urlscan.io logo urlscan.io
SecurityTrails logo

www.ukr.net Open in urlscan Pro
212.42.76.253  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ukr.net/
Effective URL: https://www.ukr.net/
Submission: On April 20 via manual from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 13 countries across 85 domains to perform 314 HTTP transactions. The main IP is 212.42.76.253, located in Ukraine and belongs to UKRNET Kiev, Ukraine, UA. The main domain is www.ukr.net.
TLS certificate: Issued by Thawte RSA CA 2018 on March 31st 2021. Valid for: a year.
This is the only time www.ukr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 212.42.76.252 8856 (UKRNET Kiev)
1 9 212.42.76.253 8856 (UKRNET Kiev)
1 2a00:1450:400... 15169 (GOOGLE)
16 212.42.76.247 8856 (UKRNET Kiev)
2 212.42.76.248 8856 (UKRNET Kiev)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 212.42.75.249 8856 (UKRNET Kiev)
4 213.174.135.2 39572 (ADVANCEDH...)
8 142.250.186.98 15169 (GOOGLE)
1 10 212.42.75.253 8856 (UKRNET Kiev)
5 136.243.84.75 24940 (HETZNER-AS)
1 37.187.205.228 16276 (OVH)
8 212.42.76.151 8856 (UKRNET Kiev)
4 212.42.83.135 8856 (UKRNET Kiev)
1 193.200.65.2 6681 (GIVEME-CLOUD)
1 104.19.136.78 13335 (CLOUDFLAR...)
4 195.214.195.101 8856 (UKRNET Kiev)
1 136.243.84.74 24940 (HETZNER-AS)
5 2a0c:5c81:514... 55081 (24SHELLS)
1 2a0c:5c81:509... 55081 (24SHELLS)
1 1 116.202.114.114 24940 (HETZNER-AS)
4 14 62.149.0.72 15497 (COLOCALL ...)
2 193.200.65.5 6681 (GIVEME-CLOUD)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 23 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
2 3 185.184.8.30 204995 (RTB-HOUSE...)
1 178.250.2.131 44788 (ASN-CRITE...)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
5 8 188.42.29.196 7979 (SERVERS-COM)
7 9 185.33.221.15 29990 (ASN-APPNEX)
2 146.0.227.110 20773 (GODADDY)
2 3 72.251.249.9 29791 (VOXEL-DOT...)
1 35.244.159.8 15169 (GOOGLE)
2 213.19.162.61 26667 (RUBICONPR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 5 104.111.237.88 16625 (AKAMAI-AS)
2 3 37.157.3.28 198622 (ADFORM)
2 2a00:f48:2000... 47447 (TTM)
1 2a0c:5c81:513... 55081 (24SHELLS)
1 10 46.249.52.248 50673 (SERVERIUS-AS)
4 23.218.208.200 16625 (AKAMAI-AS)
2 2 34.199.94.111 14618 (AMAZON-AES)
2 67.202.110.33 32748 (STEADFAST)
2 2 35.186.253.211 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13 52.29.148.200 16509 (AMAZON-02)
1 1 66.155.71.25 13768 (COGECO-PEER1)
3 3 213.19.147.151 26120 (RHYTHMONE)
4 5 99.81.54.149 16509 (AMAZON-02)
5 5.178.65.253 50673 (SERVERIUS-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 8 3.221.146.169 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 168.119.146.39 24940 (HETZNER-AS)
1 178.162.133.149 60781 (LEASEWEB-...)
5 5 3.126.56.137 16509 (AMAZON-02)
1 1 88.214.206.142 46636 (NATCOWEB)
1 1 184.30.212.16 16625 (AKAMAI-AS)
2 104.111.230.142 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 11 142.250.186.66 15169 (GOOGLE)
2 2600:1f18:612... 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 194.213.62.34 5588 (GTSCE GTS...)
2 2a02:2638::3 44788 (ASN-CRITE...)
4 4 185.29.135.233 30419 (MEDIAMATH...)
2 2 37.252.172.68 29990 (ASN-APPNEX)
1 69.173.144.165 26667 (RUBICONPR...)
4 15 23.218.208.246 16625 (AKAMAI-AS)
1 1 178.250.0.163 44788 (ASN-CRITE...)
2 185.64.190.78 62713 (AS-PUBMATIC)
17 2606:4700:10:... 13335 (CLOUDFLAR...)
5 6 35.227.248.159 15169 (GOOGLE)
2 3 37.157.6.252 198622 (ADFORM)
1 199.232.137.44 54113 (FASTLY)
1 154.57.158.51 26558 (FREEWHEEL)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
4 4 34.246.39.225 16509 (AMAZON-02)
1 18.198.126.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.101 24961 (MYLOC-AS ...)
3 8 34.253.111.115 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.120.52.200 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 52.48.18.249 16509 (AMAZON-02)
3 3 151.101.114.49 54113 (FASTLY)
1 1 184.30.20.207 16625 (AKAMAI-AS)
1 1 35.172.143.213 14618 (AMAZON-AES)
1 2 52.95.124.165 16509 (AMAZON-02)
1 1 23.45.110.176 16625 (AKAMAI-AS)
1 54.78.98.45 16509 (AMAZON-02)
1 2 52.46.130.13 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
1 52.49.202.212 16509 (AMAZON-02)
1 1 3.91.110.183 14618 (AMAZON-AES)
1 13.224.102.111 16509 (AMAZON-02)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 212.129.3.113 12876 (Online SAS)
1 51.89.9.253 16276 (OVH)
2 2a00:1288:110... 34010 (YAHOO-IRD)
1 37.252.172.250 29990 (ASN-APPNEX)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 37.157.6.253 198622 (ADFORM)
1 1 2001:678:cb4:... 56396 (TURN)
1 216.46.185.183 13649 (ASN-VINS)
1 18.184.216.10 16509 (AMAZON-02)
314 97
1    212.42.76.252 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
ukr.net
9    212.42.76.253 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv253.fwdcdn.com
www.ukr.net
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
16    212.42.76.247 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv247.fwdcdn.com
upst.fwdcdn.com
2    212.42.76.248 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv248.fwdcdn.com
zakladki.ukr.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    212.42.75.249 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-249.fwdcdn.com
mail.ukr.net
4    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
8    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
10    212.42.75.253 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-253.fwdcdn.com
accounts.ukr.net
5    136.243.84.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de
go.rcvlink.com
1    37.187.205.228 (France)

ASN16276 (OVH, FR)
PTR: app-04.adpartner.pro
a4p.adpartner.pro
8    212.42.76.151 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv151.fwdcdn.com
pinformer.sinoptik.ua
4    212.42.83.135 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
kinoafisha.ua
1    193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com
trafmag.com
1    104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)
servicer.mgid.com
4    195.214.195.101 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
counter.ukr.net
1    136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de
recreativ.ru
5    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
1    116.202.114.114 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
14    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
sync.console.adtarget.com.tr
2    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.cz
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
23    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
gum.criteo.com
3    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
prebid-eu.creativecdn.com
creativecdn.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    2606:4700:e0::ac40:6208 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adxpremium.services
8    188.42.29.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
9    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
3    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
adtelligent-d.openx.net
2    213.19.162.61 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    104.111.237.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
js.adscale.de
tracking.m6r.eu
3    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
2    2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)
cdn.admatic.com.tr
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
10    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
4    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    34.199.94.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
2    67.202.110.33 (United States)

ASN32748 (STEADFAST, US)
ic.tynt.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.cz
13    52.29.148.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ih.adscale.de
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
3    213.19.147.151 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    99.81.54.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-54-149.eu-west-1.compute.amazonaws.com
match.adsrvr.org
5    5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
s.e-planning.net
1    2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
8    3.221.146.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-146-169.compute-1.amazonaws.com
a.audrte.com
1    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
3    168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
sync.richaudience.com
1    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
5    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    184.30.212.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
16    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
4    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
11    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
2    2600:1f18:612b:4216:5e41:f643:f5d9:712d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    194.213.62.34 (Brno, Czech Republic)

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)
bbnaut.ibillboard.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    37.252.172.68 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
adscale-emea.adnxs.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
15    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
17    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
6    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
3    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
dmp.adform.net
1    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
1    154.57.158.51 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:cff3:ca6f:14e6:5ad7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
4    34.246.39.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-39-225.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
loadeu.exelator.com
1    151.1.205.165 (Erba, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.frontend.weborama.fr
1    89.163.159.101 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
8    34.253.111.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    3.120.52.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
2    52.48.18.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-18-249.eu-west-1.compute.amazonaws.com
beacon.krxd.net
3    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    35.172.143.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
2    52.95.124.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    23.45.110.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-110-176.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    54.78.98.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    52.49.202.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    3.91.110.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
1    13.224.102.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-111.zrh50.r.cloudfront.net
tags.crwdcntrl.net
6    2606:4700:20::ac43:47f1 (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
1    212.129.3.113 (France)

ASN12876 (Online SAS, FR)
js.cookieless-data.com
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
onetag-sys.com
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
1    216.46.185.183 (Englewood, United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
44 googlesyndication.com
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
356 KB
29 ukr.net
ukr.net
www.ukr.net
zakladki.ukr.net
mail.ukr.net
accounts.ukr.net
counter.ukr.net
328 KB
28 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
222 KB
18 adtelligent.com
player.adtelligent.com
ghb.adtelligent.com
sync.adtelligent.com
ghb1.adtelligent.com
s.adtelligent.com
132 KB
17 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
6 KB
16 adscale.de
js.adscale.de
ih.adscale.de
17 KB
16 fwdcdn.com
upst.fwdcdn.com
358 KB
15 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
18 KB
15 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
s.e-planning.net
19 KB
13 gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn1.gstatic.com
fonts.gstatic.com
227 KB
12 adnxs.com
ib.adnxs.com
adscale-emea.adnxs.com
secure.adnxs.com
10 KB
9 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net
42 KB
8 yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
8 audrte.com
a.audrte.com
9 KB
8 betweendigital.com
ads.betweendigital.com
4 KB
8 sinoptik.ua
pinformer.sinoptik.ua
46 KB
7 adform.net
cm.adform.net
track.adform.net
dmp.adform.net
c1.adform.net
3 KB
7 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
2 KB
7 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr
4 KB
6 quantumdex.io
sync.quantumdex.io
3 KB
6 tapad.com
pixel.tapad.com
3 KB
6 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
35 KB
6 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
14 KB
6 google.com
adservice.google.com
www.google.com
1 KB
5 mathtag.com
sync.mathtag.com
pixel.mathtag.com
3 KB
5 googletagservices.com
www.googletagservices.com
172 KB
5 adsrvr.org
match.adsrvr.org
2 KB
5 rcvlink.com
go.rcvlink.com
7 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
2 KB
4 demdex.net
dpm.demdex.net
3 KB
4 kinoafisha.ua
kinoafisha.ua
91 KB
3 everesttech.net
sync-tm.everesttech.net
949 B
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
942 B
3 richaudience.com
sync.richaudience.com
741 B
3 openx.net
adtelligent-d.openx.net
rtb.openx.net
1 KB
3 lijit.com
ap.lijit.com
2 KB
3 creativecdn.com
prebid-eu.creativecdn.com
creativecdn.com
894 B
3 trafmag.com
trafmag.com
t.trafmag.com
923 B
2 turn.com
ad.turn.com
d.turn.com
836 B
2 weborama.fr
idsync.frontend.weborama.fr
842 B
2 tidaltv.com
sync.tidaltv.com
791 B
2 m6r.eu
tracking.m6r.eu
1 KB
2 criteo.net
static.criteo.net
51 KB
2 tremorhub.com
partners.tremorhub.com
365 B
2 2mdn.net
s0.2mdn.net
119 KB
2 googleapis.com
fonts.googleapis.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 tynt.com
ic.tynt.com
2 advangelists.com
nep.advangelists.com
461 B
2 admatic.com.tr
cdn.admatic.com.tr
21 KB
2 admixer.net
inv-nets.admixer.net
966 B
2 google.cz
adservice.google.cz
921 B
2 google-analytics.com
www.google-analytics.com
19 KB
1 eyeota.net
ps.eyeota.net
1 KB
1 ib-ibi.com
global.ib-ibi.com
72 B
1 rfihub.com
p.rfihub.com
779 B
1 quantserve.com
pixel.quantserve.com
510 B
1 onetag-sys.com
onetag-sys.com
818 B
1 cookieless-data.com
js.cookieless-data.com
367 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
379 B
1 bidr.io
match.prod.bidr.io
430 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
38 B
1 bluekai.com
tags.bluekai.com
346 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
380 B
1 theadex.com
dmp.theadex.com
378 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 bemail.it
bn01.er.bemail.it
659 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
361 B
1 taboola.com
trc.taboola.com
163 B
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 admanmedia.com
cs.admanmedia.com
428 B
1 sonobi.com
sync.go.sonobi.com
474 B
1 dotomi.com
prebid-match.dotomi.com
104 B
1 navdmp.com
tag.navdmp.com
4 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
606 B
1 sitescout.com
pixel.sitescout.com
288 B
1 google.de
www.google.de
107 B
1 adxpremium.services
rtb.adxpremium.services
972 B
1 loopme.me
csync.loopme.me
208 B
1 recreativ.ru
recreativ.ru
191 B
1 mgid.com
servicer.mgid.com
3 KB
1 adpartner.pro
a4p.adpartner.pro
312 B
1 googletagmanager.com
www.googletagmanager.com
37 KB
314 85
Domain Requested by
23 tpc.googlesyndication.com 2 redirects securepubads.g.doubleclick.net
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
16 pagead2.googlesyndication.com e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
16 upst.fwdcdn.com www.ukr.net
pinformer.sinoptik.ua
upst.fwdcdn.com
14 mwzeom.zeotap.com ads.us.e-planning.net
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
11 cm.g.doubleclick.net 10 redirects bcp.crwdcntrl.net
10 accounts.ukr.net 1 redirects upst.fwdcdn.com
accounts.ukr.net
www.ukr.net
9 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
9 ib.adnxs.com 7 redirects player.adtelligent.com
spl.zeotap.com
9 www.ukr.net 1 redirects www.ukr.net
pinformer.sinoptik.ua
upst.fwdcdn.com
8 a.audrte.com 4 redirects ads.us.e-planning.net
a.audrte.com
8 ads.betweendigital.com 5 redirects www.ukr.net
8 sync.adtelligent.com 3 redirects player.adtelligent.com
s.console.adtarget.com.tr
s.adtelligent.com
8 pinformer.sinoptik.ua upst.fwdcdn.com
pinformer.sinoptik.ua
8 securepubads.g.doubleclick.net www.ukr.net
securepubads.g.doubleclick.net
6 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
6 pixel.tapad.com 5 redirects spl.zeotap.com
6 fonts.gstatic.com fonts.googleapis.com
6 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
s.adtelligent.com
js.adscale.de
ads.us.e-planning.net
5 www.googletagservices.com securepubads.g.doubleclick.net
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
5 ups.analytics.yahoo.com 5 redirects
5 s.e-planning.net ads.us.e-planning.net
5 match.adsrvr.org 4 redirects ssum.casalemedia.com
5 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
5 e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 go.rcvlink.com www.ukr.net
go.rcvlink.com
4 sync.crwdcntrl.net bcp.crwdcntrl.net
4 bcp.crwdcntrl.net 3 redirects tags.crwdcntrl.net
4 dpm.demdex.net 4 redirects
4 ssum.casalemedia.com 3 redirects ads.us.e-planning.net
4 sync.mathtag.com 4 redirects
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
4 encrypted-tbn3.gstatic.com e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
4 googleads.g.doubleclick.net e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
www.ukr.net
4 ads.pubmatic.com s.console.adtarget.com.tr
ads.us.e-planning.net
ads.pubmatic.com
4 www.google.com www.ukr.net
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 ghb.adtelligent.com player.adtelligent.com
4 counter.ukr.net www.ukr.net
counter.ukr.net
4 kinoafisha.ua upst.fwdcdn.com
kinoafisha.ua
4 player.adtelligent.com www.ukr.net
player.adtelligent.com
3 sync-tm.everesttech.net 3 redirects
3 dmp.adform.net 2 redirects spl.zeotap.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 sync.e-planning.net ads.us.e-planning.net
sync.quantumdex.io
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 ap.lijit.com 2 redirects player.adtelligent.com
3 gum.criteo.com 1 redirects static.criteo.net
3 mail.ukr.net 2 redirects upst.fwdcdn.com
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 ssum-sec.casalemedia.com ssum.casalemedia.com
sync.quantumdex.io
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 tracking.m6r.eu 2 redirects
2 track.adform.net 2 redirects
2 adscale-emea.adnxs.com 2 redirects
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 partners.tremorhub.com googleads.g.doubleclick.net
2 s0.2mdn.net e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
2 www.gstatic.com e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
2 fonts.googleapis.com e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
2 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
2 sync.1rx.io 2 redirects
2 rtb.openx.net 2 redirects
2 ic.tynt.com s.adtelligent.com
sync.quantumdex.io
2 nep.advangelists.com 2 redirects
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 creativecdn.com 2 redirects
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 fastlane.rubiconproject.com player.adtelligent.com
2 inv-nets.admixer.net player.adtelligent.com
2 mug.criteo.com www.ukr.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.cz securepubads.g.doubleclick.net
2 t.trafmag.com www.ukr.net
s.adtelligent.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 zakladki.ukr.net www.ukr.net
1 ps.eyeota.net
1 global.ib-ibi.com bcp.crwdcntrl.net
1 d.turn.com 1 redirects
1 c1.adform.net ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 onetag-sys.com sync.quantumdex.io
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 beacon.lynx.cognitivlabs.com 1 redirects
1 match.prod.bidr.io ssum.casalemedia.com
1 ad.turn.com 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com spl.zeotap.com
1 tags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dis.criteo.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 bbnaut.ibillboard.com 1 redirects
1 encrypted-tbn1.gstatic.com e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
1 secure-assets.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 sync.go.sonobi.com ads.us.e-planning.net
1 prebid-match.dotomi.com ads.us.e-planning.net
1 tag.navdmp.com ads.us.e-planning.net
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel.sitescout.com 1 redirects
1 s.adtelligent.com s.console.adtarget.com.tr
1 cm.adform.net s.console.adtarget.com.tr
1 www.google.de www.ukr.net
1 adtelligent-d.openx.net player.adtelligent.com
1 ghb1.adtelligent.com player.adtelligent.com
1 rtb.adxpremium.services player.adtelligent.com
1 bidder.criteo.com player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 stats.g.doubleclick.net www.google-analytics.com
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr player.adtelligent.com
1 recreativ.ru go.rcvlink.com
1 servicer.mgid.com upst.fwdcdn.com
1 trafmag.com upst.fwdcdn.com
1 a4p.adpartner.pro upst.fwdcdn.com
1 www.googletagmanager.com www.ukr.net
1 ukr.net 1 redirects
314 135

