 GMT
/
images.weserv.nl/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&w=115&url=https://nv.ua/system/opinion_authors/avatars/000/008/343/original/417eb6dc1646121a147cff707a55063b.png?stamp=1
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b605bee497d0e562ad56c31196c8e41ef05c17e9f931cfa5c1da9996b24a69a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3541346
content-disposition
inline; filename=image.png
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11842
cf-request-id
094e83031a00004dd625093000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8RqyNwgC05B8PJNxRZJlAm30u3TUqYJgq4JpdVuf1dLkZYPmNyK7zXu0Il2OX5ZPU%2BQ0LvyY46wvru9mkq0EvkEvAtE4TK3ar2nkuKQ03oSSIedVZDgec5u30SY2"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1cfd94dd6-FRA
expires
Fri, 25 Feb 2022 15:36:08 GMT
/
images.weserv.nl/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&w=115&url=https://nv.ua/system/opinion_authors/avatars/000/009/001/original/e0bf19190417594cd9b6018f4fb68ef5.png?stamp=1
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50a1a5013c78162d8faf9f0f2d3de81f187b7c25d4ccb649abdb42dee70c51cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
8563
content-disposition
inline; filename=image.png
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11483
cf-request-id
094e83031b00004dd6e8b4f000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=prHgV5XklpnO0SLaRctIIInscNbOtZn%2FedRh44G3NeGTb2GercEb%2BzVlUVR1LdM8pnhbNAmzjoIZaWyACNwEDRA1ND7fGXhlCOf1VIBCuAV99kKj3YRmBrx8SR5g"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1cfe14dd6-FRA
expires
Thu, 07 Apr 2022 12:55:51 GMT
/
images.weserv.nl/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&w=115&url=https://nv.ua/system/opinion_authors/avatars/000/009/591/original/8808a5ae8ba9e53b299d59268bb48687.png?stamp=1
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81614fd68f45143c48a078e0e415aa77646a3ff1b2ca773ef30b3206901d5907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2009487
content-disposition
inline; filename=image.png
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11785
cf-request-id
094e83031b00004dd60d343000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SUTjbgdtJRWiyXkJ%2B6MpupZMiPGqtRHKCvklc1yaV3xsVayYaabLFAAkTeSYm9wrO9HG9RyTEMRWcr%2B23gSvpcEMHEDM09hqKz1NyugxfsSgilbzEkLnhFiMZ3JF"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1cfe54dd6-FRA
expires
Tue, 15 Mar 2022 08:53:08 GMT
/
images.weserv.nl/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&w=115&url=https://nv.ua/system/opinion_authors/avatars/000/008/321/original/b56bb1ac81be9b40455e31650303bb1f.png?stamp=1
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d97ffb2b30f5e29c41c00c892d622a504d940ffccec9405a2a48b94aab80abb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4345091
content-disposition
inline; filename=image.png
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11175
cf-request-id
094e83031c00004dd6ed259000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t7OabGGp%2BeMk%2FJdMnQfu0rmthGarLsIdfRQ8y0SGPMyYRE0St26kDDcHPi2XZvdX7HzX2FeR5Y49sYv3Lr2vCvVeCbxwBYRhz%2BFh0bFURJtG%2BKe7XxwND2gF5IbU"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1cfe64dd6-FRA
expires
Wed, 16 Feb 2022 08:20:23 GMT
/
images.weserv.nl/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://nv.ua/system/top_images/images/000/000/073/original/56f8e158d9cc05e54d5627c59af2b517.png&q=75
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fa662ac6f167432774aedd5a0348e40c3d33e2e78aa888e19cc1924c881fe8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
96643
content-disposition
inline; filename=image.png
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7039
cf-request-id
094e83031c00004dd69e1e2000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1XK3OwwzvxFoFtOxg2Y6Iv%2Bi8qM3DznoDVfBuinM2nJ%2FG8euB7BSv0hYBCRUDXMsc%2B0h5ml933sC324fta5Z78gVxKPRH5Hqjq0fmKdzRmRoeDGnrQphFw6TCWqA"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1cfe84dd6-FRA
expires
Wed, 06 Apr 2022 12:27:36 GMT
/
images.weserv.nl/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://nv.ua/system/top_images/images/000/000/075/original/9c01ef32f3c4483332ca2e1a4b9a3b25.png&q=75
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
423c910658299c90e1b2809f08f076450854ec81c376bf39409c841ac06fd8ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
806090
content-disposition
inline; filename=image.png
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7447
cf-request-id
094e83031c00004dd6d0924000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JDovo3HvBCN%2Bx1xYi067nyjcoHHCB0hYP4xsyAsIp1Kg3WHNjw5fSmYjH7RPvi4R4m9duPvNkZgFy7wr4wHNmoCdKdg2zlQXAeRde7TG%2FEJl5VdGYk1aPii2%2FhpT"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1cfe94dd6-FRA
expires
Tue, 29 Mar 2022 07:22:02 GMT
/
images.weserv.nl/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://nv.ua/system/top_images/images/000/000/077/original/d187be42ef44424330736565db45efce.png&q=75
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
195a5ab426f1421a0aaf156f63d86957c1e3c626b4c5536e1c3a32184ad04ba4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
8979940
content-disposition
inline; filename=image.png
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4950
cf-request-id
094e83031d00004dd6acb29000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KhgjB%2BqyPpchCpLMgQzc%2FqTkXuGATzMmLCiCQjYyOS2T4JQKhiJY%2BRgwvLfokWVoXNrM9V5RfUJ5JsH%2BT2E2Kl64ejImMncQcQjqs2GqdKEy2lYtM3skbBpOKFX1"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1cfed4dd6-FRA
expires
Fri, 24 Dec 2021 16:50:28 GMT
/
images.weserv.nl/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/310/332/300x150/8b12c862821cb4d23d2fab59fca447a2.jpg?stamp=20210406172736
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691614a44753386c2c39ffbe50e1d16bac669f5553ddd3bbbb24ddc174b4f559
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
85837
content-disposition
inline; filename=image.webp
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11798
cf-request-id
094e83031d00004dd6a3997000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ul0OVJSx4WR5YDRCszPN8nNtVQ4DYojJY6FG9esJODvPIv7i%2Fgu1CTt4OFsS9y1%2Burv5o536h3GwlKNtXivKfN74DyfVBYAhq0QBr%2F0rkEFoUNWYAc8Ae8hgNCVP"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1cfef4dd6-FRA
expires
Wed, 06 Apr 2022 15:26:51 GMT
/
images.weserv.nl/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/310/168/300x150/434bb0854e655fc9cb289fc3770f7952.jpg?stamp=20210406130841
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee96656644210c739b6662323bfde275b6afffc5971fcea912339adb718946a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
37127
content-disposition
inline; filename=image.webp
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11856
cf-request-id
094e83032000004dd60b020000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xFHWrCxRgSV4WTymysgWWnwCSe33jCPEhFiL5CfFugnXrNpS9CFJt9nGt2xfGjvRtY6K%2B64CRr4himm8FaAfQfP0Ds5DHmDycul32D%2FAm0hdOyHN0C3UlNy4mOuB"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1cff04dd6-FRA
expires
Thu, 07 Apr 2022 04:59:47 GMT
/
images.weserv.nl/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/310/656/300x150/c5247093472c52c7cd84bb3d07cf72c1.jpg?stamp=20210407125223
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4702c2ee7718a18e83dca95881c9853db648864957b18960c42d061ecd2f4f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
8506
content-disposition
inline; filename=image.webp
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12026
cf-request-id
094e83031d00004dd6f1b2a000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LQ0Cj8glFqG0iRLb8pmJ1lbriNEM4%2B2Wu9bZNI%2FcxBO8BJYynMiS%2FXK%2FyaqaSj%2FoOHtV7epSZJq%2F1lz7PQ50s5DP4L7TUUhldHL%2FZWHZZbUwXxf49L1o24GAkIoF"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1cff34dd6-FRA
expires
Thu, 07 Apr 2022 12:56:21 GMT
/
images.weserv.nl/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://life.nv.ua/system/Article/posters/002/310/624/300x150/eb0f8fb2ac0cfee38ae219afe09b35d5.jpg?stamp=20210407113105
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df99a5070173827be07349205d264a810dc9a64a546756fa6d392aba06c369b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
10676
content-disposition
inline; filename=image.webp
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7730
cf-request-id
094e83032000004dd6f313e000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FM9Pxn9OD0lPmWfLqZKjKi%2BLBGfRiaYCFQdQXHv4R55hPRD1NHvyGl75D16LyHlQx6tY5ay3fljC5f175Y0WBoGRBMkMpWL8r21hjt8WPVunx3VTCD969dEen%2F0S"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1c8024dd6-FRA
expires
Thu, 07 Apr 2022 12:05:14 GMT
/
images.weserv.nl/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://life.nv.ua/system/Article/posters/002/310/836/300x150/6bbb15f4ee7d1b2577b14e3402981f4a.jpg?stamp=20210407170557
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c08143b63f03aef908297a8787da1123973b7cfada7ea0c515e682d8617f26b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3124
content-disposition
inline; filename=image.webp
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8680
cf-request-id
094e83032100004dd607bba000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tm91ajRGe1EjzCNLflEJvksxADfWtX%2BVU0JhgpnSumZ17r2XUC%2B%2FwPPFwWHY88BOBI%2FNYw1qyY6ZeyawmB2KzccK%2B6LyRBGhLuAP7K7EbxJSuH6wyZZSqTo6rcZ8"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1c8054dd6-FRA
expires
Thu, 07 Apr 2022 14:26:30 GMT
/
images.weserv.nl/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://life.nv.ua/system/Article/posters/002/310/520/300x150/07abe269015a87220f9c582c2696f040.jpg?stamp=20210407073428
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
095ca32104906696ff483d496c7515d65ca0f146dba5f336d8281e348b937fa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
237
content-disposition
inline; filename=image.webp
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7590
cf-request-id
094e83032100004dd6c6b00000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GeTGKssb7cJ736IjMhXPNU9l7FlKke1NMeWEvQeSHD73t8usgkYxOwWI0FhnULachmHAfSyo0rol3vt9uX03kiyEvFpK8IlVE2SGXqzCtkNAfC4qZRTmpB1NhKmW"}],"max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab1c8074dd6-FRA
expires
Thu, 07 Apr 2022 15:13:52 GMT
xgemius.js
gaua.hit.gemius.pl/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
a127af41d27c28c65f968b49a6523c642374f983741f50eb822989c6a78c3111

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 11:13:20 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
accept-ranges
none
content-type
application/x-javascript
content-length
10549
expires
Thu, 08 Apr 2021 03:18:34 GMT
spinner.svg
nv.ua/images/ 		351 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.ua/images/spinner.svg
Requested by
Host: nv.ua
URL: https://nv.ua/css/styles_main.css?3.344
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
4ac5a55227dbb54e7d3dcb2f172ad9aa0088b749ae04b7cd9ccad8ab4752c67e

Request headers

Referer
https://nv.ua/css/styles_main.css?3.344
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Mon, 16 Mar 2020 21:45:05 GMT
server
nginx
etag
"5e6ff361-15f"
content-type
image/svg+xml
cache-control
max-age=31622400, max-age=31557600
accept-ranges
bytes
content-length
351
expires
Fri, 08 Apr 2022 15:18:34 GMT
o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
fonts.gstatic.com/s/notosans/v12/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0042d508c0caeb7dc0fe620937e0edd5ec719587315f3cfe76d020341d2a9cb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nv.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 18:40:22 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:55:46 GMT
server
sffe
age
592692
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15312
x-xss-protection
0
expires
Thu, 31 Mar 2022 18:40:22 GMT
1.html
nv.ua/get_additional_blocks/ 		42 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nv.ua/get_additional_blocks/1.html
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
85c4748941a16439602b38abf464d0f40be68a0372f8d8153724ec2e3b6846a0

Request headers

Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
gzip
server
nginx
cache-control
max-age=360
redis-cache-key
laravel:redis-responsecache:GET:nv.ua/get_additional_blocks/1.html:desktop
content-length
8350
content-type
text/html
web-vitals.umd.js
unpkg.com/web-vitals@1.1.0/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7216241
vary
Accept-Encoding
cf-request-id
094e83039700004ec1d800a000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
d15d9e99045a3a699dbcf3161348897b
cache-control
public, max-age=31536000
cf-ray
63c43ab289804ec1-FRA
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
6759
date
Wed, 07 Apr 2021 13:25:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Wed, 07 Apr 2021 15:25:55 GMT
59bikxsf9x
www.clarity.ms/tag/ 		445 B
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/59bikxsf9x
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
38467c8be3a3ab05b8878935bbbdc1c22c7907fc3d30856d66ce1c78fcfa8199

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
gzip
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache, no-store
x-azure-ref
0Ss1tYAAAAADnfV6TqL4VSYvZ2yhpUDGNTE9OMjFFREdFMTUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires
-1
hb_285119_882.js
player.adtelligent.com/prebidlink/ex18725/ 		299 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449391/wrapper_hb_285119_882.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
0e09ec511519a836eaa2b69cc359db14850b0934820ddcbe99dd3dd8d6859583

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 10:28:41 GMT
server
nginx
etag
W/"6066f1d9-4ac5a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 07 Apr 2021 16:18:34 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
593fd02481825f18ff779a0505d6e3117b245059df8eb40469c5464b622c3379
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"835 / 593 of 1000 / last-modified: 1617794396"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20259
x-xss-protection
0
expires
Wed, 07 Apr 2021 15:18:34 GMT
gray-logo.svg
nv.ua/images/new-markup-images/ 		2 KB
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.ua/images/new-markup-images/gray-logo.svg
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
11a2ee3491b0b720c8f6d5f2cdd8ca808ec01265c87c526ff7e2b8c8d37daf8f

Request headers

Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
br
last-modified
Wed, 07 Apr 2021 13:40:58 GMT
server
nginx
etag
W/"606db66a-649"
content-type
image/svg+xml
cache-control
max-age=31622400, max-age=31557600
expires
Fri, 08 Apr 2022 15:18:34 GMT
google-play.png
nv.ua/images/new-markup-images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.ua/images/new-markup-images/google-play.png
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
6ce16b17ebe2280f01910b3f6d148232792dbc2e6a25afd275ec52a631cce9c1

Request headers

Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Wed, 07 Apr 2021 13:40:58 GMT
server
nginx
etag
"606db66a-f7d"
content-type
image/png
cache-control
max-age=31622400, max-age=31557600
accept-ranges
bytes
content-length
3965
expires
Fri, 08 Apr 2022 15:18:34 GMT
app-store.png
nv.ua/images/new-markup-images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.ua/images/new-markup-images/app-store.png
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
84b0149a6fb9f938c2833204abde9e572889047723378d59b89313b29ed4e4cd

Request headers

Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Wed, 07 Apr 2021 13:40:58 GMT
server
nginx
etag
"606db66a-8a2"
content-type
image/png
cache-control
max-age=31622400, max-age=31557600
accept-ranges
bytes
content-length
2210
expires
Fri, 08 Apr 2022 15:18:34 GMT
apple-podcasts.png
nv.ua/images/podcasts/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.ua/images/podcasts/apple-podcasts.png
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
e1f46f93c333a310963797741efa2067c60f63529ebe4473f0b77d07e81ef440

Request headers

Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Thu, 01 Apr 2021 09:28:24 GMT
server
nginx
etag
"60659238-10c4"
content-type
image/png
cache-control
max-age=31622400, max-age=31557600
accept-ranges
bytes
content-length
4292
expires
Fri, 08 Apr 2022 15:18:34 GMT
google-podcasts.png
nv.ua/images/podcasts/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.ua/images/podcasts/google-podcasts.png
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
522d603dd6008fee8d3091d8ddedfe5ab28bf33decb01a712ce9d6e685f2c306

Request headers

Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Thu, 01 Apr 2021 09:28:24 GMT
server
nginx
etag
"60659238-ce4"
content-type
image/png
cache-control
max-age=31622400, max-age=31557600
accept-ranges
bytes
content-length
3300
expires
Fri, 08 Apr 2022 15:18:34 GMT
depositphotos.png
nv.ua/images/new-markup-images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.ua/images/new-markup-images/depositphotos.png
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
f7f52e50ed0c97f5e4f84df7e8ecaaac18316de0e409e3be6bc21d71b61fa1c0

Request headers

Referer
https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Wed, 07 Apr 2021 13:40:58 GMT
server
nginx
etag
"606db66a-d58"
content-type
image/png
cache-control
max-age=31622400, max-age=31557600
accept-ranges
bytes
content-length
3416
expires
Fri, 08 Apr 2022 15:18:34 GMT
js
www.googletagmanager.com/gtag/ Frame 3F64 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FYXW5GD65L
Requested by
Host: podcasts.nv.ua
URL: https://podcasts.nv.ua/embed_v2/2317.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9fb640f38da945aad19b70f2866fb5c98cf1b18c60ebf3bff2740c7a2f351e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://podcasts.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50369
x-xss-protection
0
expires
Wed, 07 Apr 2021 15:18:34 GMT
playerjs_new_embed.js
podcasts.nv.ua/scripts/ Frame 3F64 		524 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://podcasts.nv.ua/scripts/playerjs_new_embed.js
Requested by
Host: podcasts.nv.ua
URL: https://podcasts.nv.ua/embed_v2/2317.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv1.nv.ua
Software
nginx /
Resource Hash
65db01ca75ddc2799c6d75473611717980a4549684da1f8021ec163e2b12ed59

Request headers

Referer
https://podcasts.nv.ua/embed_v2/2317.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
br
last-modified
Wed, 07 Apr 2021 13:40:59 GMT
server
nginx
etag
W/"606db66b-831c0"
content-type
application/javascript
cache-control
max-age=31622400, max-age=31557600
expires
Fri, 08 Apr 2022 15:18:34 GMT
tracking
ghb.adtelligent.com/adunit/ 		43 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=285119&site_id=882&full_page_url=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&adid=7ljdfr.8c&utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&vpbv=0772&lifecycle_tte=1609
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449391/wrapper_hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://nv.ua
Date
Wed, 07 Apr 2021 15:18:34 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
collect
stats.g.doubleclick.net/j/ 		4 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-51943557-1&cid=670222609.1617808715&jid=2135157061&gjid=1410262176&_gid=797972192.1617808715&_u=YGBAgEABAAAAAE~&z=1876473480
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 07 Apr 2021 15:18:34 GMT
content-type
text/plain
access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=2076548838&t=pageview&_s=1&dl=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0.%20%D0%92%D1%81%D0%B5%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%9D%D0%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=2135157061&gjid=1410262176&cid=670222609.1617808715&uid=0&tid=UA-51943557-1&_gid=797972192.1617808715&gtm=2wg3v0WKM63L&cd2=-120&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd11=0&cd12=none&z=816954080
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:54:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69825
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fpdata.js
gaua.hit.gemius.pl/ 		274 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=nv.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
426daea17bea7872e39b0e54d9d1a04c490468d43e6ad605dd88ac3d90ea3322

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
274
expires
Fri, 07 May 2021 15:18:34 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=2076548838&t=event&ni=1&_s=2&dl=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0.%20%D0%92%D1%81%D0%B5%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%9D%D0%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ev=1228&_u=aHBAgEABAAAAAE~&jid=&gjid=&cid=670222609.1617808715&uid=0&tid=UA-51943557-1&_gid=797972192.1617808715&gtm=2wg3v0WKM63L&cd2=-120&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd11=0&cd12=none&z=646224068
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:54:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69825
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021040101.js
securepubads.g.doubleclick.net/gpt/ 		286 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 08:39:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103004
x-xss-protection
0
expires
Wed, 07 Apr 2021 15:18:34 GMT
clarity.js
www.clarity.ms/eus2/s/0.6.10/ 		45 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/s/0.6.10/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/59bikxsf9x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
601ecef6383d02e04903fdf3dd7cfdd968fb09973e39f74b583eb7b9773e8f0e