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
orakul.com
tvgid.ua
kinoafisha.ua
www.booking.com
rozetka.com.ua
kasta.ua
www.citrus.ua
makeup.com.ua
ukrzoloto.ua
auto.ria.com
rst.ua
ab.ua
atlanticexpress.com.ua
avtosale.ua
osaggo.com.ua
vidi-automarket.com.ua
nissan-ask.com.ua
lassa-tyres.com.ua
evatech.com.ua
suzuki.ua
dom.ria.com
lun.ua
nerukhomi.ua
1realty.ua
flatfy.ua
bit.ly
onona.ua
www.accordtour.com
www.impuls24.com.ua
med-magazin.ua
www.lissod.com.ua
www.ailas.com.ua
healthyway.com.ua
www.lampa.ua
e27.com.ua
www.caravella.com.ua
dom-mebeli.com.ua
www.dybok.com.ua
shop.agromat.ua
electrica-shop.com.ua
lovespace.ua
sex-shop.ua
work.ua
grc.ua
learning.ua
optima.school
buki.com.ua
slav.in.ua
www.otpusk.com
panoramadeluxe.com
www.hotelscombined.com
www.youtube.com
vv-hotel.com
hvosting.ua
nic.ua
www.besthosting.ua
internetua.com
make2web.pro
sport.ua
www.ukrtennis.com
rada.gov.ua
www.president.gov.ua
court.gov.ua
www.kmu.gov.ua
www.bank.gov.ua
igov.org.ua
covid19.com.ua
www.europe-stomatolog-centre.com.ua
www.ukrinform.ua
www.eurointegration.com.ua
bykvu.com
uatv.ua
hubs.ua
www.radiosvoboda.org
dilo.net.ua
ua.news
delo.ua
biz.censor.net
mind.ua
agro-business.com.ua
stopcor.org
censor.net
realist.online
usionline.com
cripo.com.ua
meta.ua
apnews.com.ua
yaizakon.com.ua
jurliga.ligazakon.net
fraza.com
chasopys.te.ua
life.ko.net.ua
kyiv.media
news.obozrevatel.com
gloss.ua
svidok.online
vechirniy.kyiv.ua
pingvin.pro
rusjev.net
portaltele.com.ua
legalhub.online
cikavosti.com
lux.fm
processer.media
ukurier.gov.ua
newsyou.info
autotheme.info
topgir.com.ua
hvylya.net
theageoffootball.com
profootball.ua
fanday.net
ukrbasket.net
podrobno.hyser.ua
changeua.com
grippua.com.ua
lhealth.info
u-news.com.ua
likein.ua
showbiz.24tv.ua
showbiz.today.ua
www.unn.com.ua
charter97.org
enovosty.com
ukrrain.com
focus.ua
toneto.net
glavcom.ua
day.kyiv.ua
insider.ua
kyivnews.24tv.ua
football24.ua
news24.ukrainianwall.com
sprotyv.info
rezina.cc
testoteka.ukr.net
www.zapchast.com.ua
americamotors.com
kiaparts.com.ua
autoshini.com
pokraska.diskservice.com.ua
transshina.com.ua
shinadiski.com.ua
sailuntyre.com.ua
goldnomer.com
www.aks.ua
panama.ua
diaton.ua
artpotolok.kiev.ua
lascala.ua
www.m-stelya.com.ua
590.ua
pro-electronics.com.ua
flowers.ua
amurchik.ua
buketland.com.ua
isex.com.ua
www.optics-pro.com.ua
trafmag.com
answear.ua
sneakerstudio.com.ua
pierrecardin.net.ua
mgid.com
www.mgid.com
adline.kiev.ua
mail.ukr.net
zakladki.ukr.net
Subject Issuer Validity Valid
*.ukr.net
Thawte RSA CA 2018		 2021-03-31 -
2022-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.fwdcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-09 -
2021-11-07		 2 years crt.sh
mail.ukr.net
Thawte RSA CA 2018		 2020-04-06 -
2022-05-06		 2 years crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
rcvlink.com
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
adpartner.pro
R3		 2021-02-26 -
2021-05-27		 3 months crt.sh
sinoptik.uk
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-11-12		 a year crt.sh
kinoafisha.ua
Sectigo RSA Domain Validation Secure Server CA		 2020-08-11 -
2021-11-07		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-15 -
2021-06-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-09 -
2021-07-09		 a year crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2020-08-14 -
2021-09-06		 a year crt.sh
ghb.adtelligent.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-04-03 -
2021-07-02		 3 months crt.sh
sync.adtelligent.com
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
*.google.cz
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-06 -
2022-02-16		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2020-08-17 -
2021-11-26		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
ghb1.adtelligent.com
R3		 2021-03-27 -
2021-06-25		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
cat.adscale.de
DigiCert SHA2 Secure Server CA		 2020-10-23 -
2021-11-21		 a year crt.sh
*.adform.net
DigiCert SHA2 Secure Server CA		 2020-04-02 -
2021-06-02		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-04-07 -
2021-07-06		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-04-07 -
2021-07-06		 3 months crt.sh
sync.console.adtarget.com.tr
R3		 2021-04-02 -
2021-07-01		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.adscale.de
Amazon		 2020-06-05 -
2021-07-07		 a year crt.sh
*.e-planning.net
R3		 2021-03-26 -
2021-06-24		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.redinuid.imrworldwide.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
js.cookieless-data.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
onetag-sys.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.ib-ibi.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-03-08		 a year crt.sh
*.eyeota.net
R3		 2021-02-28 -
2021-05-29		 3 months crt.sh

This page contains 41 frames:

Primary Page: https://www.ukr.net/
Frame ID: E4F74AC09850A82DACCD3BD88CDB9EAC
Requests: 77 HTTP requests in this frame

Frame: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Frame ID: EB124489E3B17CD9A476EB66E8C5FF8B
Requests: 8 HTTP requests in this frame

Frame: https://go.rcvlink.com/ifr/5ysrIfrF92
Frame ID: 853E58A7D912E2082D9AD11435D8662C
Requests: 6 HTTP requests in this frame

Frame: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1618904350661
Frame ID: 3BC9C360C424CF3A85BB0C16824469E9
Requests: 12 HTTP requests in this frame

Frame: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1618904350666
Frame ID: E0D8D6AA6AF0E6DB8D8E3835F0D8E000
Requests: 5 HTTP requests in this frame

Frame: https://www.ukr.net/dat/covid19.html
Frame ID: 30B5FA833CD2F6A92C93C671B39D3FE9
Requests: 3 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=609096
Frame ID: E2FA807196A204FFA8FA808A9093F8E1
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a26245a2-38e2-489a-957c-a3005a6987dd
Frame ID: 9E841F337E0FE56347391BF385248D5A
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 772A69CC1B8F44B4DE13E4D1AE9471F2
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: CB8BA70AD764E6800466C638BE21381A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: BC607AD40F50CA368DF00D668825E733
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=609724
Frame ID: AAAB9D737B8209CD9B0B80F873B05E68
Requests: 6 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ndfqrXSPq38VFQuLcvXA&pi=admatic&tc=1
Frame ID: BC6B0CCF99E4B63B3D852B176D98B91C
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 25E531D07F168B35C999A1791C02D3D2
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 96A829C05A3A21E68D4E69CD5F1BFB76
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 9EE3367B1BB04754A48EB2110D418232
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 203C3859DB8FBBB49D42990E026205F2
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4bdde01f762de4a5%26uid%3D
Frame ID: 4C80DFE5A8FE6B6F69405987AC4DB415
Requests: 1 HTTP requests in this frame

Frame: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D5DF7ECA32C24279B20F97DB9C16B8DA
Requests: 14 HTTP requests in this frame

Frame: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C0E3906D52B0500EDE7F117A1F352F94
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRD_krICGIWU1qMBMAE&v=APEucNWlMud8fYUE3yKDJWcBGAe2EL4J3yiaKi_5dUfvXu97FzMsvpLvp5Nt-onczyHlpTgseCmB4d-CNn-mv1xn_HFD45uAUFNbpjUbjx2UUMAQjdncCcQzIyObgAKQs_k2VE3dKUYb
Frame ID: B511DE5C060AD4A1E7E294F7F225857A
Requests: 2 HTTP requests in this frame

Frame: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6355A03AE13268BB567AC1BD09CDA0A9
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 42C4134FACF942F9B5CFA8EFED96C8F6
Requests: 3 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: AA85FFFDD35338CDE9AAE57248E2CF59
Requests: 11 HTTP requests in this frame

Frame: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 91E69E064C7686D2810084A72522ACDD
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRDs8t8BGN-jgZ8BMAE&v=APEucNWqo3MFrrbNcdD0zbfS7nGr6ykeIt8KPFrn4ar7T5s4MT9XWJqKHIaT7VHQS8fSHD2I-azdBec8mB0Ba1ZBP02EaPns0wVoS1uIzHJpxVbRWW8wPVU2CG3lUhQMyKUVGiu5WzBC
Frame ID: EFA8F391AFC966FEFAA6C7C51420C047
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C5F66B390B4A0CF3F6EAAF9167734224
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2CDF86EEC5C54EDFBFCA5A4C25AEAC9F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B470F4F1C2D2C35F0019A514ECC97F2F
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
Frame ID: D6E3D0AE0D1EE9CDAA4E82595988831C
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361&cmp=0
Frame ID: 77ED8C317EFDCDA6C7686D93A5A03B19
Requests: 31 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 2689D83207B4811A59E5457BE826CF8E
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: B60782E0C3FA807486E006F4EACE38B7
Requests: 6 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AHHfMKD0aH-u5UCe
Frame ID: 063DF15A5379E83E6AA144E2CA272D6C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 0A4A8436C82A3DBE728B0D7B763713BC
Requests: 10 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: B088881EFCF1D8C53450818FC2182591
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 8E571ECE03CC5CEDE2FE5E34C8F3C301
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.ukr.net
Frame ID: 8137070B27AB91641A1F34BA516F352A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1F11DC77CFAC328F4D769D3DF8278C3A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B54C63E0AC42627E92B90B26CF1DBF1E
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: DFB238ECA79CC2CC0EA6CA9E3D24147B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ukr.net/ HTTP 301
    http://www.ukr.net/ HTTP 301
    https://www.ukr.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

314
Requests

100 %
HTTPS

30 %
IPv6

85
Domains

135
Subdomains

97
IPs

13
Countries

2363 kB
Transfer

5643 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ukr.net/ HTTP 301
    http://www.ukr.net/ HTTP 301
    https://www.ukr.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://mail.ukr.net/widget?lang=uk HTTP 303
  • https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client HTTP 303
  • https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG HTTP 303
  • https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Request Chain 59
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a26245a2-38e2-489a-957c-a3005a6987dd
Request Chain 60
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=72e460f38b768ac0
Request Chain 83
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ukr.net%2F&domain=www.ukr.net&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Y1v4Z3xiWkRjVjBtRGZpZWU5TlcyWFlGeGoremd1RU1ER0xLV2RFdE9HRldVdUZzMlhDZDRadTA0SjJhczg5eXJqa3pKemVVNE52NWJ5TFNiUVREMWFBQjJIVmxuZ1FBK3UycXU5d25nenFCTVJrRUhBbHJyaUxCUndhSERQTTJJaTd5c3pmb3FzRytjVUljMTZCYXMxK0JIZjE5c25Lb0RMZjMvN3cybVJDeW01ekpFNkp5bnA1SUZEdVllMW1pc0Y4UG9QdTZBem1DYnBXL2o4bENFc21NMXd0S3hiSHVBUnZxbFdXWEZ5cE9nYmhZPXw&cppv=2
Request Chain 88
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=5864148638789715&tz=-120&fl=0&rr=direct&s=2894403&bidid=173dca5eb8e4cc&transactionid=7ba44ee2-2e84-418a-bdb7-30b813004d65&auctionid=ppuo1l.ke&ref=https%3A%2F%2Fwww.ukr.net%2F HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=5864148638789715&tz=-120&fl=0&rr=direct&s=2894403&bidid=173dca5eb8e4cc&transactionid=7ba44ee2-2e84-418a-bdb7-30b813004d65&auctionid=ppuo1l.ke&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
Request Chain 89
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=6356203680633425&tz=-120&fl=0&rr=direct&s=2894403&bidid=1847058ec67728d&transactionid=c23bfb09-9e36-4079-8657-c5e47d80d227&auctionid=ppuo1l.ke&ref=https%3A%2F%2Fwww.ukr.net%2F HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=6356203680633425&tz=-120&fl=0&rr=direct&s=2894403&bidid=1847058ec67728d&transactionid=c23bfb09-9e36-4079-8657-c5e47d80d227&auctionid=ppuo1l.ke&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
Request Chain 90
  • https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=8216866138343115&tz=-120&fl=0&rr=direct&s=3622782&bidid=19329e6c90a3033&transactionid=c23bfb09-9e36-4079-8657-c5e47d80d227&auctionid=ppuo1l.ke&ref=https%3A%2F%2Fwww.ukr.net%2F HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=8216866138343115&tz=-120&fl=0&rr=direct&s=3622782&bidid=19329e6c90a3033&transactionid=c23bfb09-9e36-4079-8657-c5e47d80d227&auctionid=ppuo1l.ke&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
Request Chain 106
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ndfqrXSPq38VFQuLcvXA&pi=admatic&tc=1
Request Chain 107
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 109
  • https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-c9dd754e-2b4f-476d-9184-75d813de11b1
Request Chain 110
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=4c45121115b852ee
Request Chain 114
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=72e460f38b768ac0
Request Chain 115
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=8f5af20d3fcabdf297c33c40
Request Chain 116
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=524fa07a-a813-47b8-820e-bb36a183f08c
Request Chain 117
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5312381222234928029
Request Chain 118
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=72e460f38b768ac0
Request Chain 122
  • https://ih.adscale.de/uu?cbfn=receive&t=1618904351 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1618904351&nut&uu=d0762a31326341628ff64cfdea5976e1
Request Chain 123
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4bdde01f762de4a5 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4bdde01f762de4a5
Request Chain 124
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3320649081 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3320649081 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/71a5dbba-8d30-4ae4-9717-4fb42c4bad53 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0649f759-6d09-40b3-89b3-4dcc88eb6c07-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-0649f759-6d09-40b3-89b3-4dcc88eb6c07-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-0649f759-6d09-40b3-89b3-4dcc88eb6c07-003&dc=1079cc634ca638f8&iss=1
Request Chain 128
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4bdde01f762de4a5%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4bdde01f762de4a5&uid=524fa07a-a813-47b8-820e-bb36a183f08c
Request Chain 132
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4bdde01f762de4a5 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 133
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4bdde01f762de4a5%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4bdde01f762de4a5&uid=5312381222234928029
Request Chain 135
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-6Wk2iX9E2uFlt3PMkJmxWoWFpOz3CtVy.h4LAT8-~A
Request Chain 136
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D4bdde01f762de4a5%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4bdde01f762de4a5&uid=16d1d61a8e156e19cc6cde882a99e06febb2f178
Request Chain 138
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 162
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCbytu53wEQ0A8Y0A8yCG2CAc6upiFS HTTP 301
  • https://tpc.googlesyndication.com/simgad/7229823777879110783
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEM0qsSHqht8EFOBvgVH6G2M&google_cver=1
Request Chain 186
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrk__JzAEQsAkYsAkyCFjvkr9Febwj HTTP 301
  • https://tpc.googlesyndication.com/simgad/8252139978024777535
Request Chain 200
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=d0762a31326341628ff64cfdea5976e1&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352400%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352400/0/img?tpid=101&tpuid=BBID-01-02936183532918999-16266456
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEDqaWXQrP7mJ2Awk1VsgwsM&google_cver=1
Request Chain 225
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=ab4d41e01763ed95ac8b540600fecc1fdfe1f799a9c3d3cbe3a1bde1c2acb321&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352401%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=bf3a607e-8521-4e00-95c4-3c7695032d88&gdpr=0&gdpr_consent=
Request Chain 227
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352401%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 307
  • https://adscale-emea.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fih.adscale.de%252Fsium%252F40dbe81991e34736a23002ca31894673%252F1618904352401%252F0%252Fimg%253Ftpid%253D75%2526tpuid%253D%2524UID%26gdpr%3D0 HTTP 302
  • https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/img?tpid=75&tpuid=5911564705932407096&gdpr=0
Request Chain 231
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=578fff8c86bcc62d758fdf1063b783d06e1dfa9f0a8104ef57cf2e5cbdd4d8cb&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352401%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=578fff8c86bcc62d758fdf1063b783d06e1dfa9f0a8104ef57cf2e5cbdd4d8cb&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352401%2F0%2Fimg&gdpr=0&C=1 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YH6FIwgKrevDeIf.FSrosAAA%261185&gdpr=0
Request Chain 232
  • https://track.adform.net/serving/cookie/match/?party=9&uid=804768c12a69954a8f062e99e7df886184a8111aa8961538260de9afbdb88ce0&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352401%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=804768c12a69954a8f062e99e7df886184a8111aa8961538260de9afbdb88ce0&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352401%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/img?tpid=42&gdpr=0&tpuid=4705802686020999872
Request Chain 233
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=bcaceeb0613c19feb16f7b28f26a5a7e6e7515737c1b8a5deb6d56f015b60aa6&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352401%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=051676c8-ab30-4936-a172-25325eb8df3f
Request Chain 234
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=0aedbff72b16bc05ffba5de4456904616945688ba8b09644894d152e05f98b96&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352401%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=bf3a607e-8521-4e00-95c4-3c7695032d88&gdpr=0&gdpr_consent=
Request Chain 235
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=50f837a9c13e0a845032ed82c2504d3c7d3d645f308e17b2076486ae15c754a3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352401%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=50f837a9c13e0a845032ed82c2504d3c7d3d645f308e17b2076486ae15c754a3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352401%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/js?tpid=48&tpuid=53b1cc8ed42ae31f23edde5d20585d37
Request Chain 240
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
Request Chain 243
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEP67Es3tOrvjR62eORTcUPY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Request Chain 244
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=8425c741-a1ab-11eb-ab5a-faa977835cd4&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Request Chain 246
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ec878adb-d896-441e-8fcd-96a94924c5d6&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Request Chain 250
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=322d6aab-a379-4cbf-8612-9fab01a695e3&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 251
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2df405c3-f702-46d2-73b4-c52a2aceadbe&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2df405c3-f702-46d2-73b4-c52a2aceadbe&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=53381495512425623741221716835790322106&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Request Chain 253
  • https://bn01.er.bemail.it/zeotap.php?_bid=2df405c3-f702-46d2-73b4-c52a2aceadbe&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021042009-25207-0.174453001618904357-36eb390a06a067dcc58bc0cff6308e91&zdid=533&env=mWeb
Request Chain 254
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6953141277267458190&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Request Chain 256
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2df405c3-f702-46d2-73b4-c52a2aceadbe&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2df405c3-f702-46d2-73b4-c52a2aceadbe&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361&bounce=1&random=898920879 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=xFJDW9cHVZhWsietqHWP4O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Request Chain 258
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=2df405c3-f702-46d2-73b4-c52a2aceadbe?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=2df405c3-f702-46d2-73b4-c52a2aceadbe?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=5cdc284a7c53f72e7e1732adae3d7925&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Request Chain 259
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-ftgy3adE2oppTAFslxX.Z4Juyq87FL2vHg--~A&zpartnerid=570&env=mWeb
Request Chain 260
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=YtLEkm4VeI6DCZKFmQEbfuX6BzcgCYSp%2BS41iYitP1U%3D
Request Chain 264
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YH6FJwAASSZGXQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Request Chain 265
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6af9607e-8528-4e00-b509-0e375f8a9fc0&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Request Chain 266
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Request Chain 267
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2df405c3-f702-46d2-73b4-c52a2aceadbe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2df405c3-f702-46d2-73b4-c52a2aceadbe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361&dcc=t
Request Chain 268
  • https://tags.bluekai.com/site/87734?id=2df405c3-f702-46d2-73b4-c52a2aceadbe&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 271
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YH6FJwP5ZWSiGGVT..gSCwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECU8XCUWt7Xh0Z-3fuckX0w&google_cver=1&google_hm=2
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEPUewfiqcUNuEyM1D_CbHEc&google_cver=1
Request Chain 274
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB&dcc=t
Request Chain 275
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2597334486314776682
Request Chain 277
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7d70433b-5ad3-4bff-b7ce-f9c99b7842f2&expiration=1650440359
Request Chain 278
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YH6FJwAASSZGXQAC HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YH6FJwAASSZGXQAC&gdpr=1&_test=YH6FJwAASSZGXQAC
Request Chain 286
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4123763812902736587
Request Chain 287
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4334516455023208741
Request Chain 288
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DOCA7RlE2uG7Gl9eTNFp8nxBr1ZMDs56zfqeBd8-~A
Request Chain 289
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=84186159-b400-516e-a89d-e57fc8e36058
Request Chain 296
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6af9607e-8528-4e00-b509-0e375f8a9fc0&gdpr=1&gdpr_consent=
Request Chain 297
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB
Request Chain 298
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b7eff915-2b46-4f44-87ad-ec7d3ad5f1fc
Request Chain 299
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=22bKh9Vjz9rAbsiH3mfQg9luxdDAMsTS2TKOKhCB
Request Chain 300
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871597494393001684
Request Chain 309
  • https://bcp.crwdcntrl.net/5/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Request Chain 311
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=5cdc284a7c53f72e7e1732adae3d7925&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=5cdc284a7c53f72e7e1732adae3d7925&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=13094582251450700530209189880138120632
Request Chain 312
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWNkYzI4NGE3YzUzZjcyZTdlMTczMmFkYWUzZDc5MjU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWNkYzI4NGE3YzUzZjcyZTdlMTczMmFkYWUzZDc5MjU&google_tc=
Request Chain 313
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=5cdc284a7c53f72e7e1732adae3d7925&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=5cdc284a7c53f72e7e1732adae3d7925&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8625b5f5-a1ab-11eb-93df-36fd58919319
Request Chain 314
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=6f71607e-852a-4d00-9e98-7f004c893bb2
Request Chain 315
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/5cdc284a7c53f72e7e1732adae3d7925/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8109873692696709488
Request Chain 319
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=354838045786321235 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=&google_gid=CAESEHFDIezFXm-ZQ6y77WSDyFs&google_cver=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=655zVqXiKv-TGKn1aolLaIDkQ&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=655zVqXiKv-TGKn1aolLaIDkQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=655zVqXiKv-TGKn1aolLaIDkQ&gdpr=0&gdpr_consent=&google_gid=CAESEHFDIezFXm-ZQ6y77WSDyFs&google_cver=1 HTTP 302
  • https://a.audrte.com/p

314 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ukr.net/
Redirect Chain
  • http://ukr.net/
  • http://www.ukr.net/
  • https://www.ukr.net/
169 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv253.fwdcdn.com
Software
nginx /
Resource Hash
0a7811a1e05946d0685186acd8b05d13e942f413b2af0512664b520d330a9b79
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.ukr.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=Cj1tBGB+hR52wNXlA9w2Ag==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 20 Apr 2021 07:39:10 GMT
content-type
text/html
content-length
45163
cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma
no-cache
expires
-1
set-cookie
un_lang=ua; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure un_news_region=9; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure snr=9; Max-Age=31536000; Path=/; Domain=.ukr.net; SameSite=None; Secure un_news_region=9; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure scr=9; Max-Age=31536000; Path=/; Domain=.ukr.net; SameSite=None; Secure un_news_region=9; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure sfr=9; Max-Age=31536000; Path=/; Domain=.ukr.net; SameSite=None; Secure un_news_region=9; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure
etag
"607e84e2-b06b"
content-encoding
gzip
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Server
nginx
Date
Tue, 20 Apr 2021 07:39:10 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://www.ukr.net/
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Set-Cookie
uid=Cj1tBGB+hR52wNXlA9w2Ag==; expires=Wed, 20-Apr-22 07:39:10 GMT; domain=.ukr.net; path=/
js
www.googletagmanager.com/gtag/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5903420-1
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3409afa887a0162e1e9ccdbe405ff6231346fa32bdd46bdb06586e0eb5f0c9df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37451
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Apr 2021 07:39:10 GMT
top_links.css
upst.fwdcdn.com/css/1612185778/ 		2 KB
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/1612185778/top_links.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
6a2a30567ebb12a8d345d65a0b81185660e1263584a6bcac041f2a63a868272d

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Mon, 01 Feb 2021 13:23:03 GMT
server
nginx
etag
W/"601800b7-696"
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
expires
Wed, 20 Apr 2022 07:39:10 GMT
/
upst.fwdcdn.com/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/??portal/normalize.css,portal/slick.css,portal/core.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
af0cb902656b4fde470988b5fafcfb29703d1e18469371fca027bbcb6fbd7724

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 08:56:16 GMT
server
nginx
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
expires
Wed, 20 Apr 2022 07:39:10 GMT
main.css
upst.fwdcdn.com/css/65/portal/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/65/portal/main.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
787663e29d5a6321fbe42944b21653f75c1e3c6b475d7ff75b17c5182e6c46ec