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:34 GMT
content-encoding
br
etag
"1d721c30b2432e0"
last-modified
Thu, 25 Mar 2021 22:06:02 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=86400
x-azure-ref
0Ss1tYAAAAAASkrFdhwyAR7HLNT9UKQPvTE9OMjFFREdFMTUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=D4F30DBACBB34C31BA2912BBE8AE0F3C&RedC=c.clarity.ms&MXFR=3E813D07DD606A0A002E2D15D96064DF
  • https://c.clarity.ms/c.gif?CtsSyncId=D4F30DBACBB34C31BA2912BBE8AE0F3C&MUID=27BE23EC4C7167B02E9A33FE4DA3665B
42 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=D4F30DBACBB34C31BA2912BBE8AE0F3C&MUID=27BE23EC4C7167B02E9A33FE4DA3665B
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:34 GMT
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"506f5bd17ad71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:34 GMT
x-msedge-ref
Ref A: 607977ECD9AA4A80A49D92F754563092 Ref B: FRAEDGE1209 Ref C: 2021-04-07T15:18:35Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=D4F30DBACBB34C31BA2912BBE8AE0F3C&MUID=27BE23EC4C7167B02E9A33FE4DA3665B
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-51943557-1&cid=670222609.1617808715&jid=2135157061&_u=YGBAgEABAAAAAE~&z=1657196721
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-51943557-1&cid=670222609.1617808715&jid=2135157061&_u=YGBAgEABAAAAAE~&z=1657196721
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 3F64 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
081c2dad5676b884ff231278bdff6043faca62a397ad3bac79f1b2c1871bd9bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://podcasts.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 13:38:01 GMT
server
ESF
date
Wed, 07 Apr 2021 15:18:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Apr 2021 15:18:35 GMT
/
images.weserv.nl/ Frame 3F64 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?output=jpg&q=80&w=200&url=https://podcasts.nv.ua/system/program/poster/posters/000/000/006/original/063acee68bca5be9f79e42fae96c273b.jpg
Requested by
Host: podcasts.nv.ua
URL: https://podcasts.nv.ua/embed_v2/2317.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5631e6baefe98ba1a122c2326bb5c9713dd0682da1f8e2fe5e6ed3e795763a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://podcasts.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:35 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
598310
content-disposition
inline; filename=image.jpg
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6721
cf-request-id
094e83054100004dd6fe3c1000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mwCGA4SeeC%2BHLibFp%2Bu%2Byf15m1rHcG6fYD5IsDg%2Fe8Jo5Lf%2B17MZMsruhs4K75Bq0xZeEJti4PZ4zArVijOg9cq2XicJF6GXtcrZmotyVRT6Vnxb6FV%2FTAXBJ9jz"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab538be4dd6-FRA
expires
Thu, 31 Mar 2022 16:57:33 GMT
artworks-BFq1EJoWbTP7-0-t200x200.jpg
i1.sndcdn.com/ Frame 3F64 		0
0
90f0ee405ea2421393b98fabd3f8350f.png&w=35&h=35
images.nv.ua/system/opinion_authors/avatars/000/008/581/original/ Frame 3F64 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.nv.ua/system/opinion_authors/avatars/000/008/581/original/90f0ee405ea2421393b98fabd3f8350f.png&w=35&h=35
Requested by
Host: podcasts.nv.ua
URL: https://podcasts.nv.ua/embed_v2/2317.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.96.188 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
nv2.nv.ua
Software
nginx /
Resource Hash
b657b436888daa1644bb6ee01c6d83003a8169870de6e268388e97508f05a077

Request headers

Referer
https://podcasts.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:35 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
inline; filename=image.png
content-length
1984
expires
Thu, 07 Apr 2022 15:18:35 GMT
csyncs
ghb.adtelligent.com/ 		658 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=380897&aid2=380898&aid3=587777&aid4=605039&aid5=607661
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449391/wrapper_hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
9001da2f72b1fb8369e953c1cea98365285b833f67eca991c3ea1cececf3b533

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:35 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nv.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
331
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v12/ Frame 3F64 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://podcasts.nv.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 18:29:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:50:31 GMT
server
sffe
age
593340
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
expires
Thu, 31 Mar 2022 18:29:35 GMT
o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
fonts.gstatic.com/s/notosans/v12/ Frame 3F64 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d6464c93e8743d8773dd26c4daa08ff90201029322b1e2ec5f6ddc5599170e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://podcasts.nv.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 19:36:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:50:34 GMT
server
sffe
age
589313
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10504
x-xss-protection
0
expires
Thu, 31 Mar 2022 19:36:42 GMT
/
images.weserv.nl/ Frame 3F64 		802 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?q=85&w=35&h=35&bg=white&url=https://podcasts.nv.ua/system/narrators/images/000/000/008/original/0efb4d1523be9798d94e5d65f9d9747d.jpeg
Requested by
Host: podcasts.nv.ua
URL: https://podcasts.nv.ua/embed_v2/2317.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08caadf02a9ff00468b95007670e4507ac9e3e1e6429e5dffda1d21da4434800
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://podcasts.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api
5
date
Wed, 07 Apr 2021 15:18:35 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
598309
content-disposition
inline; filename=image.jpg
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
802
cf-request-id
094e8305e200004dd6b3806000000001
cf-bgj
csam-hash
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pOBTsud8ZVv6k%2BAwCpSlE0pp5758SoA7Y1m%2FZZ2IUDUzW9nw6afsMB4K67pdcEW1dzkiz%2F5oA4EasB2lGgU6jrMySU6me8ia9hMMFiBc%2FWFDWWMusB3TenFTdkxt"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
63c43ab63b954dd6-FRA
expires
Thu, 31 Mar 2022 16:49:45 GMT
collect
analytics.google.com/g/ Frame 3F64 		0
350 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FYXW5GD65L&gtm=2oe3v0&_p=897692485&sr=1600x1200&_gaz=1&ul=en-us&cid=670222609.1617808715&_s=1&dl=https%3A%2F%2Fpodcasts.nv.ua%2Fembed_v2%2F2317.html&dr=https%3A%2F%2Fnv.ua%2F&dt=&sid=1617808715&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYXW5GD65L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://podcasts.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://podcasts.nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ Frame 3F64 		0
63 B 		Other
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FYXW5GD65L&cid=670222609.1617808715&gtm=2oe3v0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYXW5GD65L
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://podcasts.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://podcasts.nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame 3F64 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FYXW5GD65L&cid=670222609.1617808715&gtm=2oe3v0&aip=1&z=1695551420
Requested by
Host: podcasts.nv.ua
URL: https://podcasts.nv.ua/embed_v2/2317.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://podcasts.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set csync
sync.adtelligent.com/ Frame F9E6
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=061a6dc1-6058-4727-ae6b-4b16b4b81c87
86 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=061a6dc1-6058-4727-ae6b-4b16b4b81c87
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449391/wrapper_hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://nv.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=2b719674595d7be7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nv.ua/

Response headers

Server
VertaMedia 1.0
Date
Wed, 07 Apr 2021 15:18:35 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=2b719674595d7be7; expires=Tue, 08 Jun 2021 15:18:35 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a319130=061a6dc1-6058-4727-ae6b-4b16b4b81c87; expires=Tue, 08 Jun 2021 15:18:35 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

set-cookie
viewer_token=061a6dc1-6058-4727-ae6b-4b16b4b81c87; path=/; domain=csync.loopme.me; Expires=Fri, 07-May-2021 15:18:35 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=061a6dc1-6058-4727-ae6b-4b16b4b81c87
content-length
0
date
Wed, 07 Apr 2021 15:18:35 GMT
server
_
sync.html
s.console.adtarget.com.tr/ Frame 4831 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=609096
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449391/wrapper_hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
6e74d7dbb84774e89bbb01d3ec2490647e716e7b59a3815772ef5113dbe03ead

Request headers

Host
s.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://nv.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nv.ua/

Response headers

Server
VertaMedia 1.0
Date
Wed, 07 Apr 2021 15:18:34 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
947
Access-Control-Allow-Origin
https://nv.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=2b719674595d7be7
35 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=2b719674595d7be7
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:36 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=2b719674595d7be7
Date
Wed, 07 Apr 2021 15:18:35 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
rexdot.js
gaua.hit.gemius.pl/__/_1617808715273/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1617808715273/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fnv.ua%2F...
  • https://gaua.hit.gemius.pl/__/_1617808715273/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fnv.ua...
169 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1617808715273/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=YCTcUdKNBddpAoA5ziUFoM9GFQEHbp6.miLjGWGO.aP.W7&vis=1
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
4bdf6ad8c02ed34d0d07f8116ca0aca393ad803b3b26a85fa67e0164208155ba

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:35 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Tue, 06 Apr 2021 15:18:35 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:35 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1617808715273/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=YCTcUdKNBddpAoA5ziUFoM9GFQEHbp6.miLjGWGO.aP.W7&vis=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Tue, 06 Apr 2021 15:18:35 GMT
config.json
player.adtelligent.com/exchange_rates/285082/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/285082/config.json?cb=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
7c59008c7a1085a99f7e1a4eb54d3f4e9ede9b37f66318a755b0dc71442e56d2

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 12:01:06 GMT
server
nginx
etag
W/"606d9f02-19c0"
content-type
application/json
access-control-allow-origin
https://nv.ua
expires
Wed, 07 Apr 2021 16:18:35 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nv.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nv.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		444 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2369844735986556&correlator=2827027828299966&output=ldjh&impl=fifs&eid=31060550%2C31060699%2C31060320%2C44739387&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210407&iu_parts=271925883%2Cnew_nv_brending&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080%7C810x60&prev_scp=lang%3Dru%26razdel%3D2457%26section%3D2457%26url%3Dhttps%253A%252F%252Fnv.ua%252Fallnews.html%26newnv%3D1%26only_selfpromo%3D0%26excl_cat%3DPREPOST&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1617808715&dt=1617808715377&dlt=1617808714271&idt=1052&frm=20&biw=1600&bih=1200&oid=3&adxs=-160&adys=0&adks=1595207724&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1920x-1&ga_vid=670222609.1617808715&ga_sid=1617808715&ga_hid=2076548838&ga_fc=false&fws=644&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
c130bf96d875728c1c3ad6be75dfbe49453a8d4bd1c591dada02a1ba5143671c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nv.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
543ff8d496f05274d4d8e0f4fbfaeba2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://543ff8d496f05274d4d8e0f4fbfaeba2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnv.ua%2F&domain=nv.ua&cw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://nv.ua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://nv.ua
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1817
date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnv.ua%2F&domain=nv.ua&cw=1
  • https://mug.criteo.com/sid?cpp=wgkeFXwwSG9aaTN3QTdKSDE4UFZFOERUUEJ5K25lOVg2Nk5MalkyK2V3Y0o5UHVEcXU5bk52SjNuV1dyVU90eGRDMFhUdllkT0pra0daZk5LNWtFYVY1RVYvdWNFQTB0TzdqZFJ4TEJKeEUzeUdoUXAxUUFpcEhsdnM0eF...
0
0
bid
ap.lijit.com/rtb/ 		94 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.15.0-11
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
f165e6927138fdc16e964a82b8d8f92619333ac5a691c950ede97b066da50d4a

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 07 Apr 2021 15:18:35 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nv.ua
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
cdb
bidder.criteo.com/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.15.0-11&cb=75847397903
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nv.ua
date
Wed, 07 Apr 2021 15:18:34 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
/
ghb.adtelligent.com/v2/auction/ 		2 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://nv.ua
Date
Wed, 07 Apr 2021 15:18:35 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
2
Content-Type
application/json; charset=UTF-8
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1584412&size_id=15&alt_size_ids=10%2C17&rp_schain=1.0,1!adtelligent.com,285119,1,,,&eid_pubcid.org=007ff2a2-da9a-4ca4-9093-3fb58d4c77a8%5E1&rf=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=53222bc8-afcf-4708-bef0-611ee75613d9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3597099542874411
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
90ce28d6308e40f35f50277d920678e4178ff2d6c2808650e3c7c4f298d87bf6

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:35 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://nv.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1584412&size_id=15&alt_size_ids=10&rp_schain=1.0,1!adtelligent.com,285119,1,,,&eid_pubcid.org=007ff2a2-da9a-4ca4-9093-3fb58d4c77a8%5E1&rf=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=29d86a0d-f248-4607-8489-3a556e556ce9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.13339396330035447
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
841fa945d142d65e894106bf8d8da792705b6152a7cdc689ef9110bf7dee8aba

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:35 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://nv.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adtelligent-d.openx.net/w/1.0/ 		173 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=53222bc8-afcf-4708-bef0-611ee75613d9%2C29d86a0d-f248-4607-8489-3a556e556ce9&nocache=1617808715492&pubcid=007ff2a2-da9a-4ca4-9093-3fb58d4c77a8&schain=1.0%2C1!adtelligent.com%2C285119%2C1%2C%2C%2C&aus=240x400%2C240x350%2C300x600%2C240x600%2C300x250%7C300x600%2C300x250&divIds=div-gpt-ad-1536739319652-0%2Cdiv-gpt-ad-1536828443963-0&auid=541177132%2C541177132
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
729f40b4dfc4dbceaf84e3c702e5aa82c04f44f39d4e55f24607fb3dae0554c5

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://nv.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nv.ua
date
Wed, 07 Apr 2021 15:18:35 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		495 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
a92c2065909c0a88c67ff41e0bc2b22f8cf58080c42fde39602c8fef605570bf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:35 GMT
X-Proxy-Origin
196.240.57.220; 196.240.57.220; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.144:80
AN-X-Request-Uuid
776f1b14-c569-4790-96a0-62a4e6eb76f0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nv.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
495
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ghb1.adtelligent.com/v2/auction/ 		481 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
9fdd07088a51f86cbfa3dd7c83256ab21e99ef54e9a157e00937d68bbfc3bdf6

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 07 Apr 2021 15:18:35 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nv.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
187
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=240x400%252C240x350%252C300x600%252C240x600%252C300x250&jst=hb&ord=9650328798446906&tz=-120&fl=0&rr=direct&s=2777838&bidid=3358b0d365b1fd&transactionid=5...
  • https://ads.betweendigital.com/adjson?sizes=240x400%252C240x350%252C300x600%252C240x600%252C300x250&jst=hb&ord=9650328798446906&tz=-120&fl=0&rr=direct&s=2777838&bidid=3358b0d365b1fd&transactionid=5...
2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=240x400%252C240x350%252C300x600%252C240x600%252C300x250&jst=hb&ord=9650328798446906&tz=-120&fl=0&rr=direct&s=2777838&bidid=3358b0d365b1fd&transactionid=53222bc8-afcf-4708-bef0-611ee75613d9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=240x400%252C240x350%252C300x600%252C240x600%252C300x250&jst=hb&ord=9650328798446906&tz=-120&fl=0&rr=direct&s=2777838&bidid=3358b0d365b1fd&transactionid=53222bc8-afcf-4708-bef0-611ee75613d9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://nv.ua
content-length
0
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=240x400%252C240x350%252C300x600%252C240x600%252C300x250&jst=hb&ord=1357688866185853.2&tz=-120&fl=0&rr=direct&s=2777839&bidid=34161fa589224d2&transactioni...
  • https://ads.betweendigital.com/adjson?sizes=240x400%252C240x350%252C300x600%252C240x600%252C300x250&jst=hb&ord=1357688866185853.2&tz=-120&fl=0&rr=direct&s=2777839&bidid=34161fa589224d2&transactioni...
2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=240x400%252C240x350%252C300x600%252C240x600%252C300x250&jst=hb&ord=1357688866185853.2&tz=-120&fl=0&rr=direct&s=2777839&bidid=34161fa589224d2&transactionid=53222bc8-afcf-4708-bef0-611ee75613d9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=240x400%252C240x350%252C300x600%252C240x600%252C300x250&jst=hb&ord=1357688866185853.2&tz=-120&fl=0&rr=direct&s=2777839&bidid=34161fa589224d2&transactionid=53222bc8-afcf-4708-bef0-611ee75613d9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://nv.ua
content-length
0
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=7392365229082625&tz=-120&fl=0&rr=direct&s=2777838&bidid=35166f52b180061&transactionid=29d86a0d-f248-4607-8489-3a556e556ce9...
  • https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=7392365229082625&tz=-120&fl=0&rr=direct&s=2777838&bidid=35166f52b180061&transactionid=29d86a0d-f248-4607-8489-3a556e556ce9...
2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=7392365229082625&tz=-120&fl=0&rr=direct&s=2777838&bidid=35166f52b180061&transactionid=29d86a0d-f248-4607-8489-3a556e556ce9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=300x600%252C300x250&jst=hb&ord=7392365229082625&tz=-120&fl=0&rr=direct&s=2777838&bidid=35166f52b180061&transactionid=29d86a0d-f248-4607-8489-3a556e556ce9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://nv.ua
content-length
0
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=4909784655604394&tz=-120&fl=0&rr=direct&s=2777839&bidid=36ce25b99caa9d3&transactionid=29d86a0d-f248-4607-8489-3a556e556ce9...
  • https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=4909784655604394&tz=-120&fl=0&rr=direct&s=2777839&bidid=36ce25b99caa9d3&transactionid=29d86a0d-f248-4607-8489-3a556e556ce9...
2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=4909784655604394&tz=-120&fl=0&rr=direct&s=2777839&bidid=36ce25b99caa9d3&transactionid=29d86a0d-f248-4607-8489-3a556e556ce9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Requested by
Host: nv.ua
URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=300x600%252C300x250&jst=hb&ord=4909784655604394&tz=-120&fl=0&rr=direct&s=2777839&bidid=36ce25b99caa9d3&transactionid=29d86a0d-f248-4607-8489-3a556e556ce9&auctionid=7ljdzz.uh&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://nv.ua
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		250 B
934 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9891c0ddf0a7156ec92f1cc430763b1960e44a793be61eea8a022cd9aafd75d1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:35 GMT
X-Proxy-Origin
196.240.57.220; 196.240.57.220; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.70:80
AN-X-Request-Uuid
fc9a4f37-6974-41ac-b780-c71999f5ef42
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nv.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/ 		324 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
979d6dfef399a18c7184be9aea7e253473cf3313f9ff3e2081a8cd3ac73cd7d5

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
094e83070d00002b2230a91000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DGhpG0%2BlSL6mevYBgnfVNlF4IMevIrKzzgB4UEWRx0RVUild76cpRGiMUlKt8lsqlE7yv3JaNfmYnBc15XWK4yd%2BOhovi2grrR1lvzlvQM5CPodXxy21RzEHoEVCEEFYmKj91g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/json
access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
63c43ab81f6e2b22-FRA
expires
0
prebid.1.0.aspx
inv-nets.admixer.net/ 		2 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.0.aspx?data={%22imps%22:[{%22id%22:10595,%22name%22:%22Admixer%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22admixer%22,%22entityId%22:3558,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%228f040cc2-9db5-48b6-b4ab-19fde33d0033%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:1283277,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%22007ff2a2-da9a-4ca4-9093-3fb58d4c77a8%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22007ff2a2-da9a-4ca4-9093-3fb58d4c77a8%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[240,400],[240,350],[300,600],[240,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-1536739319652-0%22,%22transactionId%22:%2253222bc8-afcf-4708-bef0-611ee75613d9%22,%22sizes%22:[[240,400],[240,350],[300,600],[240,600],[300,250]],%22bidId%22:%2246f19f772a4a986%22,%22bidderRequestId%22:%2245c9ca7c0fdcf21%22,%22auctionId%22:%227ljdzz.uh%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0}],%22referrer%22:%22https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2%22}
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 07 Apr 2021 15:18:35 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://nv.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
X-XSS-Protection
0
/
ghb2.adtelligent.com/v2/auction/ 		2 KB
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
54c11a2609e45599aba37f71e4783dfd8e292d3ab00fddfbfdde80c2bd909a47