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 14:28:03 GMT
server
nginx
etag
"6076fbf3-1e40"
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
7744
expires
Wed, 20 Apr 2022 07:39:10 GMT
_desktop.js
www.ukr.net/news/ 		20 B
173 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/news/_desktop.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv253.fwdcdn.com
Software
nginx /
Resource Hash
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/news/_desktop.js
pragma
no-cache
cookie
uid=Cj1tBGB+hR52wNXlA9w2Ag==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.ukr.net
referer
https://www.ukr.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
server
nginx
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-type
application/x-javascript
concat.js
upst.fwdcdn.com/js/31/portal/ 		166 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/31/portal/concat.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
1134dc30eb340c908a5cb6c95f5bd1b029fec03fe1bed065ae8aaca3c2e2bafe

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Fri, 25 Sep 2020 09:53:05 GMT
server
nginx
etag
"5f6dbe01-cc31"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
52273
expires
Wed, 20 Apr 2022 07:39:10 GMT
main.js
upst.fwdcdn.com/js/516/portal/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/516/portal/main.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
061769e5c7eb97935122a0492b7b2365f8a8538ec018a37e31e030f2192750ab

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 14:28:03 GMT
server
nginx
etag
"6076fbf3-40d9"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
16601
expires
Wed, 20 Apr 2022 07:39:10 GMT
zakladki_v2.min.js
zakladki.ukr.net/bookmarks/js/ 		104 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zakladki.ukr.net/bookmarks/js/zakladki_v2.min.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.248 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv248.fwdcdn.com
Software
nginx/1.16.1 /
Resource Hash
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:10 GMT
Last-Modified
Fri, 14 Aug 2020 10:42:05 GMT
Server
nginx/1.16.1
ETag
"5f366a7d-19e00"
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
close
Accept-Ranges
bytes
Content-Length
105984
Expires
Tue, 27 Apr 2021 07:39:10 GMT
top-logo-ua-mod3.gif
upst.fwdcdn.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/top-logo-ua-mod3.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
last-modified
Fri, 11 Nov 2016 10:00:04 GMT
server
nginx
etag
"582596a4-140f"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
5135
expires
Tue, 27 Apr 2021 07:39:10 GMT
grey-pix.gif
upst.fwdcdn.com/img/ 		53 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/grey-pix.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
last-modified
Fri, 11 Nov 2016 10:00:04 GMT
server
nginx
etag
"582596a4-35"
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
53
expires
Tue, 27 Apr 2021 07:39:10 GMT
fuels-banner-ua.png
upst.fwdcdn.com/img/commercial/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/commercial/fuels-banner-ua.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
last-modified
Fri, 11 Nov 2016 10:00:04 GMT
server
nginx
etag
"582596a4-1134"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
4404
expires
Tue, 27 Apr 2021 07:39:10 GMT
fuels-banner-bottom-ua.png
upst.fwdcdn.com/img/commercial/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/commercial/fuels-banner-bottom-ua.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
last-modified
Fri, 11 Nov 2016 10:00:04 GMT
server
nginx
etag
"582596a4-134e"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
4942
expires
Tue, 27 Apr 2021 07:39:10 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5903420-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6168
date
Tue, 20 Apr 2021 05:56:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 20 Apr 2021 07:56:22 GMT
can_https
mail.ukr.net/ 		46 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.ukr.net/can_https
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.249 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-249.fwdcdn.com
Software
nginx /
Resource Hash
bfc9fbc4575f67c1903d4ff0b0d8889b7a66b72676dd61cec9abec0019a2fe50

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
server
nginx
content-length
46
content-type
text/javascript
hb_300016_4947.js
player.adtelligent.com/prebidlink/449695/ 		298 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cba522390b1c9e02f762cfb76673612b1db16b7093a47998d4944a6752f2fe2f

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 10:30:45 GMT
server
nginx
etag
W/"6066f255-4a95e"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 20 Apr 2021 08:39:10 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
21a128145790f6014d9d01cf2d2876d7e1c2538a6825173038b410f1b3ba59b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"847 / 694 of 1000 / last-modified: 1618870257"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21086
x-xss-protection
0
expires
Tue, 20 Apr 2021 07:39:10 GMT
wrapper_hb_300016_4947.js
player.adtelligent.com/prebidlink/449695/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/449695/wrapper_hb_300016_4947.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f78047a9a4deb1a46a653aea75be2ac2178949ed3281eb9c20622bb3a24a88d1

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Sun, 18 Apr 2021 22:52:48 GMT
server
nginx
etag
W/"607cb840-146cf"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 20 Apr 2021 08:39:10 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
test
accounts.ukr.net/public/access/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/public/access/test?_=1618904350647
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
server
nginx
access-control-max-age
600
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
access-control-allow-credentials
true
x-upstream
4510.10.20.48:5080
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie
content-length
2
login
accounts.ukr.net/widget/ Frame EB12
Redirect Chain
  • https://mail.ukr.net/widget?lang=uk
  • https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client
  • https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG
  • https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
07d3b253e202af1cbbf728e53b09d684206d64240685841a864e80a527101707
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://www.ukr.net/
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
accounts.ukr.net
:scheme
https
:path
/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=Cj1tBGB+hR52wNXlA9w2Ag==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; _ga=GA1.2.2015412494.1618904351; _gid=GA1.2.1651786967.1618904351; can_https=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Tue, 20 Apr 2021 07:39:10 GMT
content-type
text/html; charset=UTF-8
expires
Tue, 20 Apr 2021 07:39:09 GMT
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-frame-options
ALLOW-FROM https://www.ukr.net/
vary
*
content-security-policy
default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
content-encoding
gzip
x-upstream
4510.10.20.49:5080

Redirect headers

server
nginx
date
Tue, 20 Apr 2021 07:39:10 GMT
content-length
0
location
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
set-cookie
freemail=; Domain=ukr.net; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/ sid=; Domain=mail.ukr.net; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/ sid=; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/ fvsid=; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/
x-detected-skin
widget
expires
Tue, 20 Apr 2021 07:39:09 GMT
cache-control
no-cache
content-security-policy
default-src 'self'; script-src 'self' blob: https://*.ukr.net https://target.ukr.net https://accounts.ukr.net https://stage4.ukr.net https://*.fwdcdn.com https://*.adriver.ru https://*.google-analytics.com https://*.googlesyndication.com https://*.googleapis.com https://*.googletagservices.com https://*.googletagmanager.com https://*.doubleclick.net https://partner.googleadservices.com https://www.google.com https://www.gstatic.com 'sha256-AcJhwe4dqmo30pWvKwn3Md7IBhj0dLqVR9mYFFzf+Yw=' 'sha256-djyGrQc6ZbFFlYUcvetvyNFaKc2Vo0FNi2IsBKsT50E='; style-src 'self' 'unsafe-inline' https://*.fwdcdn.com https://*.ukr.net https://fonts.googleapis.com/css https://*.googlesyndication.com; img-src 'self' data: https://*.fwdcdn.com https://*.ukr.net:* http://*.edisk.ukr.net https://*.ukr.net http://*.ukr.net https://*.edisk.download https://*.files.ukr.net https://*.adriver.ru https://*.google-analytics.com https://*.gstatic.com https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net https://loadercdn.net https://*.rzk-m.com https://*.plaxlab.com; child-src 'self' blob: https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-src data: 'self' https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://*.g.doubleclick.net https://jail.fwdcdn.com https://fileview.fwdcdn.com https://fileview-test.fwdcdn.com; object-src 'self' https://*.adriver.ru https://*.googlesyndication.com https:; media-src 'self'; font-src 'self' https://fonts.gstatic.com https://*.googlesyndication.com; manifest-src 'self' https://*.ukr.net; connect-src 'self' https://*.ukr.net:* https://*.fwdcdn.com https://localhost https://*.doubleclick.net https://*.googlesyndication.com https://s.znctrack.net; report-uri /csp-blocked?from=
5ysrIfrF92
go.rcvlink.com/ifr/ Frame 853E 		13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/ifr/5ysrIfrF92
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
c6e062ccfb4e7bf2e4020e000a457da3cee98015550fb029221d9797d9e19858

Request headers

:method
GET
:authority
go.rcvlink.com
:scheme
https
:path
/ifr/5ysrIfrF92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Tue, 20 Apr 2021 07:39:10 GMT
content-type
text/html
last-modified
Sat, 03 Apr 2021 06:37:04 GMT
etag
W/"60680d10-3435"
expires
Wed, 21 Apr 2021 07:39:10 GMT
cache-control
max-age=86400
content-encoding
gzip
v2
a4p.adpartner.pro/jsunit/jsonp/ 		299 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/jsonp/v2?id=6513&unit_id=6513&place_id=6513&himg=200&location=http://ukr.net/&callback=jQuery30009119145578855536_1618904350626&_=1618904350627
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.187.205.228 , France, ASN16276 (OVH, FR),
Reverse DNS
app-04.adpartner.pro
Software
nginx /
Resource Hash
a94510912e08647eb40a01fae98d9c758dd2f1691e8cfcc8da44a598bf56bda2

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
pinformer4.php
pinformer.sinoptik.ua/ Frame 3BC9 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1618904350661
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx / PHP/5.5.38
Resource Hash
168c331ec78c71691ae090d254425729725b22d627e93541f5820f1db1d2008c

Request headers

:method
GET
:authority
pinformer.sinoptik.ua
:scheme
https
:path
/pinformer4.php?lang=ua&rnd=1618904350661
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Tue, 20 Apr 2021 07:39:10 GMT
content-type
text/html; charset=utf-8
set-cookie
os=WINDOWS; path=/
x-powered-by
PHP/5.5.38
expires
Tue, 20 Apr 2021 07:44:10 GMT
cache-control
max-age=300, must-revalidate, proxy-revalidate
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding
gzip
vary
Accept-Encoding
ukrnet_ua.html
kinoafisha.ua/widget/ Frame E0D8 		273 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1618904350666
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
da7a5abfb530790959d419713a7f5bf02143b74c6f24bc54de146610f7f47bc6

Request headers

:method
GET
:authority
kinoafisha.ua
:scheme
https
:path
/widget/ukrnet_ua.html?rnd=1618904350666
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Tue, 20 Apr 2021 07:39:10 GMT
content-type
text/html
last-modified
Tue, 20 Apr 2021 07:00:01 GMT
etag
W/"607e7bf1-4454a"
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
content-encoding
gzip
covid19.html
www.ukr.net/dat/ Frame 30B5 		47 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/dat/covid19.html
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv253.fwdcdn.com
Software
nginx /
Resource Hash
3cc0251f22c1a7eb6aded802af8bc7cde2d5e37f521b544bae47a68e0fd81ad2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.ukr.net
:scheme
https
:path
/dat/covid19.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=Cj1tBGB+hR52wNXlA9w2Ag==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; _ga=GA1.2.2015412494.1618904351; _gid=GA1.2.1651786967.1618904351
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

server
nginx
date
Tue, 20 Apr 2021 07:39:10 GMT
content-type
text/html
content-length
13392
last-modified
Tue, 20 Apr 2021 07:35:36 GMT
etag
"607e8448-3450"
content-encoding
gzip
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
ukrnet2.js
trafmag.com/ 		335 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trafmag.com/ukrnet2.js?callback=jQuery30009119145578855536_1618904350628&_=1618904350629
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
trafmag.com
Software
nginx /
Resource Hash
4be6a47675523c5110a92b5a9c14d46c7327f15fb26ab0fe0e3d6b572c86ec24
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
server
nginx
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
p3p
CP="NON DSP COR CURa TIA"
1119189
servicer.mgid.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1119189?callback=jQuery30009119145578855536_1618904350630&_=1618904350631
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee63cc3a703a49d862bf3fb37db0b5ce30e60f1c9eb61c59cd757f1d38732dc2

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
098fd118170000413812ba3000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
642cb7a028584138-PRG
access-control-allow-headers
*
addlink.gif
zakladki.ukr.net/bookmarks/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zakladki.ukr.net/bookmarks/img/addlink.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.248 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv248.fwdcdn.com
Software
nginx/1.16.1 /
Resource Hash
baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:10 GMT
Last-Modified
Tue, 20 Aug 2013 02:30:01 GMT
Server
nginx/1.16.1
ETag
"5212d4a9-6dc"
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
close
Accept-Ranges
bytes
Content-Length
1756
Expires
Tue, 27 Apr 2021 07:39:10 GMT
cnt.php
counter.ukr.net/c5/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/c5/cnt.php?rand=0.9254548655109478&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.101 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:10 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Tue, 20 Apr 2021 07:39:09 GMT
cnt.php
counter.ukr.net/aid/portal/ 		314 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/aid/portal/cnt.php?rand=0.8474438242995019&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.101 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
af992079403976a07e83201be65ea60d93288a986b7785b9bfa40e07438956af

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:10 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Tue, 20 Apr 2021 07:39:09 GMT
cnt.php
counter.ukr.net/lid/329/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/lid/329/cnt.php?rand=0.944597574783469&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.101 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:10 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Tue, 20 Apr 2021 07:39:09 GMT
chartist.min.css
www.ukr.net/css/1/ Frame 30B5 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/css/1/chartist.min.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/dat/covid19.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv253.fwdcdn.com
Software
nginx /
Resource Hash
4def7e69368bf63d14e4fccb86d007b7e497960213f0a4fd564c8e667ebc85a9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/1/chartist.min.css
pragma
no-cache
cookie
uid=Cj1tBGB+hR52wNXlA9w2Ag==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; _ga=GA1.2.2015412494.1618904351; _gid=GA1.2.1651786967.1618904351
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.ukr.net
referer
https://www.ukr.net/dat/covid19.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ukr.net/dat/covid19.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Wed, 22 Apr 2020 15:50:12 GMT
server
nginx
etag
"5ea067b4-5db"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800
content-length
1499
x-xss-protection
1; mode=block
expires
Tue, 27 Apr 2021 07:39:10 GMT
chartist.min.js
www.ukr.net/js/1/ Frame 30B5 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/js/1/chartist.min.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/dat/covid19.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv253.fwdcdn.com
Software
nginx /
Resource Hash
de624a0a9b0ce2f2a5a44c44f80210ed7c42095f089a6109d0b29d6eecc2b074
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/1/chartist.min.js
pragma
no-cache
cookie
uid=Cj1tBGB+hR52wNXlA9w2Ag==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; _ga=GA1.2.2015412494.1618904351; _gid=GA1.2.1651786967.1618904351
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.ukr.net
referer
https://www.ukr.net/dat/covid19.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ukr.net/dat/covid19.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Wed, 22 Apr 2020 15:50:12 GMT
server
nginx
etag
"5ea067b4-2f28"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=604800
content-length
12072
x-xss-protection
1; mode=block
expires
Tue, 27 Apr 2021 07:39:10 GMT
swPortal2.css
pinformer.sinoptik.ua/css/15/ Frame 3BC9 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinformer.sinoptik.ua/css/15/swPortal2.css
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1618904350661
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4

Request headers

Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1618904350661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 13:04:12 GMT
server
nginx
etag
W/"5f620d4c-2deb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Thu, 20 May 2021 07:39:10 GMT
swPortal4.js
pinformer.sinoptik.ua/js/15/ Frame 3BC9 		115 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinformer.sinoptik.ua/js/15/swPortal4.js
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1618904350661
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a

Request headers

Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1618904350661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 14:54:44 GMT
server
nginx
etag
W/"5f622734-1cc1f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000, public
expires
Thu, 20 May 2021 07:39:10 GMT
t.gif
pinformer.sinoptik.ua/img/ Frame 3BC9 		43 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/t.gif
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1618904350661
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1618904350661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
last-modified
Thu, 23 Oct 2014 10:32:30 GMT
server
nginx
etag
"5448d93e-2b"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
43
expires
Thu, 20 May 2021 07:39:10 GMT
1_0.jpg
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 3BC9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/1_0.jpg
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1618904350661
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
a2af799b642bf2874c60a83411aae8de4768d46d9c150499040a7e93ac8007f2

Request headers

Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1618904350661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-532"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1330
expires
Thu, 20 May 2021 07:39:10 GMT
/
www.ukr.net/sinoptik/103067696/ Frame 3BC9 		0
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/sinoptik/103067696/
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1618904350661
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv253.fwdcdn.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/sinoptik/103067696/
pragma
no-cache
cookie
un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.ukr.net
referer
https://pinformer.sinoptik.ua/
:scheme
https
sec-fetch-site
cross-site
:method
GET
Referer
https://pinformer.sinoptik.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:10 GMT
last-modified
Tue, 20 Apr 2021 07:39:10 UTC
server
nginx
etag
"582596a6-0"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
set-cookie
pcity=103067696; domain=.ukr.net; path=/; max-age=31536000; SameSite=None; Secure uid=Cj1tBGB+hR52G9XkBF/MAg==; expires=Wed, 20-Apr-22 07:39:10 GMT; domain=.ukr.net; path=/
accept-ranges
bytes
content-type
application/x-javascript
content-length
0
expires
Tue, 20 Apr 2021 07:39:10 UTC
truncated
/ Frame E0D8 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
1
recreativ.ru/cs/1/ Frame 853E 		34 B
191 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recreativ.ru/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e14a53acde565277cbd2431e722ccd08d6d7047d1400f701ef74dfd14605fe23

Request headers

Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b28
cache-control
private, max-age=315360000
expires
Fri, 18 Apr 2031 10:39:10 +0300
1
go.rcvlink.com/cs/1/ Frame 853E 		34 B
156 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a6543694a62a5573bf1709e30effeb56ef3d5864d56f12ad8f58a416b4407a64

Request headers

Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b13
cache-control
private, max-age=315360000
expires
Fri, 18 Apr 2031 10:39:10 +0300
pubads_impl_2021041501.js
securepubads.g.doubleclick.net/gpt/ 		299 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 08:41:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107555
x-xss-protection
0
expires
Tue, 20 Apr 2021 07:39:10 GMT
m_22bdpm51chick-fight.jpeg
kinoafisha.ua/upload/2021/02/films/9478/ Frame E0D8 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kinoafisha.ua/upload/2021/02/films/9478/m_22bdpm51chick-fight.jpeg
Requested by
Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1618904350666
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
763a8799aa32101c12131fccf7919219c51109131e012fe3d53c1849e563abfc

Request headers

Referer
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1618904350666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
last-modified
Tue, 06 Apr 2021 09:15:09 GMT
server
nginx
etag
"606c269d-696f"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
26991
expires
Tue, 27 Apr 2021 07:39:10 GMT
m_22at8oahpohmele-v-tailande.jpg
kinoafisha.ua/upload/2020/12/films/9408/ Frame E0D8 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kinoafisha.ua/upload/2020/12/films/9408/m_22at8oahpohmele-v-tailande.jpg
Requested by
Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1618904350666
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
d8342c8635ec771dc2136a0af1c847af13adc9cb605a9e9b12c265446386d0e7

Request headers

Referer
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1618904350666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
last-modified
Fri, 02 Apr 2021 09:44:42 GMT
server
nginx
etag
"6066e78a-6d96"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
28054
expires
Tue, 27 Apr 2021 07:39:10 GMT
m_221870njgodzilla-protiv-king-konga.jpg
kinoafisha.ua/upload/2016/11/films/7466/ Frame E0D8 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kinoafisha.ua/upload/2016/11/films/7466/m_221870njgodzilla-protiv-king-konga.jpg
Requested by
Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1618904350666
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
db47cf4feab1f4a70d4d837b200985e57402b80c51c08b5620858d2ddfdb9f22

Request headers

Referer
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1618904350666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
last-modified
Mon, 25 Jan 2021 07:53:54 GMT
server
nginx
etag
"600e7912-553e"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
21822
expires
Tue, 27 Apr 2021 07:39:10 GMT
tracking
ghb.adtelligent.com/adunit/ 		43 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=300016&site_id=4947&full_page_url=https%3A%2F%2Fwww.ukr.net%2F&adid=ppunp1.91&vpbv=0772&lifecycle_tte=531
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.ukr.net
Date
Tue, 20 Apr 2021 07:39:10 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
runtime.js
upst.fwdcdn.com/js/ Frame 3BC9 		408 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/runtime.js
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772

Request headers

Referer
https://pinformer.sinoptik.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2017 14:33:26 GMT
server
nginx
etag
"59380eb6-1e6e9"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
124649
expires
Wed, 20 Apr 2022 07:39:10 GMT
bundle.css
accounts.ukr.net/widget/login/css/ Frame EB12 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/css/bundle.css?63ed99eb
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
cf4f8ce4e9d310e448f37a9868c601fe20a9a8b2bf098bce26c59881f92c5a08

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 15:06:36 GMT
server
nginx
etag
W/"6075b37c-211a"
content-type
text/css
x-upstream
4510.10.20.48:5080
cache-control
max-age=1209600
expires
Tue, 04 May 2021 07:39:10 GMT
bundle.js
accounts.ukr.net/widget/login/js/ Frame EB12 		147 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/bundle.js?7939f931
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
c35f5b8b56d55e7cece8df68b398eb091a17d494357e7eb07e71b87a33b4ed04

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 15:06:36 GMT
server
nginx
etag
W/"6075b37c-24b7d"
content-type
application/javascript
x-upstream
4510.10.20.49:5080
cache-control
max-age=1209600
expires
Tue, 04 May 2021 07:39:10 GMT
html5objects.js
upst.fwdcdn.com/js/ Frame 3BC9 		555 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/html5objects.js
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c

Request headers

Referer
https://pinformer.sinoptik.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2017 14:33:19 GMT
server
nginx
etag
"59380eaf-21ee1"
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
content-length
138977
expires
Wed, 20 Apr 2022 07:39:10 GMT
get
accounts.ukr.net/api/v1/cai/browser/ Frame EB12 		107 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/api/v1/cai/browser/get
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?7939f931
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
38fd106770440e447a7ba3015ddb0c5da6b82703cfe20a91abadf467eee910d6

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
server
nginx
content-type
application/json
x-upstream
4510.10.20.48:5080
expires
Tue, 20 Apr 2021 07:39:09 GMT
cache-control
no-cache
content-length
107
x-served-by
127.0.0.1:10000
get
accounts.ukr.net/api/v1/cai/browser/ Frame EB12 		107 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/api/v1/cai/browser/get
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?7939f931
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
4d041c09ff4cf3885898b484faf41f47fcdd9fc3751e9539f69200c4e9d2abb1

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
server
nginx
content-type
application/json
x-upstream
4510.10.20.49:5080
expires
Tue, 20 Apr 2021 07:39:09 GMT
cache-control
no-cache
content-length
107
x-served-by
127.0.0.1:10000
csyncs
ghb.adtelligent.com/ 		658 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=463287&aid2=463288&aid3=605039&aid4=607661
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
7dbd8c7566195ada3f3e2a2f33b832358d0526e1384d0217ec96264eb17da819

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:10 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
336
workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame EB12 		58 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?04375957e1af052dd87a
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
338f69fe1de47efce159b38aef5d8ccb729ff5f40e6fb8eb6e5b7ad5f214dfcc

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 15:06:36 GMT
server
nginx
etag
W/"6075b37c-e602"
content-type
application/javascript
x-upstream
4510.10.20.48:5080
cache-control
max-age=1209600
expires
Tue, 04 May 2021 07:39:10 GMT
workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame EB12 		58 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?04375957e1af052dd87a
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
338f69fe1de47efce159b38aef5d8ccb729ff5f40e6fb8eb6e5b7ad5f214dfcc

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 15:06:36 GMT
server
nginx
etag
W/"6075b37c-e602"
content-type
application/javascript
x-upstream
4510.10.20.49:5080
cache-control
max-age=1209600
expires
Tue, 04 May 2021 07:39:10 GMT
acquire
accounts.ukr.net/api/v1/token/verification/ Frame EB12 		27 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/api/v1/token/verification/acquire
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?7939f931
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-upstream
4510.10.20.48:5080
date
Tue, 20 Apr 2021 07:39:10 GMT
server
nginx
content-length
27
content-type
application/json
1
go.rcvlink.com/cs/1/ Frame 853E 		34 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e14a53acde565277cbd2431e722ccd08d6d7047d1400f701ef74dfd14605fe23

Request headers

Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
Cache-Control
max-age=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-cache
t5zf4tXcu2392xs

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b29
cache-control
private, max-age=315360000
expires
Fri, 18 Apr 2031 10:39:10 +0300
cnt.php
counter.ukr.net/advert/adv/portal/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/advert/adv/portal/cnt.php?rand=0.8474438242995019&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by
Host: counter.ukr.net
URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.8474438242995019&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.214.195.101 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:11 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Tue, 20 Apr 2021 07:39:10 GMT
collect
www.google-analytics.com/j/ 		2 B
31 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=531128332&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ukr.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=qGBAAUABAAAAAC~&jid=1920030513&gjid=159462072&cid=2015412494.1618904351&tid=UA-5903420-1&_gid=1651786967.1618904351&_r=1&cd1=Unregistered&cd2=n&cd3=0&gtm=2ou472&z=2007280050
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.html
s.console.adtarget.com.tr/ Frame E2FA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=609096
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
19b676f82aa4edf382ed59e1267b59e846d527ab2e1e5ec0a7ce2d512705dc94

Request headers

Host
s.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ukr.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

Server
VertaMedia 1.0
Date
Tue, 20 Apr 2021 07:39:10 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
953
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
Cookie set csync
sync.adtelligent.com/ Frame 9E84
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a26245a2-38e2-489a-957c-a3005a6987dd
86 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a26245a2-38e2-489a-957c-a3005a6987dd
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ukr.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=72e460f38b768ac0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

Server
VertaMedia 1.0
Date
Tue, 20 Apr 2021 07:39:10 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=72e460f38b768ac0; expires=Mon, 21 Jun 2021 07:39:11 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a319130=a26245a2-38e2-489a-957c-a3005a6987dd; expires=Mon, 21 Jun 2021 07:39:11 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

set-cookie
viewer_token=a26245a2-38e2-489a-957c-a3005a6987dd; path=/; domain=csync.loopme.me; Expires=Thu, 20-May-2021 07:39:11 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a26245a2-38e2-489a-957c-a3005a6987dd
content-length
0
date
Tue, 20 Apr 2021 07:39:11 GMT
server
_
1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=72e460f38b768ac0
35 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=72e460f38b768ac0
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:12 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=72e460f38b768ac0
Date
Tue, 20 Apr 2021 07:39:10 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
start.json
www.ukr.net/ajax/ 		61 KB
62 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/ajax/start.json
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv253.fwdcdn.com
Software
nginx /
Resource Hash
95ce0a99aface9f68502ac95e1f25fd4f560a561e72bd77b52c09443d5521cda
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
uid=Cj1tBGB+hR52wNXlA9w2Ag==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; _ga=GA1.2.2015412494.1618904351; _gid=GA1.2.1651786967.1618904351; can_https=1; pcity=103067696; tracknew=1618904350668417.1618904350.1; _gat_gtag_UA_5903420_1=1
:path
/ajax/start.json
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
www.ukr.net
referer
https://www.ukr.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.ukr.net/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:10 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-length
62975
x-xss-protection
1; mode=block
content-type
application/json
config.json
player.adtelligent.com/exchange_rates/299917/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/299917/config.json?cb=https%3A%2F%2Fwww.ukr.net%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
1ac65a81554038eda9e11deaf5521cb4a4cb29593189dbdc8669854dd743ba93

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 00:02:38 GMT
server
nginx
etag
W/"607e1a1e-19d4"
content-type
application/json
access-control-allow-origin
https://www.ukr.net
expires
Tue, 20 Apr 2021 08:39:11 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
truncated
/ Frame 3BC9 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-5903420-1&cid=2015412494.1618904351&jid=1920030513&gjid=159462072&_gid=1651786967.1618904351&_u=qGBAAUAAAAAAAC~&z=237205228
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 20 Apr 2021 07:39:11 GMT
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
go.rcvlink.com/bdto/5ysrIfrF92/ Frame 853E 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/bdto/5ysrIfrF92/?cache=t5zf4tXcu2392xs&ver=210403-0937&w=0&h=0&vw=0&ms=330.0&ref=&
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 07:39:11 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
*
hn
b17
cache-control
no-cache, no-store, no-transform, must-revalidate
content-type
application/javascript;charset=utf-8
expires
Tue, 20 Apr 2021 10:39:11 +0300
1618904351149.html
www.ukr.net/viewids/main/84569546,473,577,252,100,33,62,53,57,17,77,22,86,34,32,54,45,57,53,40,26,3,2,13,22,4,1,1,2,14,17,4,13,8,12,4,1,3,3,1,7,3,13,6,1,2,3,19,1,6,5,1,2,5,2,5,7,3,9,1,2,20,1,2,14,5... 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/viewids/main/84569546,473,577,252,100,33,62,53,57,17,77,22,86,34,32,54,45,57,53,40,26,3,2,13,22,4,1,1,2,14,17,4,13,8,12,4,1,3,3,1,7,3,13,6,1,2,3,19,1,6,5,1,2,5,2,5,7,3,9,1,2,20,1,2,14,5,3,4,11,8,1,1,2,6,3,11,21,3,1,1,2,5,5/1618904351149.html
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv253.fwdcdn.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
uid=Cj1tBGB+hR52wNXlA9w2Ag==; un_lang=ua; un_news_region=9; snr=9; scr=9; sfr=9; _ga=GA1.2.2015412494.1618904351; _gid=GA1.2.1651786967.1618904351; can_https=1; pcity=103067696; tracknew=1618904350668417.1618904350.1; _gat_gtag_UA_5903420_1=1
:path
/viewids/main/84569546,473,577,252,100,33,62,53,57,17,77,22,86,34,32,54,45,57,53,40,26,3,2,13,22,4,1,1,2,14,17,4,13,8,12,4,1,3,3,1,7,3,13,6,1,2,3,19,1,6,5,1,2,5,2,5,7,3,9,1,2,20,1,2,14,5,3,4,11,8,1,1,2,6,3,11,21,3,1,1,2,5,5/1618904351149.html
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.ukr.net
referer
https://www.ukr.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://www.ukr.net/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
last-modified
Fri, 11 Nov 2016 10:00:02 GMT
server
nginx
etag
"582596a2-0"
x-frame-options
SAMEORIGIN
content-type
text/plain
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
top_links.png
upst.fwdcdn.com/img/1612185778/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/1612185778/top_links.png
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/1612185778/top_links.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
0e9914554b80aba1f7ab23fa72b263a779d29fe29aa5d36e826fb60d8cfb9314