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 07 Apr 2021 15:18:35 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nv.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
422
sync.html
s.adtelligent.com/ Frame FC51 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=609724
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
f5806bd70a7ad6cfdc31ee02f6ffd21dda1814cb647ca31a6f571c67e01cc952

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=2b719674595d7be7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 07 Apr 2021 15:18:35 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
925
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
Cookie set csync
sync.console.adtarget.com.tr/ Frame F82D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ROzRuSJyhi1Tw5CUOlDj&pi=admatic&tc=1
86 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ROzRuSJyhi1Tw5CUOlDj&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 07 Apr 2021 15:18:36 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=69e83e2a26d1fc0e; expires=Tue, 08 Jun 2021 15:18:36 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307080=ROzRuSJyhi1Tw5CUOlDj; expires=Tue, 08 Jun 2021 15:18:36 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

Redirect headers

date
Wed, 07 Apr 2021 15:18:35 GMT Wed, 07 Apr 2021 15:18:35 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ROzRuSJyhi1Tw5CUOlDj&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame 356E
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
7d9336348500bc6a97839c42cb271ca0404a865a5bafd12174fa2ff4d32bcc62

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Wed, 07 Apr 2021 15:18:35 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=AN3HAUIltVjjJEcv; path=/; domain=e-planning.net; expires=Wed, 05-Apr-2028 15:18:35 GMT; SameSite=None; Secure
expires
Wed, 07 Apr 2021 15:18:35 GMT
x-sid
AMS-731
content-encoding
gzip

Redirect headers

server
openresty
date
Wed, 07 Apr 2021 15:18:35 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-731
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C6BE 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=20318
Expires
Wed, 07 Apr 2021 20:57:13 GMT
Date
Wed, 07 Apr 2021 15:18:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame C612 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-237-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Host
js.adscale.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

x-amz-id-2
gP4kyJgm9jhO0VUUdLTBT2FWpFhQmCAW/re9IS8ZQIJX8fTLSq2/YHJz4jHPt+LSgIODv8ND+4c=
x-amz-request-id
TJ1Q7NA6JYQADF0B
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
ETag
"5550fca00caf055568d6ced373f2721f"
x-amz-version-id
ljUMRnw1Ux.L_G6sluuTuNwF_kYaf8ny
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1509
Cache-Control
max-age=300
Date
Wed, 07 Apr 2021 15:18:35 GMT
Connection
keep-alive
cookie
cm.adform.net/ Frame D7C8 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:method
GET
:authority
cm.adform.net
:scheme
https
:path
/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Wed, 07 Apr 2021 15:18:35 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame B55B 		251 B
601 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

:method
GET
:authority
cdn.admatic.com.tr
:scheme
https
:path
/user
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Wed, 07 Apr 2021 15:18:35 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-632
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cdn-edgestorageid
601
cdn-storageserver
DE-51
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-04-07 13:42:43
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
7403edb916370c33cd802c95c9b71fc7
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 4831
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-65630d45-18e5-4e38-a919-532042def264
86 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-65630d45-18e5-4e38-a919-532042def264
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

location
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-65630d45-18e5-4e38-a919-532042def264
date
Wed, 07 Apr 2021 15:18:35 GMT
server
Apache-Coyote/1.1
content-length
0
csync
sync.adtelligent.com/ Frame 4831
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=69e83e2a26d1fc0e
86 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=69e83e2a26d1fc0e
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=69e83e2a26d1fc0e
Date
Wed, 07 Apr 2021 15:18:36 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=wgkeFXwwSG9aaTN3QTdKSDE4UFZFOERUUEJ5K25lOVg2Nk5MalkyK2V3Y0o5UHVEcXU5bk52SjNuV1dyVU90eGRDMFhUdllkT0pra0daZk5LNWtFYVY1RVYvdWNFQTB0TzdqZFJ4TEJKeEUzeUdoUXAxUUFpcEhsdnM0eFdobzR3MTNxUkdhZndKSUg5ZXlvTnl1ZE1ZZFltWVlaWjFhaWk1eFZ1aFpla0FveFdlaDkxN0JzS2RDMGNSVVpZa3UyNFNGMnNKdU4zQ0hiTXRYMlo1dGU1SXdtS2JnPT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
968
date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
gzip
vary
Accept-Encoding
uu
ih.adscale.de/ Frame C612
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1617808715
  • https://ih.adscale.de/uu?cbfn=receive&t=1617808715&nut&uu=f65cd029e7164a47a77fedea8ac516de
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1617808715&nut&uu=f65cd029e7164a47a77fedea8ac516de
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4891b416e467416c885a566fa9a040bc179c0ca0cf2afafb931fdcc62dfc80ed

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:35 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1617808715&nut&uu=f65cd029e7164a47a77fedea8ac516de
date
Wed, 07 Apr 2021 15:18:35 GMT
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 25E0 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=101574
Expires
Thu, 08 Apr 2021 19:31:29 GMT
Date
Wed, 07 Apr 2021 15:18:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
bundle.js
cdn.admatic.com.tr/user/ Frame B55B 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
br
cdn-edgestorageid
601
cdn-storageserver
DE-51
cdn-cachedat
2021-04-02 10:23:41
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
afd6b47513a99f3de393a0b2bde2d4cb
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
um
u-ams02.e-planning.net/ Frame 356E
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D98397851985d2331
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=98397851985d2331
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=98397851985d2331
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:36 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:35 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=98397851985d2331
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
eplanning
sync.1rx.io/usersync2/ Frame 356E 		0
0
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 356E 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 06 Apr 2026 15:18:35 GMT
tm60118.js
tag.navdmp.com/ Frame 356E 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
gzip
cf-cache-status
HIT
age
622
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
094e8307fa0000d725a091e000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
63c43ab98e90d725-FRA
expires
Wed, 07 Apr 2021 16:08:13 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 356E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 06 Apr 2026 15:18:35 GMT
um
u-ams02.e-planning.net/ Frame 356E
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1556&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D4238ca06ef07aea3%26fi%3D98397851985d2331%26uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1556&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D4238ca06ef07aea3%26fi%3D98397851985d2331%26uid%3D%7BPUB_USER_ID%7D
  • https://u-ams02.e-planning.net/um?dc=4238ca06ef07aea3&fi=98397851985d2331&uid=31e2d0ee-4e9f-492e-b5f3-572caf59fc7c
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=4238ca06ef07aea3&fi=98397851985d2331&uid=31e2d0ee-4e9f-492e-b5f3-572caf59fc7c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:36 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=4238ca06ef07aea3&fi=98397851985d2331&uid=31e2d0ee-4e9f-492e-b5f3-572caf59fc7c
date
Wed, 07 Apr 2021 15:18:35 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
um
u-ams02.e-planning.net/ Frame 356E
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D98397851985d2331%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=98397851985d2331&uid=ea0d4234-ca82-40ba-a1c9-3748683086d8
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=98397851985d2331&uid=ea0d4234-ca82-40ba-a1c9-3748683086d8
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:36 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:35 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=98397851985d2331&uid=ea0d4234-ca82-40ba-a1c9-3748683086d8
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
b3lge2ec15b54ogift6ud21mkelaq730
ptag
a.audrte.com/ Frame 356E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.39.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
330823a9c88f77c9d63652d51e608d867c6f2b8c52cb188dba439a9b5b597e53

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:37 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 356E 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 06 Apr 2026 15:18:35 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 356E 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D98397851985d2331%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:35 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 356E
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D98397851985d2331
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.72.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:38 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Type
image/png
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Date
Wed, 07 Apr 2021 15:18:38 GMT
Server
nginx/1.14.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 356E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D98397851985d2331%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=98397851985d2331&uid=285258492267925334
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=98397851985d2331&uid=285258492267925334
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:36 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:35 GMT
X-Proxy-Origin
196.240.57.220; 196.240.57.220; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.40:80
AN-X-Request-Uuid
7701a29a-0c23-43e9-865a-7233a9016b66
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=98397851985d2331&uid=285258492267925334
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 356E 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D98397851985d2331%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:37 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 356E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-IUiF8P1E2uFgLYEcaBHIIaNlHGRo_vGHHyNAwZc-~A
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-IUiF8P1E2uFgLYEcaBHIIaNlHGRo_vGHHyNAwZc-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:37 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Wed, 07 Apr 2021 15:18:36 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-IUiF8P1E2uFgLYEcaBHIIaNlHGRo_vGHHyNAwZc-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame 356E
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D98397851985d2331%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=98397851985d2331&uid=caa40e5e9f084bac79b39925f4ca87f206b88a4d
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=98397851985d2331&uid=caa40e5e9f084bac79b39925f4ca87f206b88a4d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:40 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=98397851985d2331&uid=caa40e5e9f084bac79b39925f4ca87f206b88a4d
Date
Wed, 07 Apr 2021 15:18:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
test_dmp.html
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame 356E 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame 5B45
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KN7LJE5G-1G-IVG6; rsid=1|C9y6JkdC6P3ZTGan0csCYSLstLJKOZuDgxo6SpKfOA12wYWQOmrgL8OdY9WWjeHKKRWt2jyoYTD2eUmnUkmtBwX7pFAFiVc1oEFlO5nhCBsivGiqYKcxeOisJKG3Nw==; ses15=; vis15=48254^1; audit=1|0o8zzNO5o4YRb3mdZP/QDzVE/WzcjdOKPpWXxZAH+JAgSSxGodJSW3jIr/7B4nYVQXFQM5ICNxAdOKW1qRBjyg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Apr 2021 15:18:43 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Wed, 07 Apr 2021 15:18:35 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0974 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D98397851985d2331%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=20318
Expires
Wed, 07 Apr 2021 20:57:13 GMT
Date
Wed, 07 Apr 2021 15:18:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 25E0 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=4655369&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:33 GMT
Content-Length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 598C 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D98397851985d2331%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D98397851985d2331%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D98397851985d2331%26uid%3D

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=101574
Expires
Thu, 08 Apr 2021 19:31:29 GMT
Date
Wed, 07 Apr 2021 15:18:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
userconnect.js
js.adscale.de/ Frame C612 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-237-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Vg_Jp.ZJ2u3YbQXNKkA7T4fbgrmEYgFi
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
Server
AmazonS3
x-amz-request-id
FSVMN4NAT29K7A67
ETag
"98f37b242862929d9aef4bde91abc8ad"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Wed, 07 Apr 2021 15:18:35 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4485
x-amz-id-2
6QUOYCNbvtUL3ZhmW7J9md43BdYE0qwmy68DuImMhfbKvjQThSpN/VcdIjXp9gsf6kQf986OZ48=
csync
sync.console.adtarget.com.tr/ Frame C612 		86 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=f65cd029e7164a47a77fedea8ac516de
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif
d
ic.tynt.com/r/ Frame A6B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
ic.tynt.com
:scheme
https
:path
/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.adtelligent.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.adtelligent.com/

Response headers

server
nginx/1.16.1
date
Wed, 07 Apr 2021 15:18:42 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
/
onetag-sys.com/usync/ Frame 395F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
6f0381e6e77d76d8e275a7ba4e7b5d7844924c5fc8bd47fe5632f9b309d21409
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=59a18369e249bfb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.adtelligent.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.adtelligent.com/

Response headers

p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie
OTP=khhY-nehOBibIeKziHAAUqHbdpRzGBxcwlhkWbulolo; path=/; expires=Fri, 07 Apr 2023 15:18:45; domain=onetag-sys.com; SameSite=None; Secure
content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame FC51
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=2b719674595d7be7
35 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=2b719674595d7be7
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:36 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=2b719674595d7be7
Date
Wed, 07 Apr 2021 15:18:35 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
csync
sync.adtelligent.com/ Frame FC51
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:35 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Wed, 07 Apr 2021 15:18:35 GMT
Server
nginx
Location
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
csync
sync.adtelligent.com/ Frame FC51
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=ea0d4234-ca82-40ba-a1c9-3748683086d8
86 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=ea0d4234-ca82-40ba-a1c9-3748683086d8
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:35 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=ea0d4234-ca82-40ba-a1c9-3748683086d8
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
jtq6i135i0nl0lf4u5sn3iasim4hqctm
csync
sync.adtelligent.com/ Frame FC51
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=285258492267925334
86 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=285258492267925334
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:35 GMT
X-Proxy-Origin
196.240.57.220; 196.240.57.220; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.217:80
AN-X-Request-Uuid
acf70fcf-0758-4a0f-9673-ea5b4feab7d7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=285258492267925334
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.console.adtarget.com.tr/ Frame FC51
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=2b719674595d7be7
86 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=2b719674595d7be7
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Location
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=2b719674595d7be7
Date
Wed, 07 Apr 2021 15:18:35 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
userconnect
ih.adscale.de/ Frame C612 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1617808715889&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:35 GMT
content-length
149
content-type
application/javascript
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nv.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nv.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 15:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		887 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2369844735986556&correlator=1254365627197067&output=ldjh&impl=fifs&eid=31060550%2C31060699%2C31060320%2C44739387&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210407&iu_parts=271925883%2Cnew_nv_premium%2Cnew_nv_informer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=240x400%7C240x350%7C300x600%7C240x600%7C300x250%2C300x600%7C300x250&prev_scp=lang%3Dru%26razdel%3D2457%26section%3D2457%26url%3Dhttps%253A%252F%252Fnv.ua%252Fallnews.html%26newnv%3D1%26only_selfpromo%3D0%26excl_cat%3DPREPOST%7Clang%3Dru%26razdel%3D2457%26section%3D2457%26url%3Dhttps%253A%252F%252Fnv.ua%252Fallnews.html%26newnv%3D1%26only_selfpromo%3D0%26excl_cat%3DPREPOST&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1617808715&dt=1617808715925&dlt=1617808714271&idt=1052&frm=20&biw=1600&bih=1200&oid=3&adxs=1145%2C1115&adys=235%2C2724&adks=1542901095%2C3449308964&ucis=2%7C3&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&vis=1&dmc=8&scr_x=0&scr_y=0&psz=310x3527%7C310x3527&msz=300x600%7C300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=670222609.1617808715&ga_sid=1617808715&ga_hid=2076548838&ga_fc=false&fws=4%2C132&ohw=1600%2C1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
50b52ad74ac298797b6f8e784af3a0a532b3fd83b9471c7933d2ebd51d607b58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nv.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum.casalemedia.com/ Frame 43C6
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d38e43ea69752e80c8337281dee34a43315cd5d1a10c9a6c3d57f433aff6086

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YG3NTfMFHxS4zXOY16dCYAAA; CMPS=5237
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|45|39|218|41|3|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1757
Expires
Wed, 07 Apr 2021 15:18:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YG3NTfMFHxS4zXOY16dCYAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 07 Apr 2022 15:18:37 GMT CMPS=5237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 06 Jul 2021 15:18:37 GMT CMPRO=1102;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 06 Jul 2021 15:18:37 GMT CMST=YG3NTWBtzU0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 08 Apr 2021 15:18:37 GMT CMRUM3=bf606dcd4d05a0&03606dcd4d05a0&f1606dcd4d05a00&2d606dcd4d05a0&29606dcd4d05a00&27606dcd4d0b40&da606dcd4d27600&e6606dcd4d27600;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 07 Apr 2022 15:18:37 GMT

Redirect headers

Server
Apache
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 07 Apr 2021 15:18:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YG3NTfMFHxS4zXOY16dCYAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 07 Apr 2022 15:18:37 GMT CMPS=5237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 06 Jul 2021 15:18:37 GMT
/
spl.zeotap.com/ Frame 6F0F 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
282af816b2420501fa3ad796a712dfbd9a9f7360abf08ea42afa9c50ec1e0ff4

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 07 Apr 2021 15:18:39 GMT
content-type
text/html
set-cookie
__cfduid=dd8542653ef51bcc1781e3768ce7eaf5d1617808716; expires=Fri, 07-May-21 15:18:36 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=a2e0a5ae-819b-4945-796d-b4263e15b0e7; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%E6%B2%06b%1B%2C%E7%89%2B%BB%40%0B%D4%E5wi%96%5E%BF%2A%FF%F3M%1081t%EA6%7D%9D%A2%D6y%DFt%0Dk%C6%B8-%DCoO%A8%13N%E2%C5%21%AF%89%1BH%08%E4%5B%A4%A5%0A%5E%86d%EC%E8%CD%B5%DE%EF%EC+%08%BF%D4%82%C2C%E5%CD%9D%EF%B3%05%14%AFH%0D%C6%AC%13%C2%CF%E48%FBi%1C%0E%24%F7%FF%DE%03o%C4%07jL%BD%C1%F8%D8%25k%E5%8E%E9%8BP%7Ca%D5%D5%5E%5B%D3jy%FA%8Dh%A9%FB%F6%02%01%BB%94%EA%E2%FF%28O%CD%07%BD%0A%A7%1CO%A2%81%9D%AC%B8%5D%A3%D2ar%BB%AB%09%BF%15%28%FC; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
094e8308e7000005b31c8d6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63c43abb0bd405b3-FRA
content-encoding
br
map
ih.adscale.de/ Frame 7205
Redirect Chain
  • https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
  • https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
46308b77defa90c2585b8d4e803b43ad4f18cf28a0b3dcafe389d2aac1d8f9f1

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.adscale.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uu=08c2ea102d094e63877f747c7abf1bbc; cct=1617808716025
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.adscale.de/

Response headers

date
Wed, 07 Apr 2021 15:18:36 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2702
set-cookie
tu=4#518387733#48~~449391~449391~1#101~~449391~449391~1#39~~449391~449391~1#40~~449391~449391~1#42~~449391~449391~1#75~~449391~449391~1#108~~449391~449391~1#63~~449391~449391~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None cct=1617808716088; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None

Redirect headers

date
Wed, 07 Apr 2021 15:18:36 GMT
content-length
0
location
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
set-cookie
uu=08c2ea102d094e63877f747c7abf1bbc; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None cct=1617808716025; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None
PugMaster
image6.pubmatic.com/AdServer/ Frame 598C 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0a51d27b5d94b6cfa1f5c86af7bb349edccd7cba7a8250996119ea2ac4b049af