Request headers

Referer
https://upst.fwdcdn.com/css/1612185778/top_links.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
last-modified
Mon, 01 Feb 2021 13:23:03 GMT
server
nginx
etag
"601800b7-1278"
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
4728
expires
Tue, 27 Apr 2021 07:39:11 GMT
icons-arrow-left.svg
upst.fwdcdn.com/img/portal/main/ 		395 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/icons-arrow-left.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/65/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc

Request headers

Referer
https://upst.fwdcdn.com/css/65/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
last-modified
Wed, 14 Apr 2021 12:30:28 GMT
server
nginx
etag
"6076e064-18b"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
395
expires
Tue, 27 Apr 2021 07:39:11 GMT
icons-arrow-right.svg
upst.fwdcdn.com/img/portal/main/ 		461 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/icons-arrow-right.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/65/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df

Request headers

Referer
https://upst.fwdcdn.com/css/65/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
last-modified
Wed, 14 Apr 2021 12:30:28 GMT
server
nginx
etag
"6076e064-1cd"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
accept-ranges
bytes
content-length
461
expires
Tue, 27 Apr 2021 07:39:11 GMT
dot.svg
upst.fwdcdn.com/img/portal/main/ 		650 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/dot.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/65/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e

Request headers

Referer
https://upst.fwdcdn.com/css/65/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
last-modified
Fri, 11 Nov 2016 10:06:26 GMT
server
nginx
etag
"58259822-18e"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
content-length
398
expires
Tue, 27 Apr 2021 07:39:11 GMT
arrow.svg
upst.fwdcdn.com/img/portal/main/ 		233 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/arrow.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/65/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv247.fwdcdn.com
Software
nginx /
Resource Hash
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Request headers

Referer
https://upst.fwdcdn.com/css/65/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
last-modified
Fri, 11 Nov 2016 10:06:26 GMT
server
nginx
etag
"58259822-bc"
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=604800
content-length
188
expires
Tue, 27 Apr 2021 07:39:11 GMT
ico-arrow.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 3BC9 		149 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/ico-arrow.png
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034

Request headers

Referer
https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-95"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
149
expires
Thu, 20 May 2021 07:39:11 GMT
term-t1.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 3BC9 		389 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/term-t1.png
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

Referer
https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-185"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
389
expires
Thu, 20 May 2021 07:39:11 GMT
s-wind2.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 3BC9 		185 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/s-wind2.png
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964

Request headers

Referer
https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-b9"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
185
expires
Thu, 20 May 2021 07:39:11 GMT
integrator.js
adservice.google.cz/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.cz/adsid/integrator.js?domain=www.ukr.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ukr.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		70 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1345474708920586&correlator=3796502810823880&output=ldjh&impl=fifs&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210420&iu_parts=17774365%2Cukr.net_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x500%7C300x400%7C300x107&fsfs=1&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1618904351&dt=1618904351277&dlt=1618904350506&idt=519&frm=20&biw=1600&bih=1200&oid=3&adxs=995&adys=196&adks=583682291&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x557&msz=300x250&ga_vid=2015412494.1618904351&ga_sid=1618904351&ga_hid=531128332&ga_fc=false&fws=0&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
514b8c25e2e6f1bb545d50b9551875ef81d5624f05598b1830cfb1bd6a15370a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18775
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		78 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1345474708920586&correlator=1479198870308724&output=ldjh&impl=fifs&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210420&iu_parts=17774365%2Cukr.net_300x145&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x145%7C300x175&fsfs=1&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1618904351&dt=1618904351282&dlt=1618904350506&idt=519&frm=20&biw=1600&bih=1200&oid=3&adxs=995&adys=446&adks=2005426448&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x557&msz=300x145&ga_vid=2015412494.1618904351&ga_sid=1618904351&ga_hid=531128332&ga_fc=false&fws=0&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
dd213eacc0f658903d46703559ba6e696121e61fe93da9b3c30df8beff053035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19274
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1345474708920586&correlator=4095440519885281&output=ldjh&impl=fifs&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210420&iu_parts=17774365%2Cukr.net_brend_resize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C120x600%7C160x600&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1618904351&dt=1618904351283&dlt=1618904350506&idt=519&frm=20&biw=1600&bih=1200&oid=3&adxs=130&adys=89&adks=1069264500&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4284&msz=160x-1&ga_vid=2015412494.1618904351&ga_sid=1618904351&ga_hid=531128332&ga_fc=false&fws=512&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b949d75bab597234bb9d57818d1f06d98120a2500d23f518c6498389d5535d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7321
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ukr.net%2F&domain=www.ukr.net&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.ukr.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.ukr.net
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1350
date
Tue, 20 Apr 2021 07:39:10 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ukr.net%2F&domain=www.ukr.net&cw=1
  • https://mug.criteo.com/sid?cpp=Y1v4Z3xiWkRjVjBtRGZpZWU5TlcyWFlGeGoremd1RU1ER0xLV2RFdE9HRldVdUZzMlhDZDRadTA0SjJhczg5eXJqa3pKemVVNE52NWJ5TFNiUVREMWFBQjJIVmxuZ1FBK3UycXU5d25nenFCTVJrRUhBbHJyaUxCUndhSE...
313 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Y1v4Z3xiWkRjVjBtRGZpZWU5TlcyWFlGeGoremd1RU1ER0xLV2RFdE9HRldVdUZzMlhDZDRadTA0SjJhczg5eXJqa3pKemVVNE52NWJ5TFNiUVREMWFBQjJIVmxuZ1FBK3UycXU5d25nenFCTVJrRUhBbHJyaUxCUndhSERQTTJJaTd5c3pmb3FzRytjVUljMTZCYXMxK0JIZjE5c25Lb0RMZjMvN3cybVJDeW01ekpFNkp5bnA1SUZEdVllMW1pc0Y4UG9QdTZBem1DYnBXL2o4bENFc21NMXd0S3hiSHVBUnZxbFdXWEZ5cE9nYmhZPXw&cppv=2
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
75c30a3726fac9acaac6f7729d1ec410417b62ff61bf4cd73b65d827c66db348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 20 Apr 2021 07:39:13 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2083
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 20 Apr 2021 07:39:10 GMT
location
https://mug.criteo.com/sid?cpp=Y1v4Z3xiWkRjVjBtRGZpZWU5TlcyWFlGeGoremd1RU1ER0xLV2RFdE9HRldVdUZzMlhDZDRadTA0SjJhczg5eXJqa3pKemVVNE52NWJ5TFNiUVREMWFBQjJIVmxuZ1FBK3UycXU5d25nenFCTVJrRUhBbHJyaUxCUndhSERQTTJJaTd5c3pmb3FzRytjVUljMTZCYXMxK0JIZjE5c25Lb0RMZjMvN3cybVJDeW01ekpFNkp5bnA1SUZEdVllMW1pc0Y4UG9QdTZBem1DYnBXL2o4bENFc21NMXd0S3hiSHVBUnZxbFdXWEZ5cE9nYmhZPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1733
content-length
482
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ukr.net
date
Tue, 20 Apr 2021 07:39:11 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.15.0-11&cb=18126505794
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ukr.net
date
Tue, 20 Apr 2021 07:39:10 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
/
ghb.adtelligent.com/v2/auction/ 		1 KB
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
f127f5991d8905bdacab57c2616de16ad334f816e74675cdf8de8cd7981528ab

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:39:10 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
397
auction
rtb.adxpremium.services/openrtb2/ 		324 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8efcb43423afaee439766d4afc4266809a15a08acff929e7608a44f76e3e64a9

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
098fd11a5c00004a7f640d6000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CkhCccLMRPC1CcLDm%2BazT2m3Hsgv2EzV54LUZnDD38KfEVGEanOHyM7j%2BcSheLMkjz50zgtcI2pvkIOgsLKThwUpd5qj7gw4yPyTetfTlJ2UgEFX%2FpAaEEZW2WapvGxeVxWVag%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/json
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
642cb7a3ccd84a7f-FRA
expires
0
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=5864148638789715&tz=-120&fl=0&rr=direct&s=2894403&bidid=173dca5eb8e4cc&transactionid=7ba44ee2-2e84-418a-bdb7-30b813004d65&auctionid=pp...
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=5864148638789715&tz=-120&fl=0&rr=direct&s=2894403&bidid=173dca5eb8e4cc&transactionid=7ba44ee2-2e84-418a-bdb7-30b813004d65&auctionid=pp...
2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=5864148638789715&tz=-120&fl=0&rr=direct&s=2894403&bidid=173dca5eb8e4cc&transactionid=7ba44ee2-2e84-418a-bdb7-30b813004d65&auctionid=ppuo1l.ke&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=300x250&jst=hb&ord=5864148638789715&tz=-120&fl=0&rr=direct&s=2894403&bidid=173dca5eb8e4cc&transactionid=7ba44ee2-2e84-418a-bdb7-30b813004d65&auctionid=ppuo1l.ke&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.ukr.net
content-length
0
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=6356203680633425&tz=-120&fl=0&rr=direct&s=2894403&bidid=1847058ec67728d&transactionid=c23bfb09-9e36-4079-8657-c5e47d80d227&auctionid=p...
  • https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=6356203680633425&tz=-120&fl=0&rr=direct&s=2894403&bidid=1847058ec67728d&transactionid=c23bfb09-9e36-4079-8657-c5e47d80d227&auctionid=p...
2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=6356203680633425&tz=-120&fl=0&rr=direct&s=2894403&bidid=1847058ec67728d&transactionid=c23bfb09-9e36-4079-8657-c5e47d80d227&auctionid=ppuo1l.ke&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=300x250&jst=hb&ord=6356203680633425&tz=-120&fl=0&rr=direct&s=2894403&bidid=1847058ec67728d&transactionid=c23bfb09-9e36-4079-8657-c5e47d80d227&auctionid=ppuo1l.ke&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.ukr.net
content-length
0
adjson
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=8216866138343115&tz=-120&fl=0&rr=direct&s=3622782&bidid=19329e6c90a3033&transactionid=c23bfb09-9e36-4079-8657-c5e47d80d227&auctionid=p...
  • https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=8216866138343115&tz=-120&fl=0&rr=direct&s=3622782&bidid=19329e6c90a3033&transactionid=c23bfb09-9e36-4079-8657-c5e47d80d227&auctionid=p...
2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=300x600&jst=hb&ord=8216866138343115&tz=-120&fl=0&rr=direct&s=3622782&bidid=19329e6c90a3033&transactionid=c23bfb09-9e36-4079-8657-c5e47d80d227&auctionid=ppuo1l.ke&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=300x600&jst=hb&ord=8216866138343115&tz=-120&fl=0&rr=direct&s=3622782&bidid=19329e6c90a3033&transactionid=c23bfb09-9e36-4079-8657-c5e47d80d227&auctionid=ppuo1l.ke&ref=https%3A%2F%2Fwww.ukr.net%2F&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.ukr.net
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		262 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e365cc592fb95d3828f763017a833f0f6c295a7537c081145fa48e2c50b35510
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:11 GMT
X-Proxy-Origin
217.138.199.20; 217.138.199.20; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid
34127f2f-0ae4-4653-ac0f-8a8244c8d2dc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ukr.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
262
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid.1.0.aspx
inv-nets.admixer.net/ 		2 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.0.aspx?data={%22imps%22:[{%22id%22:12204,%22name%22:%22Admixer%20premium%20bottom%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22admixer%22,%22entityId%22:12072,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%22b2f69d9c-d99f-4bcd-a357-a6c083deaf9a%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:1649992,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%22b83d10ec-b80b-4ba6-b354-b3cb44ff01fc%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22b83d10ec-b80b-4ba6-b354-b3cb44ff01fc%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,145],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-1544528258762-0%22,%22transactionId%22:%227ba44ee2-2e84-418a-bdb7-30b813004d65%22,%22sizes%22:[[300,145],[300,250]],%22bidId%22:%22248fdd1e1137336%22,%22bidderRequestId%22:%2223e1cd77359864%22,%22auctionId%22:%22ppuo1l.ke%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0},{%22id%22:13987,%22name%22:%22Admixer%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22admixer%22,%22entityId%22:14496,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%22d765a0ca-a2cc-4c2c-a7cf-cc07398aab34%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:1805870,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%22b83d10ec-b80b-4ba6-b354-b3cb44ff01fc%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22b83d10ec-b80b-4ba6-b354-b3cb44ff01fc%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-1544528657150-0%22,%22transactionId%22:%22c23bfb09-9e36-4079-8657-c5e47d80d227%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%2225bd45d5a6ab175%22,%22bidderRequestId%22:%2223e1cd77359864%22,%22auctionId%22:%22ppuo1l.ke%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0}],%22referrer%22:%22https%3A%2F%2Fwww.ukr.net%2F%22}
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:39:11 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
X-XSS-Protection
0
prebid.1.0.aspx
inv-nets.admixer.net/ 		2 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.0.aspx?data={%22imps%22:[{%22id%22:15960,%22name%22:%22AmplifiAdmixer%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22amplifi%22,%22entityId%22:12072,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%22b335c008-b837-40e8-b569-4468a77e1c0b%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:2637829,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%22b83d10ec-b80b-4ba6-b354-b3cb44ff01fc%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22b83d10ec-b80b-4ba6-b354-b3cb44ff01fc%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,145],[300,250]]}},%22adUnitCode%22:%22div-gpt-ad-1544528258762-0%22,%22transactionId%22:%227ba44ee2-2e84-418a-bdb7-30b813004d65%22,%22sizes%22:[[300,145],[300,250]],%22bidId%22:%2227fbb6dbbaf8a41%22,%22bidderRequestId%22:%22269b8f4f522f3b%22,%22auctionId%22:%22ppuo1l.ke%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0}],%22referrer%22:%22https%3A%2F%2Fwww.ukr.net%2F%22}
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:39:11 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
X-XSS-Protection
0
bid
ap.lijit.com/rtb/ 		94 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.15.0-11
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
aeb49a5ad222d434ae4f895aaa320fba95c2436d5d4bc40ecc8bd72fd5196f25