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:34 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 49C7
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8783245925063885997
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8783245925063885997
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1; chkChromeAb67Sec=1; DPSync3=1618963200%3A226_221_201_227; SyncRTB3=1618963200%3A71_81_22_189_230_56_7_8_166_78_220_21_222_161_88_5_165_176_54_204_3_55_13%7C1618617600%3A63%7C1618358400%3A67_223_2_15%7C1620345600%3A203%7C1619049600%3A35; KRTBCOOKIE_409=22966-vNdKcNZh8IIub5T9HrMiWmjW&KRTB&23212-vNdKcNZh8IIub5T9HrMiWmjW; PugT=1617808714; PUBMDCID=3; KRTBCOOKIE_57=22776-285258492267925334; SPugT=1617808717
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 07 Apr 2021 15:18:36 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-8783245925063885997; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-May-2021 15:18:36 GMT; path=/ PugT=1617808716; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-May-2021 15:18:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Jul-2021 15:18:36 GMT; path=/
X-lat
amspug014:0:362
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8783245925063885997
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame DC1A 		43 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 07 Apr 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1186
date
Wed, 07 Apr 2021 15:18:38 GMT
content-length
43
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 5415
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6948435543608522903
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6948435543608522903
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PUBMDCID=3; KRTBCOOKIE_22=14911-8673652470810723903; KRTBCOOKIE_27=16735-uid:3112606d-cd4e-4300-a06e-d592868289d1&KRTB&16736-uid:3112606d-cd4e-4300-a06e-d592868289d1&KRTB&23019-uid:3112606d-cd4e-4300-a06e-d592868289d1&KRTB&23114-uid:3112606d-cd4e-4300-a06e-d592868289d1; KRTBCOOKIE_391=22924-8555319055327058093&KRTB&23263-8555319055327058093; KRTBCOOKIE_1074=22956-e_0c62619d-751b-4a50-8123-02f8c2043b34; KADUSERCOOKIE=520B596F-DF7A-496B-AF2A-72ADC5553A9A; SPugT=1617808718; KRTBCOOKIE_377=6810-f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&KRTB&22918-f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&KRTB&23031-f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01; PugT=1617808720
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 07 Apr 2021 15:18:40 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6948435543608522903; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-May-2021 15:18:40 GMT; path=/ PugT=1617808720; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-May-2021 15:18:40 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Jul-2021 15:18:40 GMT; path=/
X-lat
lhrpug007:0:446
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 07 Apr 2021 15:18:40 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6948435543608522903; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6948435543608522903
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 3656
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIWHMwN0EyNXNBQUNseFk3c21QUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHXs07A25sAAClxY7smPQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=262024465861990039
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=262024465861990039&_bee_ppp=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACuQk7A25sAACh_I23Ciw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D262024465861990039%26bee_sync_partners%3Dpm%26bee_sync_...
  • https://match.prod.bidr.io/cookie-sync?userid=262024465861990039&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACuQk7A25sAACh_I23Ciw&pid=558502&do...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACuQk7A25sAACh_I23Ciw
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACuQk7A25sAACh_I23Ciw
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PUBMDCID=3; KRTBCOOKIE_22=14911-8673652470810723903; KRTBCOOKIE_27=16735-uid:3112606d-cd4e-4300-a06e-d592868289d1&KRTB&16736-uid:3112606d-cd4e-4300-a06e-d592868289d1&KRTB&23019-uid:3112606d-cd4e-4300-a06e-d592868289d1&KRTB&23114-uid:3112606d-cd4e-4300-a06e-d592868289d1; KRTBCOOKIE_391=22924-8555319055327058093&KRTB&23263-8555319055327058093; KRTBCOOKIE_1074=22956-e_0c62619d-751b-4a50-8123-02f8c2043b34; KADUSERCOOKIE=520B596F-DF7A-496B-AF2A-72ADC5553A9A; SPugT=1617808718; KRTBCOOKIE_377=6810-f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&KRTB&22918-f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&KRTB&23031-f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01; KRTBCOOKIE_1101=23040-6948435543608522903; KRTBCOOKIE_466=16530-5cf1b0d4-8606-47ac-9b54-b5fdb677ff88; PugT=1617808722; KRTBCOOKIE_218=22978-YG3NUQAAAJGgiBcV&KRTB&23194-YG3NUQAAAJGgiBcV&KRTB&23209-YG3NUQAAAJGgiBcV&KRTB&23244-YG3NUQAAAJGgiBcV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 07 Apr 2021 15:18:41 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AACuQk7A25sAACh_I23Ciw; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-May-2021 15:18:41 GMT; path=/ PugT=1617808721; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-May-2021 15:18:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Jul-2021 15:18:41 GMT; path=/
X-lat
amspug020:0:587
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Wed, 07 Apr 2021 15:18:42 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACuQk7A25sAACh_I23Ciw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame EFB7
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=vNdKcNZh8IIub5T9HrMiWmjW
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=vNdKcNZh8IIub5T9HrMiWmjW
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1; chkChromeAb67Sec=1; DPSync3=1618963200%3A226_221_201_227; SyncRTB3=1618963200%3A71_81_22_189_230_56_7_8_166_78_220_21_222_161_88_5_165_176_54_204_3_55_13%7C1618617600%3A63%7C1618358400%3A67_223_2_15%7C1620345600%3A203%7C1619049600%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 07 Apr 2021 15:18:34 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-vNdKcNZh8IIub5T9HrMiWmjW&KRTB&23212-vNdKcNZh8IIub5T9HrMiWmjW; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-May-2021 15:18:34 GMT; path=/ PugT=1617808714; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-May-2021 15:18:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Jul-2021 15:18:34 GMT; path=/
X-lat
amspug016:0:546
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 07 Apr 2021 15:18:36 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=vNdKcNZh8IIub5T9HrMiWmjW; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=vNdKcNZh8IIub5T9HrMiWmjW
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame F147 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 07 Apr 2021 15:18:38 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 1FCF
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aInoeUqkaHrByktbZaeLMgx2TZbD1buZbgcx3ClPFKV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 07 Apr 2021 15:18:36 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=da40a9bf59450f65788d94c0552d334071617808716; expires=Fri, 07-May-21 15:18:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aMnseFR3YWi7UXuRvsriWEZa9Bm20G2Fv0GOV2YbcV2FF6K2FUALcNJylZdDF5ymrBGZbqCUISiRPP17f1ZbXq9X; path=/; domain=.tribalfusion.com; expires=Tue, 06-Jul-2021 15:18:36 GMT; SameSite=None; Secure; ANON_ID_old=aMnseFR3YWi7UXuRvsriWEZa9Bm20G2Fv0GOV2YbcV2FF6K2FUALcNJylZdDF5ymrBGZbqCUISiRPP17f1ZbXq9X; path=/; domain=.tribalfusion.com; expires=Tue, 06-Jul-2021 15:18:36 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
094e830a1e00004eeb1b850000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63c43abcf8634eeb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 07 Apr 2021 15:18:36 GMT
content-type
text/html
set-cookie
__cfduid=da40a9bf59450f65788d94c0552d334071617808716; expires=Fri, 07-May-21 15:18:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aInoeUqkaHrByktbZaeLMgx2TZbD1buZbgcx3ClPFKV; path=/; domain=.tribalfusion.com; expires=Tue, 06-Jul-2021 15:18:36 GMT; SameSite=None; Secure; ANON_ID_old=aInoeUqkaHrByktbZaeLMgx2TZbD1buZbgcx3ClPFKV; path=/; domain=.tribalfusion.com; expires=Tue, 06-Jul-2021 15:18:36 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
156
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
094e83096900004eeb270dc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63c43abbdd674eeb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame B03F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=g2fCgVMuKvd5&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=g2fCgVMuKvd5&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PUBMDCID=3; KRTBCOOKIE_22=14911-8673652470810723903; PugT=1617808718; KRTBCOOKIE_27=16735-uid:3112606d-cd4e-4300-a06e-d592868289d1&KRTB&16736-uid:3112606d-cd4e-4300-a06e-d592868289d1&KRTB&23019-uid:3112606d-cd4e-4300-a06e-d592868289d1&KRTB&23114-uid:3112606d-cd4e-4300-a06e-d592868289d1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 07 Apr 2021 15:18:39 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Jul-2021 15:18:39 GMT; path=/
X-lat
lhrpug019:0:355
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-7c488d4f5b-qsvjn
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=g2fCgVMuKvd5&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=9556a44d77f69df4; path=/; HttpOnly; Secure; SameSite=None
dpe
ad4m.at/ad/ Frame 4247 		42 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c04d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 07 Apr 2021 15:18:36 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=dfd25a714df1b18e0b0a5e5c5a4aa37e31617808716; expires=Fri, 07-May-21 15:18:36 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7rdk
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
094e8309620000060108892000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63c43abbdeca0601-FRA
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame E968
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e93db864-1388-43df-886a-e797989f933d-tuct76752d2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e93db864-1388-43df-886a-e797989f933d-tuct76752d2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e93db864-1388-43df-886a-e797989f933d-tuct76752d2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=e93db864-1388-43df-886a-e797989f933d-tuct76752d2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 07 Apr 2021 15:18:45 GMT
via
1.1 varnish
x-served-by
cache-fra19163-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1617808725.431995,VS0,VE104
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=e93db864-1388-43df-886a-e797989f933d-tuct76752d2;Version=1;Path=/;Domain=.taboola.com;Expires=Thu, 07-Apr-2022 15:18:42 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e93db864-1388-43df-886a-e797989f933d-tuct76752d2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 07 Apr 2021 15:18:42 GMT
via
1.1 varnish
x-served-by
cache-hhn11580-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1617808723.739784,VS0,VE96
x-vcl-time-ms
96
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame EB77
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1617808718989; TapAd_DID=879a83d1-97b4-11eb-8fcf-f279d8f436ca
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 07 Apr 2021 15:18:39 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Wed, 07 Apr 2021 15:18:38 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1617808718989;Expires=Sun, 06 Jun 2021 15:18:38 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=879a83d1-97b4-11eb-8fcf-f279d8f436ca;Expires=Sun, 06 Jun 2021 15:18:38 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame C08E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:edwwv8Ze1Lu9X55&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:edwwv8Ze1Lu9X55&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=89436667&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PUBMDCID=3; KRTBCOOKIE_22=14911-8673652470810723903; KRTBCOOKIE_27=16735-uid:3112606d-cd4e-4300-a06e-d592868289d1&KRTB&16736-uid:3112606d-cd4e-4300-a06e-d592868289d1&KRTB&23019-uid:3112606d-cd4e-4300-a06e-d592868289d1&KRTB&23114-uid:3112606d-cd4e-4300-a06e-d592868289d1; KRTBCOOKIE_391=22924-8555319055327058093&KRTB&23263-8555319055327058093; KRTBCOOKIE_1074=22956-e_0c62619d-751b-4a50-8123-02f8c2043b34; KADUSERCOOKIE=520B596F-DF7A-496B-AF2A-72ADC5553A9A; SPugT=1617808718; KRTBCOOKIE_377=6810-f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&KRTB&22918-f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&KRTB&23031-f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01; KRTBCOOKIE_1101=23040-6948435543608522903; KRTBCOOKIE_466=16530-5cf1b0d4-8606-47ac-9b54-b5fdb677ff88; KRTBCOOKIE_218=22978-YG3NUQAAAJGgiBcV&KRTB&23194-YG3NUQAAAJGgiBcV&KRTB&23209-YG3NUQAAAJGgiBcV&KRTB&23244-YG3NUQAAAJGgiBcV; KRTBCOOKIE_699=22727-AACuQk7A25sAACh_I23Ciw; KRTBCOOKIE_188=3189-no-consent; PugT=1617808720
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 07 Apr 2021 15:18:43 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:edwwv8Ze1Lu9X55; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Jul-2021 15:18:43 GMT; path=/ PugT=1617808723; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-May-2021 15:18:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Jul-2021 15:18:43 GMT; path=/
X-lat
lhrpug002:0:695
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Wed, 07 Apr 2021 15:18:42 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:edwwv8Ze1Lu9X55&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-09324c87255a730c5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=edwwv8Ze1Lu9X55; Domain=.w55c.net; Expires=Sat, 07-May-2022 15:18:43 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Fri, 07-May-2021 15:18:43 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
um
u-ams02.e-planning.net/ Frame 454A 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=98397851985d2331&uid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method
GET
:authority
u-ams02.e-planning.net
:scheme
https
:path
/um?dc=a208d9366469aa64&fi=98397851985d2331&uid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
openresty
date
Wed, 07 Apr 2021 15:18:36 GMT
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 598C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VPonLG-NSUqbVNKdv47S4Q%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VPonLG-NSUqbVNKdv47S4Q%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=20316
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Wed, 07 Apr 2021 20:57:13 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 598C 		95 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
63c43abbdde705b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e830964000005b305175000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 598C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:43 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:43 GMT
frontend-id
6
location
/pubmatic/1/info2?sType=sync&sExtCookieId=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&addseg=19,36,42
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:46 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Wed, 07 Apr 2021 15:18:46 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTRGQTI3MkMtNkY4RC00OTRBLTlCNTQtRDI5REJGOEVEMkUx&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTRGQTI3MkMtNkY4RC00OTRBLTlCNTQtRDI5REJGOEVEMkUx&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:37 GMT
X-lat
amspug003:0:292
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENh1cs7Q9FwVxLIlyewWges&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENh1cs7Q9FwVxLIlyewWges&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:36 GMT
X-lat
amspug014:0:383
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENh1cs7Q9FwVxLIlyewWges&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 598C 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 06 Apr 2021 15:18:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8555319055327058093
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8555319055327058093
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:39 GMT
X-lat
lhrpug020:0:383
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:39 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8555319055327058093
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3112606d-cd4e-4300-a06e-d592868289d1&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3112606d-cd4e-4300-a06e-d592868289d1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:38 GMT
X-lat
lhrpug001:0:435
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Wed, 07 Apr 2021 15:18:38 GMT
Server
MT3 3628 75f709e master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3112606d-cd4e-4300-a06e-d592868289d1&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 07 Apr 2021 15:18:37 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:40 GMT
X-lat
lhrpug001:0:544
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=285258492267925334&gdpr=0&gdpr_consent=
42 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=285258492267925334&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:34 GMT
X-lat
amspug017:0:726
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:36 GMT
X-Proxy-Origin
196.240.57.220; 196.240.57.220; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.57:80
AN-X-Request-Uuid
6c3ea77d-3452-4c1d-8d4f-b34eb931f4fc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=285258492267925334&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
54FA272C-6F8D-494A-9B54-D29DBF8ED2E1
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 598C 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/54FA272C-6F8D-494A-9B54-D29DBF8ED2E1?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J5lQILZE2uUGEUsJImrSeGBNr31tdSA-~A&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J5lQILZE2uUGEUsJImrSeGBNr31tdSA-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Wed, 07 Apr 2021 15:18:37 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Wed, 07 Apr 2021 15:18:36 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J5lQILZE2uUGEUsJImrSeGBNr31tdSA-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=b8dee4c4-51b3-4ade-9384-b165f77c47ac&ssp=pubmatic
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=156&expires=14&user_id=b8dee4c4-51b3-4ade-9384-b165f77c47ac&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:42 GMT
X-lat
lhrpug005:0:572
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 07 Apr 2021 15:18:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hHgNTtEsD06fKV4bhSoWGIMuCk6fLgoeinovDOvL
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hHgNTtEsD06fKV4bhSoWGIMuCk6fLgoeinovDOvL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:36 GMT
X-lat
amspug013:0:417
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hHgNTtEsD06fKV4bhSoWGIMuCk6fLgoeinovDOvL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8673652470810723903&gdpr=0&gdpr_consent=&us_privacy=
1 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8673652470810723903&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:38 GMT
X-lat
lhrpug006:0:2444
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8673652470810723903&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 07 Apr 2021 15:18:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YG3NUQAAAJGgiBcV&gdpr=0&gdpr_consent=&_test=YG3NUQAAAJGgiBcV
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YG3NUQAAAJGgiBcV&gdpr=0&gdpr_consent=&_test=YG3NUQAAAJGgiBcV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:42 GMT
X-lat
lhrpug019:0:399
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1617808722.067459,VS0,VE0
x-served-by
cache-hhn4051-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YG3NUQAAAJGgiBcV&gdpr=0&gdpr_consent=&_test=YG3NUQAAAJGgiBcV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:40 GMT
X-lat
amspug017:0:407
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:41 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9a77f845-ab6f-49db-a23a-60dc2494cdfe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9a77f845-ab6f-49db-a23a-60dc2494cdfe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:40 GMT
X-lat
lhrpug006:0:374
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9a77f845-ab6f-49db-a23a-60dc2494cdfe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 07 Apr 2021 15:18:40 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 598C 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=54FA272C-6F8D-494A-9B54-D29DBF8ED2E1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3064146525886796892
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3064146525886796892
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:41 GMT
X-lat
lhrpug011:0:315
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:41 GMT
X-Proxy-Origin
196.240.57.220; 196.240.57.220; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.219:80
AN-X-Request-Uuid
d72385ae-fc2a-4393-96e8-f82b830004a7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3064146525886796892
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 598C
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_0c62619d-751b-4a50-8123-02f8c2043b34
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_0c62619d-751b-4a50-8123-02f8c2043b34
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:39 GMT
X-lat
lhrpug017:0:505
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_0c62619d-751b-4a50-8123-02f8c2043b34
date
Wed, 07 Apr 2021 15:18:39 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
match.js
js.adscale.de/ Frame 7205 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-237-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wLpT08_wLXVkyJ1J8XFuEEwEpe2lwEj_
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
Server
AmazonS3
x-amz-request-id
0CJGEPQ2ZKSDZJTR
ETag
"b75124846aec28a28b7a3441813682d5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Wed, 07 Apr 2021 15:18:36 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1700
x-amz-id-2
rTeXxEVlmwvubu+6mFW79yFbR/gN1X2gq0lQgaMPHQj754I0ueECxgXGlb1NT3Jw/38xunNd2r8=
img
ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/ Frame 7205
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=08c2ea102d094e63877f747c7abf1bbc&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f677e48e622c9%2F1617808716088%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/img?tpid=101&tpuid=BBID-01-02925227174221268-16255224
49 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/img?tpid=101&tpuid=BBID-01-02925227174221268-16255224
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:37 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 07 Apr 2021 15:18:37 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/img?tpid=101&tpuid=BBID-01-02925227174221268-16255224
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
multitracking
ghb.adtelligent.com/adunit/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449391/wrapper_hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nv.ua
Date
Wed, 07 Apr 2021 15:18:36 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 7205
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=bcce7b5721efd99dd53ca6f...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=5123606d-cd4e-4b00-8d49-5709f7d0c378&gdpr=0&gdpr_consent=
49 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=5123606d-cd4e-4b00-8d49-5709f7d0c378&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:38 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 07 Apr 2021 15:18:38 GMT
Server
MT3 3628 75f709e master zrh-pixel-x10
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=5123606d-cd4e-4b00-8d49-5709f7d0c378&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 07 Apr 2021 15:18:37 GMT
dcm
s.amazon-adsystem.com/ Frame 43C6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:39 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:39 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 43C6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEl3Roo8ssNqTzugaodIKjk&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEl3Roo8ssNqTzugaodIKjk&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 07 Apr 2021 15:18:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEl3Roo8ssNqTzugaodIKjk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 43C6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YG3NTfMFHxS4zXOY16dCYAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA2CAFn_oqYMueiAhgl5yEI&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA2CAFn_oqYMueiAhgl5yEI&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 07 Apr 2021 15:18:40 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA2CAFn_oqYMueiAhgl5yEI&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 43C6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YG3NTfMFHxS4zXOY16dCYAAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.242.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-242-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
demconf.jpg
dpm.demdex.net/ Frame 43C6
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YG3NTfMFHxS4zXOY16dCYAAA%261102
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YG3NTfMFHxS4zXOY16dCYAAA%261102
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YG3NTfMFHxS4zXOY16dCYAAA%261102
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.139.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-139-62.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-0f4398d58.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
JTv2NUelRYk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Y+WnIU8gTvE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YG3NTfMFHxS4zXOY16dCYAAA%261102
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 43C6 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:38 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-6
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 43C6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3684606d-cd4e-4700-8558-048be67be027&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3684606d-cd4e-4700-8558-048be67be027&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 07 Apr 2021 15:18:40 GMT