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:39:11 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
/
ghb1.adtelligent.com/v2/auction/ 		480 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
80a615481f500f8fc66d5fa26e8117e1c5ce24e7491023b0d2538f411d451cca

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:39:10 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
187
arj
adtelligent-d.openx.net/w/1.0/ 		172 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.ukr.net%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7ba44ee2-2e84-418a-bdb7-30b813004d65%2Cc23bfb09-9e36-4079-8657-c5e47d80d227&nocache=1618904351313&pubcid=b83d10ec-b80b-4ba6-b354-b3cb44ff01fc&schain=1.0%2C1!adtelligent.com%2C300016%2C1%2C%2C%2C&aus=300x145%2C300x250%7C300x600%2C300x250&divIds=div-gpt-ad-1544528258762-0%2Cdiv-gpt-ad-1544528657150-0&auid=541177132%2C541177132
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
16347bc8ab931957e0943279cc68d6c7f4200640775fb8bedab0c571c3f17cde

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ukr.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1832306&size_id=15&rp_schain=1.0,1!adtelligent.com,300016,1,,,&eid_pubcid.org=b83d10ec-b80b-4ba6-b354-b3cb44ff01fc%5E1&rf=https%3A%2F%2Fwww.ukr.net%2F&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=7ba44ee2-2e84-418a-bdb7-30b813004d65&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7588391937771775
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
78962cbb1faccbd5baee0ad77dc0507796eb7b30d687a231d4eb643fae0bb281

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ukr.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1832306&size_id=15&alt_size_ids=10&rp_schain=1.0,1!adtelligent.com,300016,1,,,&eid_pubcid.org=b83d10ec-b80b-4ba6-b354-b3cb44ff01fc%5E1&rf=https%3A%2F%2Fwww.ukr.net%2F&tk_flint=pbjs_lite_v4.15.0-11&x_source.tid=c23bfb09-9e36-4079-8657-c5e47d80d227&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.044145502641281364
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a3c814b4ed792f8beca08492c856a3d360805e5f5c5d61509749f5f785f0971b

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ukr.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5903420-1&cid=2015412494.1618904351&jid=1920030513&_u=qGBAAUAAAAAAAC~&z=1080671631
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5903420-1&cid=2015412494.1618904351&jid=1920030513&_u=qGBAAUAAAAAAAC~&z=1080671631
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
go.rcvlink.com/err/ Frame 853E 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/err/?code=5ysrIfrF92&ver=210403-0937&ms=522&text=!responseText&ref=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx / PHP/7.4.12
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

hn
m1
date
Tue, 20 Apr 2021 07:39:11 GMT
cache-control
no-store
server
nginx
x-powered-by
PHP/7.4.12
content-type
image/gif
pbsync.html
js.adscale.de/ Frame 772A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Host
js.adscale.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

x-amz-id-2
gP4kyJgm9jhO0VUUdLTBT2FWpFhQmCAW/re9IS8ZQIJX8fTLSq2/YHJz4jHPt+LSgIODv8ND+4c=
x-amz-request-id
TJ1Q7NA6JYQADF0B
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
ETag
"5550fca00caf055568d6ced373f2721f"
x-amz-version-id
ljUMRnw1Ux.L_G6sluuTuNwF_kYaf8ny
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1509
Cache-Control
max-age=300
Date
Tue, 20 Apr 2021 07:39:11 GMT
Connection
keep-alive
cookie
cm.adform.net/ Frame CB8B 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:method
GET
:authority
cm.adform.net
:scheme
https
:path
/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Tue, 20 Apr 2021 07:39:11 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame BC60 		251 B
602 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

:method
GET
:authority
cdn.admatic.com.tr
:scheme
https
:path
/user
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-481
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cdn-edgestorageid
481
cdn-storageserver
DE-51
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-04-17 14:43:38
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
7d84fcc5aab3aca6f2043b477dce62dd
cdn-cache
HIT
content-encoding
gzip
sync.html
s.adtelligent.com/ Frame AAAB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=609724
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
75f62120b95e617215684e9aef305a9c4db72d7f2326b69e9e4ee78a4c07a353

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=72e460f38b768ac0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Tue, 20 Apr 2021 07:39:11 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
887
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
Cookie set csync
sync.console.adtarget.com.tr/ Frame BC6B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ndfqrXSPq38VFQuLcvXA&pi=admatic&tc=1
86 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ndfqrXSPq38VFQuLcvXA&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Tue, 20 Apr 2021 07:39:11 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=4c45121115b852ee; expires=Mon, 21 Jun 2021 07:39:11 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307080=ndfqrXSPq38VFQuLcvXA; expires=Mon, 21 Jun 2021 07:39:11 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

Redirect headers

date
Tue, 20 Apr 2021 07:39:11 GMT Tue, 20 Apr 2021 07:39:11 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ndfqrXSPq38VFQuLcvXA&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame 25E5
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
f01f2b2db41ab7dd8ba1fcc1dfc20a7a94c5c980734d9ba13f974e51959935e3

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Tue, 20 Apr 2021 07:39:11 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=AHHfMKD0aH-u5UCe; path=/; domain=e-planning.net; expires=Tue, 18-Apr-2028 07:39:11 GMT; SameSite=None; Secure
expires
Tue, 20 Apr 2021 07:39:11 GMT
x-sid
AMS-731
content-encoding
gzip

Redirect headers

server
openresty
date
Tue, 20 Apr 2021 07:39:11 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-731
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 96A8 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=131540
Expires
Wed, 21 Apr 2021 20:11:38 GMT
Date
Tue, 20 Apr 2021 07:39:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
csync
sync.console.adtarget.com.tr/ Frame E2FA
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-c9dd754e-2b4f-476d-9184-75d813de11b1
86 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-c9dd754e-2b4f-476d-9184-75d813de11b1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

location
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-c9dd754e-2b4f-476d-9184-75d813de11b1
date
Tue, 20 Apr 2021 07:39:18 GMT
server
Apache-Coyote/1.1
content-length
0
csync
sync.adtelligent.com/ Frame E2FA
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=4c45121115b852ee
86 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=4c45121115b852ee
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=4c45121115b852ee
Date
Tue, 20 Apr 2021 07:39:11 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Y1v4Z3xiWkRjVjBtRGZpZWU5TlcyWFlGeGoremd1RU1ER0xLV2RFdE9HRldVdUZzMlhDZDRadTA0SjJhczg5eXJqa3pKemVVNE52NWJ5TFNiUVREMWFBQjJIVmxuZ1FBK3UycXU5d25nenFCTVJrRUhBbHJyaUxCUndhSERQTTJJaTd5c3pmb3FzRytjVUljMTZCYXMxK0JIZjE5c25Lb0RMZjMvN3cybVJDeW01ekpFNkp5bnA1SUZEdVllMW1pc0Y4UG9QdTZBem1DYnBXL2o4bENFc21NMXd0S3hiSHVBUnZxbFdXWEZ5cE9nYmhZPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1069
date
Tue, 20 Apr 2021 07:39:12 GMT
content-encoding
gzip
vary
Accept-Encoding
bundle.js
cdn.admatic.com.tr/user/ Frame BC60 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
br
cdn-edgestorageid
481
cdn-storageserver
DE-51
cdn-cachedat
2021-04-17 09:42:40
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-481
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
10866a3f8ee9e3773ce55efc00e89908
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
d
ic.tynt.com/r/ Frame 9EE3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
ic.tynt.com
:scheme
https
:path
/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.adtelligent.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.adtelligent.com/

Response headers

server
nginx/1.16.1
date
Tue, 20 Apr 2021 07:39:12 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame AAAB
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=72e460f38b768ac0
35 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=72e460f38b768ac0
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:12 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=72e460f38b768ac0
Date
Tue, 20 Apr 2021 07:39:10 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
csync
sync.adtelligent.com/ Frame AAAB
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=8f5af20d3fcabdf297c33c40
86 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=8f5af20d3fcabdf297c33c40
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Date
Tue, 20 Apr 2021 07:39:11 GMT
Server
nginx
Location
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=8f5af20d3fcabdf297c33c40
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
csync
sync.adtelligent.com/ Frame AAAB
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=524fa07a-a813-47b8-820e-bb36a183f08c
86 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=524fa07a-a813-47b8-820e-bb36a183f08c
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:12 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=524fa07a-a813-47b8-820e-bb36a183f08c
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
r353drtu37fcngf9dfel3r4vkk3t56en
csync
sync.adtelligent.com/ Frame AAAB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5312381222234928029
86 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5312381222234928029
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:11 GMT
X-Proxy-Origin
217.138.199.20; 217.138.199.20; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.145:80
AN-X-Request-Uuid
3126c8f4-17c2-42c4-9a61-c5f7c3bd5806
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5312381222234928029
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.console.adtarget.com.tr/ Frame AAAB
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=72e460f38b768ac0
86 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=72e460f38b768ac0
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Location
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=72e460f38b768ac0
Date
Tue, 20 Apr 2021 07:39:10 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
integrator.js
adservice.google.cz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.cz/adsid/integrator.js?domain=www.ukr.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ukr.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1345474708920586&correlator=4480013394304683&output=ldjh&impl=fifs&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210420&iu_parts=17774365%2Cukr.net_300x250_ad_unit2_bottom%2Cukr.net_300x250_ad_unit3_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x145%7C300x250%2C300x600%7C300x250&fsfs=1%2C1&fsbs=1%2C1&prev_scp=excl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1618904351&dt=1618904351651&dlt=1618904350506&idt=519&frm=20&biw=1600&bih=1200&oid=3&adxs=995%2C995&adys=681%2C2169&adks=4227265388%2C1469812228&ucis=4%7C5&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x953%7C300x600&msz=300x145%7C300x600&ga_vid=2015412494.1618904351&ga_sid=1618904351&ga_hid=531128332&ga_fc=false&fws=0%2C0&ohw=0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
be0aed68b096d0d64b930d667c12c9e5cfc35f6adc275af68fff3bccaf966897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7868
x-xss-protection
0
google-lineitem-id
-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
uu
ih.adscale.de/ Frame 772A
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1618904351
  • https://ih.adscale.de/uu?cbfn=receive&t=1618904351&nut&uu=d0762a31326341628ff64cfdea5976e1
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1618904351&nut&uu=d0762a31326341628ff64cfdea5976e1
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b946d8136218d95d49e8f82a64b0f30628a33c241f9671d272f3d06ca6cc6b0c

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:12 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1618904351&nut&uu=d0762a31326341628ff64cfdea5976e1
date
Tue, 20 Apr 2021 07:39:12 GMT
content-length
0
um
u-ams02.e-planning.net/ Frame 25E5
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4bdde01f762de4a5
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4bdde01f762de4a5
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4bdde01f762de4a5
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:15 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:14 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4bdde01f762de4a5
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame 25E5
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3320649081
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3320649081
  • https://sync.1rx.io/usersync/tradedesk/71a5dbba-8d30-4ae4-9717-4fb42c4bad53
  • https://sync.targeting.unrulymedia.com/csync/RX-0649f759-6d09-40b3-89b3-4dcc88eb6c07-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-0649f759-6d09-40b3-89b3-4dcc88eb6c07-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-0649f759-6d09-40b3-89b3-4dcc88eb6c07-003&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-0649f759-6d09-40b3-89b3-4dcc88eb6c07-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Tue, 20 Apr 2021 07:39:19 GMT
Server
Tengine
ETag
RX0649f7596d0940b389b34dcc88eb6c07003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.e-planning.net/um?uid=RX-0649f759-6d09-40b3-89b3-4dcc88eb6c07-003&dc=1079cc634ca638f8&iss=1
Connection
keep-alive
Content-Type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 25E5 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:18 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 19 Apr 2026 07:39:18 GMT
tm60118.js
tag.navdmp.com/ Frame 25E5 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1825
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
098fd11c350000c2b8768c8000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
642cb7a6bb3fc2b8-FRA
expires
Tue, 20 Apr 2021 08:08:46 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 25E5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:18 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 19 Apr 2026 07:39:18 GMT
um
u-ams02.e-planning.net/ Frame 25E5
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4bdde01f762de4a5%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4bdde01f762de4a5&uid=524fa07a-a813-47b8-820e-bb36a183f08c
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4bdde01f762de4a5&uid=524fa07a-a813-47b8-820e-bb36a183f08c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:12 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:12 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4bdde01f762de4a5&uid=524fa07a-a813-47b8-820e-bb36a183f08c
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
7bk7vtjk7qte3662nld6kgh0sqtggldp
ptag
a.audrte.com/ Frame 25E5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-146-169.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
30000c0615486c8acf864f183d245466b43e9455a437c99084b80d293464a534