Redirect headers

Date
Wed, 07 Apr 2021 15:18:38 GMT
Server
MT3 3628 75f709e master zrh-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3684606d-cd4e-4700-8558-048be67be027&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 07 Apr 2021 15:18:37 GMT
index
dmp.brand-display.com/cm/api/ Frame 43C6 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:38 GMT
via
1.1 google
last-modified
Wed, 07 Apr 2021 15:18:38 GMT
server
nginx/1.18.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Wed, 07 Apr 2021 15:18:39 GMT
um
u-ams02.e-planning.net/ Frame 43C6 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=98397851985d2331&uid=YG3NTfMFHxS4zXOY16dCYAAA%261102
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D98397851985d2331%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:37 GMT
server
openresty
content-type
image/gif
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:37 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 08 Apr 2021 15:18:37 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:37 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 08 Apr 2021 15:18:37 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame 356E 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-19.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 18:20:08 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
75511
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 dbf5a139061b80ff53ac8f18a1e0b49f.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
utew5Epa7MpSH3WatUiaPQDp8ZI_SOrb-AMbC9L1mcOcgp7J6A2oKQ==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 7E9F 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Wed, 07 Apr 2021 15:18:37 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Mon, 06 Apr 2026 15:18:37 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame E981 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
797a41183380e088a95d924b04e7c6a691a3aca40d6ba4de02e2de806c58fe12

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 07 Apr 2021 15:18:37 GMT
content-type
text/html
set-cookie
__cfduid=d140e1e8ff722a1581d9a004f68cd455a1617808717; expires=Fri, 07-May-21 15:18:37 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=d162ca85-7160-46e6-96f6-10d6597f6ce7; expires=Tue, 27 Apr 2021 15:18:37 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
094e830f8c00005369eb0f5000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wNkMilVw6l781Mulx4BigSv2VwALcFRCzX4DAnZqQMEa3Cctm0QwhXjbX3TvxxsyA2Xn1FKhP1wwsTjFYKM7gGVltmNQUEzlJPAxCh1iA3p5Xdtqq8GsAQa8E8fQuTs%3D"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
63c43ac5aa745369-FRA
content-encoding
br
Cookie set csync
sync.console.adtarget.com.tr/ Frame 3742 		86 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AN3HAUIltVjjJEcv
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
a307080=ROzRuSJyhi1Tw5CUOlDj; a307565=f65cd029e7164a47a77fedea8ac516de; a306709=av-65630d45-18e5-4e38-a919-532042def264; vmuid=32853a6ad3e3c2eb; a322988=2b719674595d7be7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Wed, 07 Apr 2021 15:18:37 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=32853a6ad3e3c2eb; expires=Tue, 08 Jun 2021 15:18:37 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307442=AN3HAUIltVjjJEcv; expires=Tue, 08 Jun 2021 15:18:37 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
v2_285119_882.json
player.adtelligent.com/prebidlink/2696347/ 		169 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/2696347/v2_285119_882.json?cb=nv.ua
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449391/wrapper_hb_285119_882.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
9545b9bbccbb290694c9b958da74a3f2dd244dff76d5c6b3b4342e5bfe396bc7

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:37 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 18:16:39 GMT
server
nginx
etag
W/"606ca587-2a556"
content-type
application/json
access-control-allow-origin
https://nv.ua
expires
Wed, 07 Apr 2021 16:18:37 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
GS.d
js.cookieless-data.com/ Frame 7E9F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1617808717728
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-83.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e83a613058f561ef6b401fdb997af27e0fe593a5e00b4670506cada1564b6dd2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:37 GMT
content-encoding
gzip
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-type
text/javascript
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame E981
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=285258492267925334
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=285258492267925334
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DwpYnv7O1GWUsHpZTcSWI%2FZWq7hLCh2oWB2EV3IRFTEVQccWW%2BqSHcPLjgwClvyv91ldMqEQyi9xex13bTIzB%2BFmEGtujZtrd1PuJ58rJ8os6Tn2K8xtoj3H43OgKZ0%3D"}]}
content-type
image/gif
cf-ray
63c43ac71ea85369-FRA
content-length
43
cf-request-id
094e83106c000053690b320000000001

Redirect headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:37 GMT
X-Proxy-Origin
196.240.57.220; 196.240.57.220; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.155:80
AN-X-Request-Uuid
6e49c28c-039e-4b05-9d4e-f6ee13094d49
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=285258492267925334
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame E981
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-IUiF8P1E2uFgLYEcaBHIIaNlHGRo_vGHHyNAwZc-~A
43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-IUiF8P1E2uFgLYEcaBHIIaNlHGRo_vGHHyNAwZc-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cLRFIjU0ElHa%2FEU4zz6D9K7%2Bcf%2FSmrrLUHrDDLSiF1h3uLzoPzZnkHT1T9oLusxZ79u82wY37Amh%2BPUB8o5bFEsFaaDp%2FZ%2FHq%2F4A%2BfraJbKvyurzvBkiNPG0uEwowpw%3D"}]}
content-type
image/gif
cf-ray
63c43ac6cd9a5369-FRA
content-length
43
cf-request-id
094e83103900005369220ac000000001

Redirect headers

Date
Wed, 07 Apr 2021 15:18:37 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-IUiF8P1E2uFgLYEcaBHIIaNlHGRo_vGHHyNAwZc-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame E981
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=285258492267925334
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=285258492267925334
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p2dVx%2FcgPC5DXZDhrVWVf%2ByURWAgzunLjEOy9VcrBdczO9xs%2FyAx73Zps0F0Ubbsbj8I7QQLkgY%2FTUNXqFEl8H55UjpU3bOQ0ZJEvBQRgBBfZbK0osqsV22WrTiKPKM%3D"}]}
content-type
image/gif
cf-ray
63c43ac71ec15369-FRA
content-length
43
cf-request-id
094e8310730000536934106000000001

Redirect headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:37 GMT
X-Proxy-Origin
196.240.57.220; 196.240.57.220; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.196:80
AN-X-Request-Uuid
f735f5d6-2f33-4f76-8360-1a1efa9f3f3b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=285258492267925334
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame E981
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=059f9ee6-6ec9-5261-b617-fa4cd67a3701
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=059f9ee6-6ec9-5261-b617-fa4cd67a3701
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gi8I5a2O046FLg4TZtU0CLs1PoZYOXlOdIDSXgmZLvgSCbOHHE2gl%2FUt%2BOtAmlH%2F6Tmn6H%2B2RAGU507QSn9rAZTP5ZGqCfoxugalryQHf0kLbFvCF%2FKtKhigz5%2Be1z4%3D"}]}
content-type
image/gif
cf-ray
63c43ac6fe565369-FRA
content-length
43
cf-request-id
094e83106000005369e63cb000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=059f9ee6-6ec9-5261-b617-fa4cd67a3701
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
um
sync.e-planning.net/ Frame E981 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=d162ca85-7160-46e6-96f6-10d6597f6ce7
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:37 GMT
server
openresty
content-type
image/gif
d
ic.tynt.com/r/ Frame 7DDA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
ic.tynt.com
:scheme
https
:path
/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

server
nginx/1.16.1
date
Wed, 07 Apr 2021 15:18:42 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 80DC 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de0e47e5fee6f22ad1228c795c56141567894b7449920bd3c1567b9663c91dd7

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YG3NTfMFHxS4zXOY16dCYAAA; CMPS=5237; CMPRO=1102; CMST=YG3NTWBtzU0A; CMRUM3=bf606dcd4d05a0&03606dcd4d05a0&f1606dcd4d05a00&2d606dcd4d05a0&29606dcd4d05a00&27606dcd4d0b40&da606dcd4d27600&e6606dcd4d27600
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|206|4|195|45|51|130
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1574
Expires
Wed, 07 Apr 2021 15:18:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YG3NTfMFHxS4zXOY16dCYAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 07 Apr 2022 15:18:37 GMT CMPS=5237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 06 Jul 2021 15:18:37 GMT CMPRO=1102;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 06 Jul 2021 15:18:37 GMT CMRUM3=82606dcd4da8c0&bf606dcd4d05a0&03606dcd4d05a0&33606dcd4d05a0&ce606dcd4d05a00&f1606dcd4d05a00&c3606dcd4d05a00&da606dcd4d27600&e6606dcd4d27600&2e606dcd4d05a0&2d606dcd4d05a0&29606dcd4d05a00&49606dcd4d05a00&04606dcd4d05a0&27606dcd4d0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 07 Apr 2022 15:18:37 GMT
/
onetag-sys.com/usync/ Frame DFE5 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
57fa16e084294bd6416b2ec3f81fd25c8f20a46b1adfbb40be26d44e260e444c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie
OTP=zeHQ01JLZdpTba1y5lUGPwMS4GtLrvUUyuUoAv2-eEw; path=/; expires=Fri, 07 Apr 2023 15:18:45; domain=onetag-sys.com; SameSite=None; Secure
content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
get-consent
sddan.mgr.consensu.org/api/v1/public/ Frame 7E9F 		0
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sddan.mgr.consensu.org/api/v1/public/get-consent?redirect=https%3A%2F%2Fjs.cookieless-data.com%2FGS.d%3Fpa%3D24492%26r%3Dhttps%253A%252F%252Fads.us.e-planning.net%252F%26rand%3D1617808717728%26s%3D%26si%3D1%26u%3Dhttps%253A%252F%252Fs.e-planning.net%252Fesb%252F4%252F0%252F1992d%252Fbb6e7a161f794f56%252Fsirdata_03022021.html&vendor_ids=53,916&user_id=YTJhNTQ1ZDhiYjkxODdkM2Q0ODc0Nzg0KzOX3BNf1gpFka55k1w5A346WvUp49C85ulSwxEmHkqZnd6IhfGjhYyupfY3qw5KG7drqyqtI6i2
Requested by
Host: js.cookieless-data.com
URL: https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1617808717728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:40 GMT
server
nginx/1.11.3
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains; preload
SPug
simage4.pubmatic.com/AdServer/ Frame 598C 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Wed, 07 Apr 2021 15:18:38 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
img
ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/ Frame 7205
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f677e48e622c9%2F1617808716088%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/img?tpid=75&tpuid=285258492267925334&gdpr=0
49 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/img?tpid=75&tpuid=285258492267925334&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:38 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:38 GMT
X-Proxy-Origin
196.240.57.220; 196.240.57.220; 830.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.58:80
AN-X-Request-Uuid
bba588fd-9f78-41d3-aa27-7584d8920813
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/img?tpid=75&tpuid=285258492267925334&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
www.clarity.ms/eus2/ 		7 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.10/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 07 Apr 2021 15:18:38 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://nv.ua
access-control-allow-credentials
true
x-azure-ref
0Ts1tYAAAAAA2annd3fYYRqvmw2H+aT8kTE9OMjFFREdFMTUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
content-length
11
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
getuid
secure.adnxs.com/ Frame 80DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 80DC 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 80DC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB
43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Wed, 07 Apr 2021 15:18:38 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 80DC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8673652470810723903
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8673652470810723903
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 07 Apr 2021 15:18:40 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8673652470810723903
pragma
no-cache
date
Wed, 07 Apr 2021 15:18:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 80DC
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b2f8db42-9e65-4058-9f2b-36fa2b435e18
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b2f8db42-9e65-4058-9f2b-36fa2b435e18&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b2f8db42-9e65-4058-9f2b-36fa2b435e18&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 07 Apr 2021 15:18:40 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b2f8db42-9e65-4058-9f2b-36fa2b435e18&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
304
Expires
Wed, 07 Apr 2021 15:18:40 GMT
crum
dsum-sec.casalemedia.com/ Frame 80DC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YG3NTfMFHxS4zXOY16dCYAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA2CAFn_oqYMueiAhgl5yEI&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA2CAFn_oqYMueiAhgl5yEI&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 07 Apr 2021 15:18:40 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA2CAFn_oqYMueiAhgl5yEI&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 80DC 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.143.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 80DC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHXs07A25sAAClxY7smPQ&expiration=1619018319&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHXs07A25sAAClxY7smPQ&expiration=1619018319&gdpr=1&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHXs07A25sAAClxY7smPQ&expiration=1619018319&gdpr=1&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 07 Apr 2021 15:18:40 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHXs07A25sAAClxY7smPQ&expiration=1619018319&gdpr=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
324
Expires
Wed, 07 Apr 2021 15:18:40 GMT
setuid
sync.quantumdex.io/ Frame 80DC 		43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YG3NTfMFHxS4zXOY16dCYAAABE4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RB8ESieJyR%2BgQmsOPxPUMtMEO%2FFvtdKebMWaqV%2F76LdYzIer2JnxtsgKLOAQ8zuo7alxopFWdPyoGl7uekboytEsa%2FDp6NXJxI3vdG%2Fv7EcKHXcMIuNbvlyVmnXzyuI%3D"}]}
content-type
image/gif
cf-ray
63c43acc2c295369-FRA
content-length
43
cf-request-id
094e83139400005369eb16b000000001
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 7205
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=9fc38c70c3e9e6d74943b300c...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YG3NTfMFHxS4zXOY16dCYAAA%261102
49 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YG3NTfMFHxS4zXOY16dCYAAA%261102
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:38 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YG3NTfMFHxS4zXOY16dCYAAA%261102
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Wed, 07 Apr 2021 15:18:38 GMT
img
ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/ Frame 7205
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=28d9d623e85ca4b1193356c2d502ee7439462aaadb99b774e56bac99d7c6b10f&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a49f67...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=28d9d623e85ca4b1193356c2d502ee7439462aaadb99b774e56bac99d7c6b10f&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49d6a...
  • https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/img?tpid=42&gdpr=0&tpuid=8555319055327058093
49 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/img?tpid=42&gdpr=0&tpuid=8555319055327058093
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:39 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:38 GMT
server
nginx
location
https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/img?tpid=42&gdpr=0&tpuid=8555319055327058093
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 7205
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=6154f6a8-5758-4300-9ca1-617f8fe83193
49 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=6154f6a8-5758-4300-9ca1-617f8fe83193
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:39 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
x-errorlevel
0
date
Wed, 07 Apr 2021 15:18:38 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=6154f6a8-5758-4300-9ca1-617f8fe83193
cache-control
no-cache
server-processing-duration-in-ticks
1850
content-type
text/html; charset=utf-8
content-length
237
expires
Wed, 07 Apr 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 7205
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=4bc6e40f241fe2dd9f466bb7...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=a7e0606d-cd4e-4500-8126-117b87a004bb&gdpr=0&gdpr_consent=
49 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=a7e0606d-cd4e-4500-8126-117b87a004bb&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:39 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 07 Apr 2021 15:18:39 GMT
Server
MT3 3628 75f709e master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=a7e0606d-cd4e-4500-8126-117b87a004bb&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 07 Apr 2021 15:18:38 GMT
js
ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/ Frame 7205
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=5274d9dd631857ef094c5dd329ad447d2a60a0cf40cfb5f26fe189b5cc0b2cd5&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=5274d9dd631857ef094c5dd329ad447d2a60a0cf40cfb5f26fe189b5cc0b2cd5&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0b43b6fc5b4a49...
  • https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/js?tpid=48&tpuid=0d6a5429f10e960d0d5ed320d53dd7e3
44 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/js?tpid=48&tpuid=0d6a5429f10e960d0d5ed320d53dd7e3
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9aed14c27463f1981719f08343187ea6982a22972db5973c0255da71d26fe71e

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:41 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Location
https://ih.adscale.de/sium/0b43b6fc5b4a49d6a49f677e48e622c9/1617808716088/0/js?tpid=48&tpuid=0d6a5429f10e960d0d5ed320d53dd7e3
Date
Wed, 07 Apr 2021 15:18:41 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
147
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
getuid
ib.adnxs.com/ Frame 6F0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-45...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEKz3Kh0Qhuj1ikD5n1hTzZ8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f...
95 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEKz3Kh0Qhuj1ikD5n1hTzZ8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43ad1fc7e05b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e831737000005b3f79e7000000001

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEKz3Kh0Qhuj1ikD5n1hTzZ8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://mwzeom.zeotap.com/mw?cid=879a83d1-97b4-11eb-8fcf-f279d8f436ca&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=879a83d1-97b4-11eb-8fcf-f279d8f436ca&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43ad1cc0705b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e83171e000005b328a53000000001

Redirect headers

date
Wed, 07 Apr 2021 15:18:39 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=879a83d1-97b4-11eb-8fcf-f279d8f436ca&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 6F0F 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:39 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Db...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Db...
  • https://mwzeom.zeotap.com/mw?cid=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225...
95 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43ad85b3a05b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e831b35000005b33ca9b000000001

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 6F0F 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Wed, 07 Apr 2021 15:18:42 GMT
via
1.1 varnish
server
nginx
x-timer
S1617808723.739781,VS0,VE94
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11580-HHN
u
dmp.v.fwmrm.net/ad/ Frame 6F0F 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.156.250.128 , United Kingdom, ASN3549 (LVLT-3549, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:41 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6F0F 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:42 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=f630e86c-6361-4d02-a186-32bcbebbce0f&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f630e86c-6361-4d02-a186-32bcbebbce0f&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43ad27d7d05b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e831789000005b3551fb000000001

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:39 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=f630e86c-6361-4d02-a186-32bcbebbce0f&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a2e0a5ae-819b-4945-796d-b4263e15b0e7&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a2e0a5ae-819b-4945-796d-b4263e15b0e7&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=10077136527970323730717355754798254487&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-...
95 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=10077136527970323730717355754798254487&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43ad96e0905b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e831be6000005b39f242000000001

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6D/BQCBqR/g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=10077136527970323730717355754798254487&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
loadeu.exelator.com/load/ Frame 6F0F 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=a2e0a5ae-819b-4945-796d-b4263e15b0e7&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021040717-92003-0.823539001617808718-3a13784eedd8364ffefc169415dbb64a&zdid=533&env=mWeb
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021040717-92003-0.823539001617808718-3a13784eedd8364ffefc169415dbb64a&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43ad2de5405b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e8317c6000005b31ca56000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021040717-92003-0.823539001617808718-3a13784eedd8364ffefc169415dbb64a&zdid=533&env=mWeb
Date
Wed, 07 Apr 2021 15:18:38 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6948435543608457367&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-...
95 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6948435543608457367&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43ad96deb05b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e831be1000005b3e62d9000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6948435543608457367&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Date
Wed, 07 Apr 2021 15:18:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 6F0F 		95 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a2e0a5ae-819b-4945-796d-b4263e15b0e7
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:39 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a2e0a5ae-819b-4945-796d-b4263e15b0e7&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a2e0a5ae-819b-4945-796d-b4263e15b0e7&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=WyFVB9QNYZQo/7LwSS.Ap.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-42...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=WyFVB9QNYZQo/7LwSS.Ap.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43ad30eb105b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e8317e2000005b32e183000000001

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:39 GMT
via
1.1 google
last-modified
Wed, 07 Apr 2021 15:18:39 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=WyFVB9QNYZQo/7LwSS.Ap.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 6F0F 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=a2e0a5ae-819b-4945-796d-b4263e15b0e7&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.163.159.106 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:44 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a2e0a5ae-819b-4945-796d-b4263e15b0e7?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a2e0a5ae-819b-4945-796d-b4263e15b0e7?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=7e428f778ee12e7fedc0c770b72db67e&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-58...
95 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=7e428f778ee12e7fedc0c770b72db67e&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43ad9ff3805b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e831c45000005b35c88e000000001

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:40 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=7e428f778ee12e7fedc0c770b72db67e&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
cache-control
no-cache
x-server
10.45.11.20
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-OhpqjFZE2oooSAMbJfkhH55xrooPjRVPog--~A&zpartnerid=570&env=mWeb
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-OhpqjFZE2oooSAMbJfkhH55xrooPjRVPog--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43ae01deb05b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e83200b000005b34200d000000001

Redirect headers

date
Wed, 07 Apr 2021 15:18:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-OhpqjFZE2oooSAMbJfkhH55xrooPjRVPog--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lqY%2Btg%2BtbDUtBiX8NObLeoNQcRXQ9apD%2BS41iYitP1U%3D
95 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lqY%2Btg%2BtbDUtBiX8NObLeoNQcRXQ9apD%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43aed38ce05b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e832847000005b36288b000000001

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:44 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lqY%2Btg%2BtbDUtBiX8NObLeoNQcRXQ9apD%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 6F0F 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=a2e0a5ae-819b-4945-796d-b4263e15b0e7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:41 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 6F0F 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.38.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:41 GMT
cache-control
private, no-cache, no-store
x-request-time
D=49 t=1617808721
x-served-by
beacon-n016-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 6F0F 		95 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=a2e0a5ae-819b-4945-796d-b4263e15b0e7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.72.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:41 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Type
image/png
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YG3NUQAAAFGgeRcV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec...
95 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YG3NUQAAAFGgeRcV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361&_test=YG3NUQAAAFGgeRcV
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43ae0f88a05b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e83209d000005b3542b2000000001

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1617808722.063311,VS0,VE0
x-served-by
cache-hhn4051-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YG3NUQAAAFGgeRcV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361&_test=YG3NUQAAAFGgeRcV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 6F0F
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=a7e0606d-cd4e-4500-8126-117b87a004bb&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f1...
95 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a7e0606d-cd4e-4500-8126-117b87a004bb&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
63c43adf7c6d05b3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
094e831faf000005b3552af000000001

Redirect headers

Date
Wed, 07 Apr 2021 15:18:41 GMT
Server
MT3 3628 75f709e master cdg-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=a7e0606d-cd4e-4500-8126-117b87a004bb&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 07 Apr 2021 15:19:37 GMT
usermatch.gif
beacon.krxd.net/ Frame 6F0F
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=ODB68IA-&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=a2e0a5ae-819b-4945-796d-b4263e15b0e7
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=a2e0a5ae-819b-4945-796d-b4263e15b0e7
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.38.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1617808723
x-served-by
beacon-n012-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 07 Apr 2021 15:18:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://spl.zeotap.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=a2e0a5ae-819b-4945-796d-b4263e15b0e7
access-control-allow-credentials
true
cf-ray
63c43ae85b4305b3-FRA
access-control-allow-headers
*
cf-request-id
094e83253b000005b336a95000000001
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6F0F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a2e0a5ae-819b-4945-796d-b4263e15b0e7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a2e0a5ae-819b-4945-796d-b4263e15b0e7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a2e0a5ae-819b-4945-796d-b4263e15b0e7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:45 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:45 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a2e0a5ae-819b-4945-796d-b4263e15b0e7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 6F0F 		62 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=a2e0a5ae-819b-4945-796d-b4263e15b0e7&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.110.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-110-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:18:42 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
75ac
Expires
Thu, 01 Dec 1994 16:00:00 GMT
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 6F0F 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da2e0a5ae-819b-4945-796d-b4263e15b0e7%26reqId%3Dba000f16-586c-4225-4520-3ec833fdacd6%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.253.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:43 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 6F0F 		557 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c90af9d2a8708f34431e7b3e61633595ccebb11d1797f662f1043d115fad8ae

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
63c43ae6ae3605b3-FRA
date
Wed, 07 Apr 2021 15:18:43 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
094e832426000005b39f314000000001
collect
analytics.google.com/g/ Frame 3F64 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FYXW5GD65L&gtm=2oe3v0&_p=897692485&sr=1600x1200&ul=en-us&cid=670222609.1617808715&_s=2&dl=https%3A%2F%2Fpodcasts.nv.ua%2Fembed_v2%2F2317.html&dr=https%3A%2F%2Fnv.ua%2F&dt=&sid=1617808715&sct=1&seg=0&en=scroll&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYXW5GD65L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://podcasts.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://podcasts.nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.clarity.ms/eus2/ 		7 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.10/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 07 Apr 2021 15:18:41 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://nv.ua
access-control-allow-credentials
true
x-azure-ref
0Uc1tYAAAAACzMTec+x2iTrV8Nsrj0qE5TE9OMjFFREdFMTUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
content-length
11
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
sium
ih.adscale.de/ Frame 7205 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-173-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0&nut&uu=08c2ea102d094e63877f747c7abf1bbc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Wed, 07 Apr 2021 15:18:41 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
cmp
spl.zeotap.com/ Frame 6F0F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a2e0a5ae-819b-4945-796d-b4263e15b0e7&reqId=ba000f16-586c-4225-4520-3ec833fdacd6&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=a2e0a5ae-819b-4945-796d-b4263e15b0e7; zsc=%E6%B2%06b%1B%2C%E7%89%2B%BB%40%0B%D4%E5wi%96%5E%BF%2A%FF%F3M%1081t%EA6%7D%9D%A2%D6y%DFt%0Dk%C6%B8-%DCoO%A8%13N%E2%C5%21%AF%89%1BH%08%E4%5B%A4%A5%0A%5E%86d%EC%E8%CD%B5%DE%EF%EC+%08%BF%D4%82%C2C%E5%CD%9D%EF%B3%05%14%AFH%0D%C6%AC%13%C2%CF%E48%FBi%1C%0E%24%F7%FF%DE%03o%C4%07jL%BD%C1%F8%D8%25k%E5%8E%E9%8BP%7Ca%D5%D5%5E%5B%D3jy%FA%8Dh%A9%FB%F6%02%01%BB%94%EA%E2%FF%28O%CD%07%BD%0A%A7%1CO%A2%81%9D%AC%B8%5D%A3%D2ar%BB%AB%09%BF%15%28%FC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Wed, 07 Apr 2021 15:18:43 GMT
set-cookie
__cfduid=d2c12208e59961d992253c178d9b6e6451617808723; expires=Fri, 07-May-21 15:18:43 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
094e83253b000005b31318d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63c43ae85b4005b3-FRA
usync.js
eus.rubiconproject.com/ Frame 5B45 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45053
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9418
Expires
Thu, 08 Apr 2021 03:49:36 GMT
khaos.jpg
token.rubiconproject.com/ Frame 5B45 		284 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
um
sync.e-planning.net/ Frame 5B45
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
  • https://sync.e-planning.net/um?uid=KN7LJKEI-U-2L2Q&dc=9bcc91305985f0db&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=KN7LJKEI-U-2L2Q&dc=9bcc91305985f0db&iss=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:43 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://sync.e-planning.net/um?uid=KN7LJKEI-U-2L2Q&dc=9bcc91305985f0db&iss=1
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5B45
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TEpLRUktVS0yTDJR
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TEpLRUktVS0yTDJR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S043TEpLRUktVS0yTDJR
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 5B45
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7LJKEI-U-2L2Q&sigv=1&esig=2~fb88866072bfe5af2c251ec8f438df6408ae95b3
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7LJKEI-U-2L2Q&sigv=1&esig=2~fb88866072bfe5af2c251ec8f438df6408ae95b3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:43 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KN7LJKEI-U-2L2Q&sigv=1&esig=2~fb88866072bfe5af2c251ec8f438df6408ae95b3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5B45
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDdmiWLAuxkl7dbuIqHggFs&google_cver=1
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDdmiWLAuxkl7dbuIqHggFs&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDdmiWLAuxkl7dbuIqHggFs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5B45
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/itecFxtVFJktTQ_D24fKfA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1566793014741488708
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1566793014741488708
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

date
Wed, 07 Apr 2021 15:18:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1566793014741488708
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5B45
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a7e0606d-cd4e-4500-8126-117b87a004bb
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a7e0606d-cd4e-4500-8126-117b87a004bb
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

Date
Wed, 07 Apr 2021 15:18:43 GMT
Server
MT3 3628 75f709e master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a7e0606d-cd4e-4500-8126-117b87a004bb
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 07 Apr 2021 15:18:42 GMT
709414.gif
id.rlcdn.com/ Frame 5B45 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rubicon
match.adsrvr.org/track/cmf/ Frame 5B45 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.242.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-242-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5B45
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTUwYTJiNzgxOTVhMjgxMmZkOTExMjMyOTVhZmI0YzMwNTIxN2E4NA
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTUwYTJiNzgxOTVhMjgxMmZkOTExMjMyOTVhZmI0YzMwNTIxN2E4NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTUwYTJiNzgxOTVhMjgxMmZkOTExMjMyOTVhZmI0YzMwNTIxN2E4NA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
a7e0606d-cd4e-4500-8126-117b87a004bb
onetag-sys.com/sync/i,1/ Frame DFE5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
  • https://onetag-sys.com/sync/i,1/a7e0606d-cd4e-4500-8126-117b87a004bb
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,1/a7e0606d-cd4e-4500-8126-117b87a004bb
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 07 Apr 2021 15:18:45 GMT
Server
MT3 3628 75f709e master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/sync/i,1/a7e0606d-cd4e-4500-8126-117b87a004bb
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 07 Apr 2021 15:18:44 GMT
KN7LJKEI-U-2L2Q
onetag-sys.com/sync/i,2/ Frame DFE5
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
  • https://onetag-sys.com/sync/i,2/KN7LJKEI-U-2L2Q
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,2/KN7LJKEI-U-2L2Q
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://onetag-sys.com/sync/i,2/KN7LJKEI-U-2L2Q
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
/
onetag-sys.com/sync/i,19/ Frame DFE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1
  • https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEAjVV5hE0L9L4nmPc8rnTBY&google_cver=1
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEAjVV5hE0L9L4nmPc8rnTBY&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEAjVV5hE0L9L4nmPc8rnTBY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/sync/i,29/ Frame DFE5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/sync/i,29/?tdid=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&ttl=1620400725
43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,29/?tdid=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&ttl=1620400725
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/sync/i,29/?tdid=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&ttl=1620400725
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
211
/
onetag-sys.com/match/ Frame DFE5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=onetag&bsw_custom_parameter=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=onetag&expires=10&bsw_param=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88
  • https://onetag-sys.com/match/?int_id=30&uid=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 07 Apr 2021 15:18:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
8555319055327058093
onetag-sys.com/sync/i,34/ Frame DFE5
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1167&cid=zeHQ01JLZdpTba1y5lUGPwMS4GtLrvUUyuUoAv2-eEw
  • https://onetag-sys.com/sync/i,34/8555319055327058093
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,34/8555319055327058093
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:45 GMT
server
nginx
location
https://onetag-sys.com/sync/i,34/8555319055327058093
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
y-I4YEceNE2uF0H3_lKzquuRrocRXmcM7Q~A~UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac
onetag-sys.com/sync/i,39/ Frame DFE5
Redirect Chain
  • https://pixel.advertising.com/ups/58198/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58198/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58198/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac
  • https://onetag-sys.com/sync/i,39/y-I4YEceNE2uF0H3_lKzquuRrocRXmcM7Q~A~UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,39/y-I4YEceNE2uF0H3_lKzquuRrocRXmcM7Q~A~UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 07 Apr 2021 15:18:45 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://onetag-sys.com/sync/i,39/y-I4YEceNE2uF0H3_lKzquuRrocRXmcM7Q~A~UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame DFE5 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=onetag&uid=zeHQ01JLZdpTba1y5lUGPwMS4GtLrvUUyuUoAv2-eEw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:45 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x3iIJ%2BS5%2Fgk1uYfIioFLHVC2uOegCgQ9HWg69ErkTzGIT%2Fg3QALf7dtDhHS%2FAbcobL470DSlR4CAITUBKVdjFONBrdY2mG0mzMbCBNu8TXkqgUQMLKnpdZ7aJsreoq0%3D"}]}
content-type
image/gif
cf-ray
63c43af4de015369-FRA
content-length
43
cf-request-id
094e832d0a00005369e62d3000000001
a7e0606d-cd4e-4500-8126-117b87a004bb
onetag-sys.com/sync/i,1/ Frame 395F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
  • https://onetag-sys.com/sync/i,1/a7e0606d-cd4e-4500-8126-117b87a004bb
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,1/a7e0606d-cd4e-4500-8126-117b87a004bb
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 07 Apr 2021 15:18:45 GMT
Server
MT3 3628 75f709e master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/sync/i,1/a7e0606d-cd4e-4500-8126-117b87a004bb
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 07 Apr 2021 15:18:44 GMT
KN7LJKEI-U-2L2Q
onetag-sys.com/sync/i,2/ Frame 395F
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
  • https://onetag-sys.com/sync/i,2/KN7LJKEI-U-2L2Q
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,2/KN7LJKEI-U-2L2Q
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://onetag-sys.com/sync/i,2/KN7LJKEI-U-2L2Q
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
/
onetag-sys.com/sync/i,19/ Frame 395F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1
  • https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEAjVV5hE0L9L4nmPc8rnTBY&google_cver=1
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEAjVV5hE0L9L4nmPc8rnTBY&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEAjVV5hE0L9L4nmPc8rnTBY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/sync/i,29/ Frame 395F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/sync/i,29/?tdid=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&ttl=1620400725
43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,29/?tdid=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&ttl=1620400725
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/sync/i,29/?tdid=f95e7fb1-dcfd-48cd-9e1a-5f36b2b0da01&ttl=1620400725
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
211
/
onetag-sys.com/match/ Frame 395F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=23e7fee0-63a5-49c5-b9a7-7b9bd2145600&ssp=onetag&user_group=1
  • https://onetag-sys.com/match/?int_id=30&uid=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=5cf1b0d4-8606-47ac-9b54-b5fdb677ff88&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 07 Apr 2021 15:18:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
y-I4YEceNE2uF0H3_lKzquuRrocRXmcM7Q~A~UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac
onetag-sys.com/sync/i,39/ Frame 395F
Redirect Chain
  • https://pixel.advertising.com/ups/58198/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58198/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58198/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac
  • https://onetag-sys.com/sync/i,39/y-I4YEceNE2uF0H3_lKzquuRrocRXmcM7Q~A~UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,39/y-I4YEceNE2uF0H3_lKzquuRrocRXmcM7Q~A~UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 07 Apr 2021 15:18:45 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://onetag-sys.com/sync/i,39/y-I4YEceNE2uF0H3_lKzquuRrocRXmcM7Q~A~UP8b62d6eb-97b4-11eb-98c4-06101d0df3ac
Connection
keep-alive
Content-Length
0
8555319055327058093
onetag-sys.com/sync/i,34/ Frame 395F
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1167&cid=khhY-nehOBibIeKziHAAUqHbdpRzGBxcwlhkWbulolo
  • https://onetag-sys.com/sync/i,34/8555319055327058093
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,34/8555319055327058093
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:45 GMT
server
nginx
location
https://onetag-sys.com/sync/i,34/8555319055327058093
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
csync
sync.adtelligent.com/ Frame 395F 		86 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=306279&extuid=khhY-nehOBibIeKziHAAUqHbdpRzGBxcwlhkWbulolo
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:18:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif
ptrack
a.audrte.com/ Frame 356E 		380 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=196.240.57.220&p=M1353665098&artime=2021-04-07T15:18:59.816Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.39.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6b5b4f50a56f2ad9fb61da6ce66f785e9ad8b640f90ab05834191f76eb2b5691

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:19:00 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
268
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame 3732
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aea8b69d2ca0db6a8207e0eeb775e99a3e5cd079d6772baa5ef447545a32c53b

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 07 Apr 2021 15:18:59 GMT
content-type
text/html;charset=UTF-8
content-length
1227
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.13.207
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 02-Jan-2022 15:01:00 GMT;SameSite=None;Secure _cc_id=7e428f778ee12e7fedc0c770b72db67e;Path=/;Domain=crwdcntrl.net;Expires=Sun, 02-Jan-2022 15:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQME81MbJIMze3SE01NEo1T0tNSTZINjc3SDI3SkkyM09lAIKE3LPJb%2F%2F%2F%2F88P4kAAAMhTD0w%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 02-Jan-2022 15:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBIyD2bDKSgAAAYuAH%2B";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 02-Jan-2022 15:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

date
Wed, 07 Apr 2021 15:18:59 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.5.206
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
pixel
cm.g.doubleclick.net/ Frame 3732
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=7e428f778ee12e7fedc0c770b72db67e&gdpr=1
  • https://id5-sync.com/c/19/19/9/1.gif?puid=7e428f778ee12e7fedc0c770b72db67e&gdpr=1&gdpr_consent=
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMO4Jo_tII0hrhx8ZGRyR5kPysSTguYGDf2gqorZg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F8%2F2.gif%3Fpuid%3D%24%21%7BTURN_...
  • https://id5-sync.com/c/19/224/8/2.gif?puid=3138294914315962372&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F7%2F3.gif%3Fpui...
  • https://tags.bluekai.com/site/5907?limit=0&id=5088917182012ee78a509cab447e041f&redir=https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMO4Jo_tII0hrhx8ZGRyR5kPys...
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=N2U0MjhmNzc4ZWUxMmU3ZmVkYzBjNzcwYjcyZGI2N2U&google_redir={xENCODEDURL}&id5id=ID5-ZHMO4Jo_tII0hrhx8ZGRyR5kPysSTguYGDf2gqorZg
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=N2U0MjhmNzc4ZWUxMmU3ZmVkYzBjNzcwYjcyZGI2N2U&google_redir={xENCODEDURL}&id5id=ID5-ZHMO4Jo_tII0hrhx8ZGRyR5kPysSTguYGDf2gqorZg
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=N2U0MjhmNzc4ZWUxMmU3ZmVkYzBjNzcwYjcyZGI2N2U&google_redir={xENCODEDURL}&id5id=ID5-ZHMO4Jo_tII0hrhx8ZGRyR5kPysSTguYGDf2gqorZg
cache-control
no-cache
x-server
10.45.28.56
content-length
0
expires
0
tpid=47709057555172077863879574066002009980
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 3732
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=7e428f778ee12e7fedc0c770b72db67e&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=7e428f778ee12e7fedc0c770b72db67e&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=47709057555172077863879574066002009980
49 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=47709057555172077863879574066002009980
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.1.16
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
5CoOaZbgRy4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=47709057555172077863879574066002009980
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3732
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=N2U0MjhmNzc4ZWUxMmU3ZmVkYzBjNzcwYjcyZGI2N2U
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=N2U0MjhmNzc4ZWUxMmU3ZmVkYzBjNzcwYjcyZGI2N2U&google_tc=
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=N2U0MjhmNzc4ZWUxMmU3ZmVkYzBjNzcwYjcyZGI2N2U&google_tc=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:18:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=N2U0MjhmNzc4ZWUxMmU3ZmVkYzBjNzcwYjcyZGI2N2U&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 3732 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=7e428f778ee12e7fedc0c770b72db67e
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.38.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:18:59 GMT
cache-control
private, no-cache, no-store
x-request-time
D=50 t=1617808739
x-served-by
beacon-n012-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
tpid=YG3NZAAAAHr8RwUS&_test=YG3NZAAAAHr8RwUS
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 3732
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YG3NZAAAAHr8RwUS
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YG3NZAAAAHr8RwUS&_test=YG3NZAAAAHr8RwUS
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YG3NZAAAAHr8RwUS&_test=YG3NZAAAAHr8RwUS
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.9.98
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1617808740.095935,VS0,VE0
x-served-by
cache-hhn4051-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YG3NZAAAAHr8RwUS&_test=YG3NZAAAAHr8RwUS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tpid=941c1d3b-97b4-11eb-aa8c-2aa9088e5f87
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 3732
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=7e428f778ee12e7fedc0c770b72db67e&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=7e428f778ee12e7fedc0c770b72db67e&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=941c1d3b-97b4-11eb-aa8c-2aa9088e5f87
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=941c1d3b-97b4-11eb-aa8c-2aa9088e5f87
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=749522054/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:00 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.19.177
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Wed, 07 Apr 2021 15:19:00 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=941c1d3b-97b4-11eb-aa8c-2aa9088e5f87
alt-svc
clear
content-length
0
p
a.audrte.com/ Frame 356E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cacDFwiEQ6-QYyUH7GHZoZhVA&gdpr=0&gdpr_consent=null
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cacDFwiEQ6-QYyUH7GHZoZhVA&gdpr=0&gdpr_consent=null&google_gid=CAESEKTwCIArecInL_E0zqa0qYA&google_cver=1
  • https://a.audrte.com/p
68 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.39.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:19:00 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 07 Apr 2021 15:19:00 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 356E
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=null
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=null
  • https://a.audrte.com/a?adform_uid=7160053622482955105
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&google_gid=CAESEKTwCIArecInL_E0zqa0qYA&google_cver=1
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=cacDFwiEQ6-QYyUH7GHZoZhVA&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206N...
  • https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.39.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:19:00 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 07 Apr 2021 15:19:00 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
ps.eyeota.net/pixel/bounce/ Frame 356E
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=cacDFwiEQ6-QYyUH7GHZoZhVA&gdpr=0&gdpr_consent=null
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=cacDFwiEQ6-QYyUH7GHZoZhVA&gdpr=0&gdpr_consent=null
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=cacDFwiEQ6-QYyUH7GHZoZhVA&gdpr=0&gdpr_consent=null
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 15:19:00 GMT
Content-Type
application/javascript
Content-Length
1226
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=kh51m51&t=ajs&uid=cacDFwiEQ6-QYyUH7GHZoZhVA&gdpr=0&gdpr_consent=null
Date
Wed, 07 Apr 2021 15:19:00 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5aee43ae0ab29a91ab163769025463295a4c819746cc6ddbcc9ff1ec67819b92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 15:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6528
x-xss-protection
0
syncframe
gum.criteo.com/ Frame B746 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=nv.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=nv.ua
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nv.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nv.ua/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1722
date
Wed, 07 Apr 2021 15:19:00 GMT
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-51943557-1&cid=670222609.1617808715&jid=864904055&gjid=1746578587&_gid=797972192.1617808715&_u=aHBAgEABAAAAAE~&z=111888058
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 07 Apr 2021 15:19:00 GMT
content-type
text/plain
access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=2076548838&t=event&ni=1&_s=3&dl=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0.%20%D0%92%D1%81%D0%B5%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%9D%D0%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=TTFB&el=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ev=1083&_u=aHBAgEABAAAAAE~&jid=864904055&gjid=1746578587&cid=670222609.1617808715&uid=0&tid=UA-51943557-1&_gid=797972192.1617808715&gtm=2wg3v0WKM63L&cd2=-120&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd11=0&cd12=none&z=1265196946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18923
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=2076548838&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0.%20%D0%92%D1%81%D0%B5%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%9D%D0%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=10&el=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&_u=aHhAAEABAAAAAG~&jid=199908462&gjid=1932564106&cid=670222609.1617808715&tid=UA-51943557-1&_gid=869263563.1617808741&_r=1&gtm=2wg3v0WKM63L&z=201069741
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=2076548838&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0.%20%D0%92%D1%81%D0%B5%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%9D%D0%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=20&el=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&_u=aHjAAEABAAAAAG~&jid=&gjid=&cid=670222609.1617808715&tid=UA-51943557-1&_gid=869263563.1617808741&gtm=2wg3v0WKM63L&z=1547340264
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 19:54:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69851
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 07 Apr 2021 15:19:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-51943557-1&cid=670222609.1617808715&jid=864904055&_u=aHBAgEABAAAAAE~&z=20649439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-51943557-1&cid=670222609.1617808715&jid=864904055&_u=aHBAgEABAAAAAE~&z=20649439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdb
bidder.criteo.com/ 		578 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=106&profileId=185&av=32&wv=4.15.0-11&cb=20777167358
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
49ca44e59a115832cb73b5681f7e078b3ef881c680041f11b8b97097cac5365d

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Apr 2021 15:19:00 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nv.ua
access-control-allow-credentials
true
timing-allow-origin
*
content-length
264
auction
rtb.adxpremium.services/openrtb2/ 		324 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab25c34eeacd1846c48ea213d500bf4103ffd17d0c072a6db38aa0d6edc615e6

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Apr 2021 15:19:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
094e836a7800002b22132e1000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pwd196Yrmzk6ABflnDIm%2BZNP7iBmiV7OUSUo5Tv1YUuYBY%2BLP%2Fwfl2edRvBgSbnpVFld1y1vLm8Fl3Ws75spTB9fEz8RcsC16xPEJCtCSniit4GuPI6XYEbv5Ml7%2FkcjoJxJ8w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/json
access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
63c43b572d2d2b22-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1584412&size_id=2&rp_schain=1.0,1!adtelligent.com,285119,1,,,&eid_pubcid.org=007ff2a2-da9a-4ca4-9093-3fb58d4c77a8%5E1&rf=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=36b5fc44-969c-4cbf-85b9-63c67b08ad80&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.14373999657029968
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
73e833c044c696c1ee98aa13098792ef41079f3bc23a6a832d898e25705a375f

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:19:01 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://nv.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1584412&size_id=2&rp_schain=1.0,1!adtelligent.com,285119,1,,,&eid_pubcid.org=007ff2a2-da9a-4ca4-9093-3fb58d4c77a8%5E1&rf=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=b36ad888-3983-4d2f-8db2-32cee744c0d2&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7834322273041145
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f7513f927ab9a91d7fb8ecd3f47cfd8add386a4f2b3fa08d65b60ef70352725b

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:19:01 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://nv.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1584412&size_id=2&rp_schain=1.0,1!adtelligent.com,285119,1,,,&eid_pubcid.org=007ff2a2-da9a-4ca4-9093-3fb58d4c77a8%5E1&rf=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=2c15a3c9-8a25-4652-b15d-b4a6a5204e31&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.13351140098277448
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
35beab06c66954d1b982fe1caafec8b9361c6e3b295e48a3a1af45b5010374b6

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:19:01 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://nv.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1584412&size_id=2&rp_schain=1.0,1!adtelligent.com,285119,1,,,&eid_pubcid.org=007ff2a2-da9a-4ca4-9093-3fb58d4c77a8%5E1&rf=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=df9278c5-45f9-403d-b0c0-bc051d91d679&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8383509201168027
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
76a5ba250444e415aff4348a91dfdd2d2884d10f1c7088c2548cea32dc260dcc

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:19:01 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://nv.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1584412&size_id=2&rp_schain=1.0,1!adtelligent.com,285119,1,,,&eid_pubcid.org=007ff2a2-da9a-4ca4-9093-3fb58d4c77a8%5E1&rf=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=3a4f7af2-8d75-46f8-bde9-1b997d48ecf3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.421275570717929
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7c8bdd0e6dfdc3ee3b26ab356cbc4b0febdb6903e65706ecec91bea977e1e757

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Apr 2021 15:19:01 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://nv.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nv.ua
date
Wed, 07 Apr 2021 15:19:01 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
ghb.adtelligent.com/v2/auction/ 		1 KB
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
36ba61c3472ddbef58dace2c4dfbcce615a149ca55190f6c53532a1899bf1f17

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 07 Apr 2021 15:19:00 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nv.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
256
prebid
ib.adnxs.com/ut/v3/ 		611 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
5065e5453b5952aa756162ee8ef479b9ac58c9c96bb1620c96ea944530814a1b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 07 Apr 2021 15:19:01 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
196.240.57.220; 196.240.57.220; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.197:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6a298f86-69d7-428a-b84d-13deeb6d87d2
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://nv.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		612 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
3ccfce36269afc6f5928557a7979876053dd14a7a3e253849d01ce76c63055e9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 07 Apr 2021 15:19:01 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
196.240.57.220; 196.240.57.220; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.240:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3b774a3a-fd49-4f1f-b7ba-1e5ffdffc3d6
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://nv.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adtelligent-d.openx.net/w/1.0/ 		173 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=36b5fc44-969c-4cbf-85b9-63c67b08ad80%2Cb36ad888-3983-4d2f-8db2-32cee744c0d2%2C2c15a3c9-8a25-4652-b15d-b4a6a5204e31%2Cdf9278c5-45f9-403d-b0c0-bc051d91d679%2C3a4f7af2-8d75-46f8-bde9-1b997d48ecf3&nocache=1617808740994&pubcid=007ff2a2-da9a-4ca4-9093-3fb58d4c77a8&schain=1.0%2C1!adtelligent.com%2C285119%2C1%2C%2C%2C&aus=728x90%7C728x90%7C728x90%7C728x90%7C728x90&divIds=banner-ad-5wh%2Cbanner-ad-oxs%2Cbanner-ad-mgp%2Cbanner-ad-x1%2Cbanner-ad-9bf&auid=541177132%2C541177132%2C541177132%2C541177132%2C541177132
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
0c0cdc4b93ae4b58caafbb6d2ac492fbe2bf195c0e7c6eb2e31c575dfa0d8b9e

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:01 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://nv.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.15.0-11
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
2e86d8285c80ab2c26331379323ac16ba33626c06bbdf90bd8fdd526cc391f40

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 07 Apr 2021 15:19:01 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nv.ua
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6815395128319985&tz=-120&fl=0&rr=direct&s=2777852&bidid=113ba927bbf4ff2e&transactionid=36b5fc44-969c-4cbf-85b9-63c67b08ad80&auctionid=7...
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6815395128319985&tz=-120&fl=0&rr=direct&s=2777852&bidid=113ba927bbf4ff2e&transactionid=36b5fc44-969c-4cbf-85b9-63c67b08ad80&auctionid=7...
2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6815395128319985&tz=-120&fl=0&rr=direct&s=2777852&bidid=113ba927bbf4ff2e&transactionid=36b5fc44-969c-4cbf-85b9-63c67b08ad80&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=728x90&jst=hb&ord=6815395128319985&tz=-120&fl=0&rr=direct&s=2777852&bidid=113ba927bbf4ff2e&transactionid=36b5fc44-969c-4cbf-85b9-63c67b08ad80&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://nv.ua
content-length
0
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=4260908111633981&tz=-120&fl=0&rr=direct&s=2777852&bidid=11454aa2cddf7825&transactionid=b36ad888-3983-4d2f-8db2-32cee744c0d2&auctionid=7...
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=4260908111633981&tz=-120&fl=0&rr=direct&s=2777852&bidid=11454aa2cddf7825&transactionid=b36ad888-3983-4d2f-8db2-32cee744c0d2&auctionid=7...
2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=4260908111633981&tz=-120&fl=0&rr=direct&s=2777852&bidid=11454aa2cddf7825&transactionid=b36ad888-3983-4d2f-8db2-32cee744c0d2&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=728x90&jst=hb&ord=4260908111633981&tz=-120&fl=0&rr=direct&s=2777852&bidid=11454aa2cddf7825&transactionid=b36ad888-3983-4d2f-8db2-32cee744c0d2&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://nv.ua
content-length
0
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6738821789312899&tz=-120&fl=0&rr=direct&s=2777852&bidid=1154bf3874b974e4&transactionid=2c15a3c9-8a25-4652-b15d-b4a6a5204e31&auctionid=7...
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6738821789312899&tz=-120&fl=0&rr=direct&s=2777852&bidid=1154bf3874b974e4&transactionid=2c15a3c9-8a25-4652-b15d-b4a6a5204e31&auctionid=7...
2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6738821789312899&tz=-120&fl=0&rr=direct&s=2777852&bidid=1154bf3874b974e4&transactionid=2c15a3c9-8a25-4652-b15d-b4a6a5204e31&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=728x90&jst=hb&ord=6738821789312899&tz=-120&fl=0&rr=direct&s=2777852&bidid=1154bf3874b974e4&transactionid=2c15a3c9-8a25-4652-b15d-b4a6a5204e31&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://nv.ua
content-length
0
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=58985650924949.78&tz=-120&fl=0&rr=direct&s=2777852&bidid=11672bb38dbc539e&transactionid=df9278c5-45f9-403d-b0c0-bc051d91d679&auctionid=...
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=58985650924949.78&tz=-120&fl=0&rr=direct&s=2777852&bidid=11672bb38dbc539e&transactionid=df9278c5-45f9-403d-b0c0-bc051d91d679&auctionid=...
2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=58985650924949.78&tz=-120&fl=0&rr=direct&s=2777852&bidid=11672bb38dbc539e&transactionid=df9278c5-45f9-403d-b0c0-bc051d91d679&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=728x90&jst=hb&ord=58985650924949.78&tz=-120&fl=0&rr=direct&s=2777852&bidid=11672bb38dbc539e&transactionid=df9278c5-45f9-403d-b0c0-bc051d91d679&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://nv.ua
content-length
0
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=838417673802116.5&tz=-120&fl=0&rr=direct&s=2777852&bidid=117dcc8b5cb002dc&transactionid=3a4f7af2-8d75-46f8-bde9-1b997d48ecf3&auctionid=...
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=838417673802116.5&tz=-120&fl=0&rr=direct&s=2777852&bidid=117dcc8b5cb002dc&transactionid=3a4f7af2-8d75-46f8-bde9-1b997d48ecf3&auctionid=...
2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=838417673802116.5&tz=-120&fl=0&rr=direct&s=2777852&bidid=117dcc8b5cb002dc&transactionid=3a4f7af2-8d75-46f8-bde9-1b997d48ecf3&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=728x90&jst=hb&ord=838417673802116.5&tz=-120&fl=0&rr=direct&s=2777852&bidid=117dcc8b5cb002dc&transactionid=3a4f7af2-8d75-46f8-bde9-1b997d48ecf3&auctionid=7ljxpe.0y&ref=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert%2831337%29%3B%253C%2Fscript%253E%26page%3D2&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://nv.ua
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-51943557-1&cid=670222609.1617808715&jid=199908462&gjid=1932564106&_gid=869263563.1617808741&_u=aHhAAEABAAAAAG~&z=1996097307
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 07 Apr 2021 15:19:01 GMT
content-type
text/plain
access-control-allow-origin
https://nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame CD42 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nv.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nv.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 07 Apr 2021 14:48:30 GMT
expires
Thu, 07 Apr 2022 14:48:30 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1831
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
events
bidder.criteo.com/csm/ 		0
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nv.ua
date
Wed, 07 Apr 2021 15:19:00 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
ga-audiences
www.google.com/ads/ 		42 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-51943557-1&cid=670222609.1617808715&jid=199908462&_u=aHhAAEABAAAAAG~&z=342261027
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-51943557-1&cid=670222609.1617808715&jid=199908462&_u=aHhAAEABAAAAAG~&z=342261027
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
pagead2.googlesyndication.com/bg/ Frame CD42 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 14:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
1821
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
expires
Thu, 07 Apr 2022 14:48:40 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nv.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 15:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nv.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 15:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2369844735986556&correlator=2622821372814833&output=ldjh&impl=fifs&eid=31060550%2C31060699%2C31060320%2C44739387&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210407&iu_parts=271925883%2Cv_lente2&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C728x90%2C728x90%2C728x90%2C728x90&prev_scp=excl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST&eri=1&cust_params=article%3D%26lang%3Dru%26razdel%3D2457%26section%3D2457%26url%3Dhttps%253A%252F%252Fnv.ua%252Fallnews.html%26newnv%3D1%26only_selfpromo%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1617808741&dt=1617808741250&dlt=1617808714271&idt=1052&frm=20&biw=1600&bih=1200&oid=3&adxs=185%2C185%2C185%2C185%2C185&adys=307%2C950%2C1540%2C2203%2C2833&adks=2558219261%2C2558144442%2C2558156534%2C760155486%2C2558216547&ucis=4%7C5%7C6%7C7%7C8&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnv.ua%2Fallnews.html%3Futm_source%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_medium%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26utm_campaign%3D%2522%2522%253Cscript%253E%3Balert(31337)%3B%253C%2Fscript%253E%26page%3D2&vis=1&dmc=8&scr_x=0&scr_y=0&psz=920x100%7C920x100%7C920x100%7C920x100%7C920x100&msz=920x90%7C920x90%7C920x90%7C920x90%7C920x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=670222609.1617808715&ga_sid=1617808715&ga_hid=2076548838&ga_fc=false&fws=4%2C4%2C4%2C4%2C4&ohw=920%2C920%2C920%2C920%2C920
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
cf668b590d37afed90825589cd0cc5418c82f98793314993280a319e3ad3d6e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 15:19:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nv.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=2369844735986556&bg=!JSalJmLNAAY56aLOOek7ACkAdvg8WlB0zv2rsvWhqHg2NudhtOmHRDSylFc-NH1_PdRnHVZBH08gyAIAAAE7UgAAAAxoAQcKATsncchnSldx4MfV-OSPRECud6lSNpIxePiTmuRynnnLAajnzvIisFrBn5146pXfeqFoSRgKWhk2lQPrKM-8IL2s3D0F7OGQLQ2-GeOWn-J8E7CDkKo7pSpYLVw5zjzFbnBYEep5S46NjCDoCx5r6htbT91Ldg-GDjx-16MnqX1NXAoRJj7vZ74yn9eCZjkpa5q8NdCMbUZpo0m4b-fzWDbXDZuHmqtzwzlH5ko2xytmKpu38AgNKA6fcKqpPeCKFCGxWtoXDz4KOZ8BJPX4wZ7n9CkQjFdr_Dd-3a-4sbqocFGTjlVAuIrh6uu_X8-u1jV_E6P9QdDLfdYw1VJqc0bJaFG4nmMMmGwCLSbNW4k97hFxegLGO6WC0Q5ynGCyyER3k8kCybtPfxMPnZk3OxYJKPcbIikZGFJTgiiZAcqMeMX6dupnCk-8PI4n1t0RbiaMTosgbMpKf94KTfdRTnQ8Kk1_lgbanqJrSzyeIbCbB6cvIs5YqhdSgCHtnYjt4LH05N4832FYQ8e7Ij92pBSCNi_zxDAWYKCBJ6EAOPelZ-g75O4ZTwehWmej3JuHtcR9wFY5Of6zkMUO79c2zRalq-yDCE_bnHAbUm3eQt0stjQmOTAPLdO1J3d_oeBNmKAFA-41CK8xiqUEUuGFOwO_903HbUqmimMhlJP2AIhjn722gDR0pxPvegeb9Sf0uUg3suyosZQz4bOBladO-2VOnwgxtAhWqqbzYmyxs8TcsJilyNWPsgjWepUmO8DYtXl3SoEIhBFyooyD3yn1c4aAdXAY5x_hr8xWF_4xY5QprwMUNR8zj1WayoSnXGWn8dch1AlDa_JkJ2OVshqT5h_3jQ5kDod9f8pV2cQgHLgu14r2exMkFX05jBZGpeF0NXSiP4jrhAT0XGSrusLf3TntFy1CX47CiGyryu9_RCpJGuxZsDgJ3KVAbIXex3afjSCi-fb8_Wxogt7M9ZqvB8H0z7LuRVTugmelJxAk_OjgcAu2qS3o4vC8EbvQt2wkTgvMwmwwF95-hg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Apr 2021 15:19:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449391/wrapper_hb_285119_882.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nv.ua
Date
Wed, 07 Apr 2021 15:19:01 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
collect
www.clarity.ms/eus2/ 		7 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.10/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer
https://nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 07 Apr 2021 15:19:04 GMT
content-encoding
br
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://nv.ua
access-control-allow-credentials
true
x-azure-ref
0Z81tYAAAAACKInicVJ3XSYNIm1By4506TE9OMjFFREdFMTUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i1.sndcdn.com
URL
https://i1.sndcdn.com/artworks-BFq1EJoWbTP7-0-t200x200.jpg
Domain
mug.criteo.com
URL
https://mug.criteo.com/sid?cpp=wgkeFXwwSG9aaTN3QTdKSDE4UFZFOERUUEJ5K25lOVg2Nk5MalkyK2V3Y0o5UHVEcXU5bk52SjNuV1dyVU90eGRDMFhUdllkT0pra0daZk5LNWtFYVY1RVYvdWNFQTB0TzdqZFJ4TEJKeEUzeUdoUXAxUUFpcEhsdnM0eFdobzR3MTNxUkdhZndKSUg5ZXlvTnl1ZE1ZZFltWVlaWjFhaWk1eFZ1aFpla0FveFdlaDkxN0JzS2RDMGNSVVpZa3UyNFNGMnNKdU4zQ0hiTXRYMlo1dGU1SXdtS2JnPT18&cppv=2
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/eplanning

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| botPattern object| re string| userAgent boolean| realAgent string| device_type string| globalLang boolean| show_paywall_attention string| globalDomain string| NvMain string| NvMainDomainCookie number| iww boolean| article_id boolean| user_shared_code function| readCookie function| addParam function| loadBlock function| loadBlockTest boolean| lazy_ad object| googletag boolean| data_layer_top_category_id object| dataLayer object| js_script_list function| loadScript function| loadScriptAmp number| dayMs number| cb string| vpbSrc string| gptSrc object| chead object| dfpSlots object| mobSlots object| issetSlots number| rendered_slots function| runCatfish function| renderFirstBanners function| init_google_tag boolean| dclhandler string| testURL object| myInit object| myRequest function| fix_branding function| load_paywall_css string| pp_gemius_identifier string| pp_gemius_identifier_infinite function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event boolean| load_campaign_js object| rempConfig object| remplib object| google_tag_manager function| $ function| jQuery function| Cookies number| infinite_article_counter number| infinite_article_counter_all object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady function| clarity object| vpb string| program_name object| webVitals object| gaplugins object| gaGlobal object| gaData object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| allGa object| tracker object| ggeac object| google_js_reporting_queue object| x function| vmpbjsChunk object| vmpbjs object| _pbjsGlobals function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| Criteo object| iframe_for_links object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106 undefined| mobile string| slot object| sizes object| targeting object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.nv.ua/ Name: _dc_gtm_UA-51943557-1
Value: 1

14 Console Messages

Source Level URL
Text
console-api log URL: https://nv.ua/scripts/after_scripts.min.js?3.344(Line 1)
Message:
loadAd
console-api log URL: https://nv.ua/allnews.html?utm_source=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_medium=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&utm_campaign=%22%22%3Cscript%3E;alert(31337);%3C/script%3E&page=2(Line 292)
Message:
renderFirstBanners
console-api log URL: https://nv.ua/scripts/after_scripts.min.js?3.344(Line 1)
Message:
cls - 0.00007711260986328126 [object LayoutShift]
console-api log URL: https://nv.ua/scripts/after_scripts.min.js?3.344(Line 1)
Message:
cls - 0.008633565429687502 [object LayoutShift]
console-api log URL: https://nv.ua/scripts/after_scripts.min.js?3.344(Line 1)
Message:
3
console-api error URL: https://player.adtelligent.com/prebidlink/449391/wrapper_hb_285119_882.js(Line 1)
Message:
localStorage unavailable
console-api warning URL: https://player.adtelligent.com/prebidlink/ex18725/hb_285119_882.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://podcasts.nv.ua/embed_v2/2317.html(Line 158)
Message:
1
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 127)
Message:
arResponse->{"pxcalls":"https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cacDFwiEQ6-QYyUH7GHZoZhVA&gdpr=0&gdpr_consent=null|https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=null|https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=cacDFwiEQ6-QYyUH7GHZoZhVA&gdpr=0&gdpr_consent=null"}
console-api log URL: https://nv.ua/scripts/after_scripts.min.js?3.344(Line 1)
Message:
cls - 0.0474375 [object LayoutShift]
console-api log URL: https://nv.ua/scripts/after_scripts.min.js?3.344(Line 1)
Message:
cls - 0.0531875 [object LayoutShift]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

543ff8d496f05274d4d8e0f4fbfaeba2.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.playground.xyz
ads.programattik.com
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
analytics.google.com
ap.lijit.com
aud.pubmatic.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bidswitch-eu.splicky.com
bn01.er.bemail.it
c.bing.com
c.clarity.ms
c1.adform.net
cdn.admatic.com.tr
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
creativecdn.com
cs.admanmedia.com
csync.loopme.me
d.turn.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
green.erne.co
gum.criteo.com
i1.sndcdn.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.nv.ua
images.weserv.nl
inv-nets.admixer.net
js.adscale.de
js.cookieless-data.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
nv.ua
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
player.adtelligent.com
pm.w55c.net
podcasts.nv.ua
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
prod.perf-serving.com
ps.eyeota.net
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
sddan.mgr.consensu.org
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.tidaltv.com
t.trafmag.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
uipglob.semasio.net
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
usermatch.krxd.net
visitor.fiftyt.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
i1.sndcdn.com
mug.criteo.com
sync.1rx.io
104.111.230.142
104.111.237.88
116.202.114.114
142.250.185.98
142.250.186.34
146.0.227.110
151.1.205.165
151.101.114.49
151.101.13.44
157.90.167.185
159.253.128.183
159.65.197.210
159.69.72.190
178.162.133.149
178.250.0.157
178.250.0.163
178.250.2.131
18.156.0.31
18.158.173.146
18.185.192.106
18.192.249.156
18.213.190.7
184.30.20.207
184.30.212.16
184.30.24.198
184.30.24.241
185.184.8.30
185.29.132.68
185.64.189.110
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.86.137.132
188.42.191.196
193.200.65.5
198.148.27.139
199.232.137.44
2001:678:cb4:bbbb::11
212.82.100.182
213.155.156.167
213.174.135.2
213.19.162.61
216.52.2.48
217.156.250.128
23.45.110.176
2606:4700:10::6816:1957
2606:4700:20::681a:24e
2606:4700:3030::ac43:8f51
2606:4700:3039::6815:c04d
2606:4700::6810:7baf
2606:4700::6810:ef3
2606:4700::6812:c05
2606:4700:e0::ac40:6208
2620:116:800d:21:f916:5049:f87f:108e
2620:1ec:29::19
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::2008
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:809::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
2a00:1450:400c:c0b::9c
2a00:1450:400c:c1b::9c
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:20::2040
2a05:d018:24:b001:cff3:ca6f:14e6:5ad7
2a0c:5c81:5139::2
2a0c:5c81:5142::2
3.122.38.187
3.125.70.222
3.127.52.31
34.247.242.33
34.251.130.56
34.98.107.212
34.98.64.218
34.98.67.61
35.156.143.112
35.170.112.41
35.170.39.52
35.201.81.244
35.201.96.126
35.210.215.44
35.227.248.159
35.227.252.103
35.241.40.233
35.244.174.68
37.157.3.28
37.157.6.242
37.252.172.37
37.252.172.38
37.252.173.135
46.228.164.13
46.249.52.248
5.178.65.245
5.178.65.252
51.158.28.83
51.158.29.13
51.75.146.200
51.89.9.254
51.89.96.188
51.89.96.192
52.142.114.2
52.208.139.62
52.222.179.19
52.30.140.199
52.46.130.13
52.57.10.248
52.95.124.170
54.194.38.108
54.220.102.114
54.229.253.85
54.37.238.28
54.77.242.172
54.78.254.47
62.149.0.72
62.209.227.210
66.155.71.149
66.155.71.25
67.202.110.34
69.173.144.138
69.173.144.165
72.251.241.204
77.243.60.138
85.114.159.118
88.214.206.247
89.163.159.106
89.187.169.15
94.23.171.206
0042d508c0caeb7dc0fe620937e0edd5ec719587315f3cfe76d020341d2a9cb5
081c2dad5676b884ff231278bdff6043faca62a397ad3bac79f1b2c1871bd9bc
08caadf02a9ff00468b95007670e4507ac9e3e1e6429e5dffda1d21da4434800
095ca32104906696ff483d496c7515d65ca0f146dba5f336d8281e348b937fa9
0a51d27b5d94b6cfa1f5c86af7bb349edccd7cba7a8250996119ea2ac4b049af
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0cdc4b93ae4b58caafbb6d2ac492fbe2bf195c0e7c6eb2e31c575dfa0d8b9e
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
0e09ec511519a836eaa2b69cc359db14850b0934820ddcbe99dd3dd8d6859583
11a2ee3491b0b720c8f6d5f2cdd8ca808ec01265c87c526ff7e2b8c8d37daf8f
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
195a5ab426f1421a0aaf156f63d86957c1e3c626b4c5536e1c3a32184ad04ba4
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
282af816b2420501fa3ad796a712dfbd9a9f7360abf08ea42afa9c50ec1e0ff4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b605bee497d0e562ad56c31196c8e41ef05c17e9f931cfa5c1da9996b24a69a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e86d8285c80ab2c26331379323ac16ba33626c06bbdf90bd8fdd526cc391f40
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3099ac9af9882acead3c56398aba8e7c303ec6c3e2e395f666f40bd0510ae5e5
30b7ccfa12a2c42daec35ea57c2c277e7b3c873a53a9a85bef3e55322853a0e4
330823a9c88f77c9d63652d51e608d867c6f2b8c52cb188dba439a9b5b597e53
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
35343e080a770f8f56e0862265a7db5eca0ccd0448fb8b6ae5820da73055b8d3
35beab06c66954d1b982fe1caafec8b9361c6e3b295e48a3a1af45b5010374b6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ba61c3472ddbef58dace2c4dfbcce615a149ca55190f6c53532a1899bf1f17
38467c8be3a3ab05b8878935bbbdc1c22c7907fc3d30856d66ce1c78fcfa8199
3ccfce36269afc6f5928557a7979876053dd14a7a3e253849d01ce76c63055e9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
423c910658299c90e1b2809f08f076450854ec81c376bf39409c841ac06fd8ef
426daea17bea7872e39b0e54d9d1a04c490468d43e6ad605dd88ac3d90ea3322
46308b77defa90c2585b8d4e803b43ad4f18cf28a0b3dcafe389d2aac1d8f9f1
4891b416e467416c885a566fa9a040bc179c0ca0cf2afafb931fdcc62dfc80ed
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49ca44e59a115832cb73b5681f7e078b3ef881c680041f11b8b97097cac5365d
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4ac5a55227dbb54e7d3dcb2f172ad9aa0088b749ae04b7cd9ccad8ab4752c67e
4b216b43f9b11a8ceaf584e09277b78e39f205ecbe4a871c9c974a7d8ff116bb
4bdf6ad8c02ed34d0d07f8116ca0aca393ad803b3b26a85fa67e0164208155ba
4c90af9d2a8708f34431e7b3e61633595ccebb11d1797f662f1043d115fad8ae
4d38e43ea69752e80c8337281dee34a43315cd5d1a10c9a6c3d57f433aff6086
4d6464c93e8743d8773dd26c4daa08ff90201029322b1e2ec5f6ddc5599170e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa662ac6f167432774aedd5a0348e40c3d33e2e78aa888e19cc1924c881fe8d
5065e5453b5952aa756162ee8ef479b9ac58c9c96bb1620c96ea944530814a1b
50a1a5013c78162d8faf9f0f2d3de81f187b7c25d4ccb649abdb42dee70c51cc
50b52ad74ac298797b6f8e784af3a0a532b3fd83b9471c7933d2ebd51d607b58
522d603dd6008fee8d3091d8ddedfe5ab28bf33decb01a712ce9d6e685f2c306
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c11a2609e45599aba37f71e4783dfd8e292d3ab00fddfbfdde80c2bd909a47
57fa16e084294bd6416b2ec3f81fd25c8f20a46b1adfbb40be26d44e260e444c
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
593fd02481825f18ff779a0505d6e3117b245059df8eb40469c5464b622c3379
5aee43ae0ab29a91ab163769025463295a4c819746cc6ddbcc9ff1ec67819b92
5f661bd0db00a7bf9f68a1630925f3f68983533ed3766287d39b69c3d7e970c3
60138ac95b0a4f3de9b750b08b4ef13b1ec1fc1d3f54ffc7beb397457d9e23fd
601ecef6383d02e04903fdf3dd7cfdd968fb09973e39f74b583eb7b9773e8f0e
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
652377ab7d580a4124cc4d47f9704e5a4dcc6ddcb25b04e694a3c45bb1d602fd
65db01ca75ddc2799c6d75473611717980a4549684da1f8021ec163e2b12ed59
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
691614a44753386c2c39ffbe50e1d16bac669f5553ddd3bbbb24ddc174b4f559
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5b4f50a56f2ad9fb61da6ce66f785e9ad8b640f90ab05834191f76eb2b5691
6ce16b17ebe2280f01910b3f6d148232792dbc2e6a25afd275ec52a631cce9c1
6e74d7dbb84774e89bbb01d3ec2490647e716e7b59a3815772ef5113dbe03ead
6f0381e6e77d76d8e275a7ba4e7b5d7844924c5fc8bd47fe5632f9b309d21409
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696
729f40b4dfc4dbceaf84e3c702e5aa82c04f44f39d4e55f24607fb3dae0554c5
73e833c044c696c1ee98aa13098792ef41079f3bc23a6a832d898e25705a375f
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
76744a3be2fd9683d85859cd42db6b6a3f78098a8763072616772b7d68937c39
76a5ba250444e415aff4348a91dfdd2d2884d10f1c7088c2548cea32dc260dcc
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
76d2932c72bc6eee0fe4d7f75828aa013df3ae07028184330d0b9c8a1abb279b
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
797a41183380e088a95d924b04e7c6a691a3aca40d6ba4de02e2de806c58fe12
7ad56205516bec6fb9a3e6ab708aaa4113951400f5c6bf67f01f279a512a31c8
7c59008c7a1085a99f7e1a4eb54d3f4e9ede9b37f66318a755b0dc71442e56d2
7c8bdd0e6dfdc3ee3b26ab356cbc4b0febdb6903e65706ecec91bea977e1e757
7d9336348500bc6a97839c42cb271ca0404a865a5bafd12174fa2ff4d32bcc62
7d97ffb2b30f5e29c41c00c892d622a504d940ffccec9405a2a48b94aab80abb
800092769e38c69393e7e0f6e6812f26c12c7454af68c2d14fa0425cb0e427a5
81614fd68f45143c48a078e0e415aa77646a3ff1b2ca773ef30b3206901d5907
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841fa945d142d65e894106bf8d8da792705b6152a7cdc689ef9110bf7dee8aba
84b0149a6fb9f938c2833204abde9e572889047723378d59b89313b29ed4e4cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85c4748941a16439602b38abf464d0f40be68a0372f8d8153724ec2e3b6846a0
8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9001da2f72b1fb8369e953c1cea98365285b833f67eca991c3ea1cececf3b533
90ce28d6308e40f35f50277d920678e4178ff2d6c2808650e3c7c4f298d87bf6
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
9545b9bbccbb290694c9b958da74a3f2dd244dff76d5c6b3b4342e5bfe396bc7
979d6dfef399a18c7184be9aea7e253473cf3313f9ff3e2081a8cd3ac73cd7d5
9891c0ddf0a7156ec92f1cc430763b1960e44a793be61eea8a022cd9aafd75d1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9aeb04131df1322b44d201b4298aff834e34a31cf3fc2e72dc2341896bff49d3
9aed14c27463f1981719f08343187ea6982a22972db5973c0255da71d26fe71e
9fb640f38da945aad19b70f2866fb5c98cf1b18c60ebf3bff2740c7a2f351e73
9fdd07088a51f86cbfa3dd7c83256ab21e99ef54e9a157e00937d68bbfc3bdf6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a127af41d27c28c65f968b49a6523c642374f983741f50eb822989c6a78c3111
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a92c2065909c0a88c67ff41e0bc2b22f8cf58080c42fde39602c8fef605570bf
a980f4692ff779d4ad61947051f7c3751220cab55d1fdeaf6b73ee643e98be30
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab25c34eeacd1846c48ea213d500bf4103ffd17d0c072a6db38aa0d6edc615e6
acb78f109a4a5b5c802f4951c81f7c5ac8998b00adb623e46620dc437b69e929
aea8b69d2ca0db6a8207e0eeb775e99a3e5cd079d6772baa5ef447545a32c53b
aee96656644210c739b6662323bfde275b6afffc5971fcea912339adb718946a
af2f3a56f03af12beb410aefc703ad0fe7ec3da5df2f6bd25a1b9d34e040eeb7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b657b436888daa1644bb6ee01c6d83003a8169870de6e268388e97508f05a077
bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225
c08143b63f03aef908297a8787da1123973b7cfada7ea0c515e682d8617f26b3
c130bf96d875728c1c3ad6be75dfbe49453a8d4bd1c591dada02a1ba5143671c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5631e6baefe98ba1a122c2326bb5c9713dd0682da1f8e2fe5e6ed3e795763a0
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cc06e0839b8c3e8054a4daaba2fa9ed5a4d0d509a3ffbe3799cc749f7bc4720c
cd15990b17d2d9fc3f84859e5cc778ee22113b01592f5d98433d44ca4a4ffee2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf668b590d37afed90825589cd0cc5418c82f98793314993280a319e3ad3d6e5
de0e47e5fee6f22ad1228c795c56141567894b7449920bd3c1567b9663c91dd7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df99a5070173827be07349205d264a810dc9a64a546756fa6d392aba06c369b8
e1f46f93c333a310963797741efa2067c60f63529ebe4473f0b77d07e81ef440
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4702c2ee7718a18e83dca95881c9853db648864957b18960c42d061ecd2f4f2
e83a613058f561ef6b401fdb997af27e0fe593a5e00b4670506cada1564b6dd2
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f165e6927138fdc16e964a82b8d8f92619333ac5a691c950ede97b066da50d4a
f2cd7f69651e0b2958aad2c842b4e4e8a7c13cb883e5ed7f87d930a1079c0d9c
f5806bd70a7ad6cfdc31ee02f6ffd21dda1814cb647ca31a6f571c67e01cc952
f7513f927ab9a91d7fb8ecd3f47cfd8add386a4f2b3fa08d65b60ef70352725b
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7b250566eed1a676bbe25f093daa798fb7b2bb1520a981ba0c9845c20d62d00
f7f52e50ed0c97f5e4f84df7e8ecaaac18316de0e409e3be6bc21d71b61fa1c0
f847059cba2fe6b6f8c5bf2092c5b765db9b81710b3631523a057a6b4dd549c5
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c