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:19 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 25E5 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:18 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 19 Apr 2026 07:39:18 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 25E5 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D4bdde01f762de4a5%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:11 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 25E5
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4bdde01f762de4a5
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:12 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Tue, 20 Apr 2021 07:39:12 GMT
server
nginx/1.10.3
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 25E5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4bdde01f762de4a5%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4bdde01f762de4a5&uid=5312381222234928029
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4bdde01f762de4a5&uid=5312381222234928029
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:12 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:11 GMT
X-Proxy-Origin
217.138.199.20; 217.138.199.20; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.86:80
AN-X-Request-Uuid
1ff7bc91-e161-4466-9ff6-65baafdb9935
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4bdde01f762de4a5&uid=5312381222234928029
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 25E5 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D4bdde01f762de4a5%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 25E5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-6Wk2iX9E2uFlt3PMkJmxWoWFpOz3CtVy.h4LAT8-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-6Wk2iX9E2uFlt3PMkJmxWoWFpOz3CtVy.h4LAT8-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:14 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Tue, 20 Apr 2021 07:39:14 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-6Wk2iX9E2uFlt3PMkJmxWoWFpOz3CtVy.h4LAT8-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame 25E5
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D4bdde01f762de4a5%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4bdde01f762de4a5&uid=16d1d61a8e156e19cc6cde882a99e06febb2f178
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4bdde01f762de4a5&uid=16d1d61a8e156e19cc6cde882a99e06febb2f178
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:14 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4bdde01f762de4a5&uid=16d1d61a8e156e19cc6cde882a99e06febb2f178
Date
Tue, 20 Apr 2021 07:39:14 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
test_dmp.html
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame 25E5 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame 203C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCujB5+bIKQCt2j+sCG2oESjOWy/vRlnE/2xP1QNbykl6VZ6Pe0l6zGTGAc8Nf/SsHvOIaQr/BLOBlhUPPCnvzv9eYsdrjM5CB4fw; ses15=; vis15=48138^1; khaos=KNPPUO7H-28-GLG4; audit=1|naVuGyos1qoRuXNk+F4KfXGVBODxIywNsrctWvqRiD+KBLVoa+LNGr23sO2Er/soDsMxy7WHzwTevgx+a4TZCdAPlTu0R9RN
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Apr 2021 07:39:13 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Tue, 20 Apr 2021 07:39:12 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4C80 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4bdde01f762de4a5%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=131540
Expires
Wed, 21 Apr 2021 20:11:38 GMT
Date
Tue, 20 Apr 2021 07:39:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
container.html
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D5DF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 20 Apr 2021 07:39:11 GMT
expires
Wed, 20 Apr 2022 07:39:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831909828443"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Tue, 20 Apr 2021 07:39:11 GMT
container.html
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C0E3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 20 Apr 2021 07:39:11 GMT
expires
Wed, 20 Apr 2022 07:39:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame B511 		157 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRD_krICGIWU1qMBMAE&v=APEucNWlMud8fYUE3yKDJWcBGAe2EL4J3yiaKi_5dUfvXu97FzMsvpLvp5Nt-onczyHlpTgseCmB4d-CNn-mv1xn_HFD45uAUFNbpjUbjx2UUMAQjdncCcQzIyObgAKQs_k2VE3dKUYb
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2900a771d3f6ae1a49699beedd12cd4902b97b2d2066515a215d140e3f942b09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJuhcRD_krICGIWU1qMBMAE&v=APEucNWlMud8fYUE3yKDJWcBGAe2EL4J3yiaKi_5dUfvXu97FzMsvpLvp5Nt-onczyHlpTgseCmB4d-CNn-mv1xn_HFD45uAUFNbpjUbjx2UUMAQjdncCcQzIyObgAKQs_k2VE3dKUYb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 20 Apr 2021 07:39:11 GMT
server
cafe
cache-control
private
content-length
138
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUlgEoOfIy1WU0Ju8kYOXOepEpB5S9hbaZVOeRIndjA2xJgy0l3nonA_P0gD; expires=Sun, 15-May-2022 07:39:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 20 Apr 2021 07:39:11 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D5DF 		42 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTeGkUcUB-rLSDg1jwhsDngL5yYyzc7T1xeunoQzi5xdYe8RHcheXVvAdIYP_-d3BOl9Lpr9Im0UWfuiq1Tt-RE7AkElQW247c5Ff4l5P3tNIxS_E1BGzxg5rG39UVE4gUtRKpVaP2ybHo129hVm81yMFlQ&dbm_d=AKAmf-DXNLsd8OC4ySUn_DjKU-qoxbcBBbFbMn01-XU77mwPT6G3dbgoPHoAlHE9L-W_C19LLYXPtwZtHWbr-R2W9sl3IrYYztvNvWg56X4BAJXKjqBsGdd3ZuLIYgKdyOEue8M9HPmIeyrx9V6EbGlYWGweWJ2oEJGwE5THNAPAPHHh-UtLeWRzyTzsI3Z-uXWJ3edHWNPhEoK4RmkvEJ7BsNFkObQ5ngV6q3iZ4hWdJyjZmt6xoBt1VsL74nnwsSZtpSLOrxjjAK3KmpJ6PjTBMapGv_zx-RRj3y_iS2cUTOHA024HM41IdQIkz9B0YqEbr6IgREGv136RjLNiKgNbqRvw6u8X8NDifEnldy9z3vecJgNhQvZRfcXFPFpLAMS0q6MDqHJX2YUi16vKqcMnFgLnJi-2Qne_q7aBGjxQ4yhjelq4ry0lw36oeS39VnmKDsaTzw6N3F-Dez4iHnOP2tRtuzCsXun4rwJHEiPO-KE4hxRMVR5OvQ0OgXztp29XAn783rzENkyBG1-DZCbrUUgqMG_WB-A-BqiGNyRt4qsxDr0DHv5c7YkaQLZLizeaPft2sbqF2hesTvhtNjzr0-wM7qf1LtPH0reoho2BaJkuX2khPhFK2AzbODuZjL1CYzmDpL7ZKMH_mEGi5src0_WsTxZRkr8zahX_g2S9URnin6dcFSjY_hdha4mpDaflbk2cV3pznHWY0aOvTeXQJ7vqRBvdN8xuzgo3XEL5fnuswurDYL5x1dOOS-30DB_EuGtimh8jRsCryeb1sp_jatX4NKuFdnPep8W6D1ociu48yeJT8uYfJeV6I19aqI6eSQe-502BhDVuU8gvzuGX0-yJ-OsmbpgiiKoFHZx6-MyOPNEB3K3qIVCoS-1-Idn08iZq-JPDYU-Cgtas-pYjp6vH21cYMe86PPbl0xV31MvE_nslMNPTDekOGDtt0wU4bbRct-_HcRVRjO4BbPkvX80vt7WKJfIJf99zx6-jz4fHRfEdgmJUXKfOL2IXmP_kwWQ1gGVUcZhCfRrUpkxjW4syqp9ThlU5fY-47eh54JdP4ON0uCydf6BhzXKJ_-cDWvoNhp4kVCiQjS3ASewXVDHp6QgKx8MuZ_Q8QdKG5v4nEYvEk9LcKE5cigCIL-hlopslfBlh8qurUaWklyteve6EzD9GgutT-Z_--ZxuN8wOhjoUXaBQIaSXbWI58rmZYyzsLG3N0Fyk-6xpA7dxVQ76nhYh9yxxmVPGs49hHFu15CpEQWtCPlvxjCZGxmOUl2HgBJ7zEC5wip9fSoQR89hH-hWXIEUnWctPPSektVkBsUrKhNxHFtRQtFPuv8F1okgXTRC6KToTOF4g_JH8CIPXzaq6KUj1ponExecqHT56FDfPuM7qWcSUlYmxipQRsNA4d9pisJjFYPnHphFrBIeXCjRqEG-3WxfnQ1-O16NzzhHSFyjAxizlqzxl0o0QpSUAR2zNC7Be_kaBWnEw7oe9i4VLgxdYrCoDAbmH5Q1Tyadpqj-sKOGIpAS4rfIVRIn-Sd2_UdPdbFawzzDSqABWPGiSwSe6tF-tSsJNutMFIoadY2rWRzkBPCmCZg1tiHCFGl81ll2MvpHsMGKzfOztEm7W_woCgtM2_XTjedDWoeDLI3XHkvnpLe7qvcTAUHhWJPauQ-7xPEaab14gPqnX0JQdQtBJ5bK_WW4I7MYgF4ShUQk0kFbOIL5ZdawINM_k6M-maNmE0Ua-oHKy7YJRvFurkpzsrHVSvr0sHPkbsCOJGssK1tri9LjCBMGo8rSO02SL8N2otXQD5hQvo5ZuvM2iYF__BviSRgDqQkGux7V0oDoWeQVPL-5p3xZCDA1aCNByw3nIYSclfar96_tzUGekLLOW2pOIHxTBK34vPPmIQfHgE7jX7S33V6rjvzm57HWD3EejCx4D_bonwXpCSngTQQRSJL9PG7n7pebxxBUrj3hHaDf_wli0LG1eOfgIgwlkZv33-A3b9O-Ezt9Fdc8Re1ZSDpWZemd67MeI6Z72wLYiLtBUru0cxztKjd5ukJH2F4G0-OC_qaz9vOdElU6gOtMqC-iCdQLlMs44rkLEp6leQiYKyo9wvXgYFPWbd3vyclG0-pBKz52eqL-F99V7bYwH0xZTOWa3zc3qMbVdyiIYtcgBnWO5AatQw_TsZDH5yOJcXIkkWcXsSWcfy40OVO6zIskymrE_W6ra_KjQ_8CttANUsQqBwflBA5raFcmRFPVZTqfOfT0HbxamFSuOxGq2KbyT5AudvvxkGogRk8-e6jX26cQURJlpQ10bJ-ogOjKy0SHgB9xNgwYCLAXDyJsrpbaqKZIH-wKsKICmYrXPOG6SIE51dlZNL6C-F8zkMhksaTRFOBeIV_LdVYRDAZMT286axBR0mCHd0fba5wDei5aQGyhafLMGmJG5YXZVgzZ0J1MpYk89_mUk0UKFLzSOMP4wbKf6DEiFM93uM2e4ldNgKAQa76Yt0hgNRvmKWISZ82bc7dF0UgcGbO8zGui3Ri0_DeUrWcQXzEfPetS4kG-cIpvthEk7l3VjP0SQKCf24j0qJWbn63qS163_byOiCbqZIH5F76uGYAawpxgjfs22XAxaGbk0akpcgOPjJfNnAR_IxlUzGtXFO67WnGt-W0saUDAo3tW5O2CeXK6b8wgTM38J5g26rGci98MDBkfdcSw0uXD4f-12FkQ-0Y2SmuabPz2lcDxjAfpqLv3HCvdfNmrrKKAPqPQjB4rwpr0K4x2Ku-JWCzEA9oDZ6g2hQMDqOB5wvEopMdxs5SOIl-Xc7HvrTaxEQw2IQzlspGVcrbDwy-qlv4M8OyTw7EynoazqjuhjetUiTOzUNqa1x5jUsWnBNH6ym3i-Z7vNY2lc2u6v_ntME7XjnrZ5tkoc6kAt-8ku-XvAKlVLGnL-2Q5FlcUWH_faE4xSBvrRykuDUMqIcZlD5jpOCUk_8K_67WlW5Hl0v6GmtxO7sO9oZffaJX43Y_uRSlwlHiIyC8GoCbMTnmoQ0kOvlNk6YEclmQjy5NG6S_bcTYAQJAaI6w3d0nmlEpb0gYpysI0KnNZ63ExjXykV5akxoEnF3g&cid=CAASPeRozOMSWR1ABV2kqboCVjZRwhFWMrn6-MloR_6__VWKMtvcONGuEtIVCxxEvetf8-RN0yQ46b310-riJk8&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4791467a2f5ef4a053920995c576ba8e7d01c80280d0593b3a72e449414323d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20580
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D5DF 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dox7P0loDCJ040cpAKL_CIsBFdzUuhxeyIrljEg083EF9-hnfuTwnuqKuDiGsB3bNDB5Xh3MCO8SWsafQ-0pE27iqkRJjZDGO2RyeCUmSsIBtzY7Y
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame D5DF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
296
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:34:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D5DF 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Tue, 20 Apr 2021 07:39:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame D5DF 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:38:08 GMT
css
fonts.googleapis.com/ Frame C0E3 		2 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 06:18:47 GMT
server
ESF
date
Tue, 20 Apr 2021 07:39:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Apr 2021 07:39:11 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame C0E3 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:33:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:33:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C0E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cz5pgH4V-YJvzE9Lz3wOv5YLwDK-iqv1hrITTotEIlaGXyI4OEAEglaf8DWDM4e2B_C6gAZ7jhtADyAEJqQLlncOa5vFoPuACAKgDAcgDmwSqBO8BT9BE-qc3MSRCVUljSSH8wYrgClAQVdNEPv3hSlJ2XH-38wT9IO8espcyduAN8i3yxzxmKFF4feTxbxl8aU2I5Ey3ZjihdIFM4WSInkV-Om6ViBEq8QQsrKgkKXp3n3VpPaubHibcJm06xondgeLZRdQ4m2721c7uyLtOZRhNG7lbb5d3jHb0FfP8S62WFXxrpThhKiecD9Svr3qJ2FZSshlCDLQOVMAVjLwuHPtcGF2XPzvGDgy-4j330u6bTl0Gssb20texbuWB3IodJ9lZ1LqhapYCTBVNk9xtRUijLevW2BBrji4Q6bxTi2aUywXABM3MprmbAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfKnPkvqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD8-AjSCAkIgOGAUBABGB2ACgHICwHYEwuIFAKYFgGyFxoKGAgAEhRwdWItNzMwMjAzNjA4ODc2OTQxNw&sigh=GtoM2zJAcJk&template_id=494
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame C0E3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
5240039360651012885
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:39:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame C0E3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
296
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:34:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C0E3 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Tue, 20 Apr 2021 07:39:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame C0E3 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:38:08 GMT
l
www.google.com/ads/measurement/ Frame C0E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6rKe5NlcuTqxMXYtuwZbPn6lV8jI9GnYzwrMxY62g6LXY4cgENvpU9WKKbb-Zs3Y-6xyQ
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a0b5068ca1fc7f6ff765c7833258ec42.js
www.gstatic.com/mysidia/ Frame C0E3 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 10:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 02:07:20 GMT
server
sffe
age
76347
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10491
x-xss-protection
0
expires
Sun, 18 Jul 2021 10:26:44 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame C0E3 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSiRkEnl77TPXPMdnJ9Ke7xbboy9hOuAbP96iJLfFsM7osD1HYtjIvWPkVhczo&usqp=CAI
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59f0add375fd8730e07dbd559870124e0b167f8fa6ce53c06580907ba4c4a510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 14:41:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Jan 2019 18:52:59 GMT
server
sffe
age
493072
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16561
x-xss-protection
0
expires
Thu, 14 Apr 2022 14:41:19 GMT
truncated
/ Frame C0E3 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29b463a65a03d7915d022df12db018494b3aeac05df0121278323a62441a2f33

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn1.gstatic.com/ Frame C0E3 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcT3ljdTg8xwxjfj6SXJvGvM7kguFR8C116cWqyED8Yqu2Cl3pU&usqp=CAI
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f9631228b15526e5e750792b9e87363cdc8505a9a20758f46b48669db955dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 10:06:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Oct 2020 22:53:33 GMT
server
sffe
age
336738
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34676
x-xss-protection
0
expires
Sat, 16 Apr 2022 10:06:53 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame C0E3 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQT3xB05p67pBRRMt8BEkGBes1WhusuwagFksGUqfcHordaItw&usqp=CAI
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4575a9a9467e190db27e1d9405fe38cfd74575e92b522c166fe9fb285dbc541a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 05:54:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 05:42:43 GMT
server
sffe
age
179100
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16742
x-xss-protection
0
expires
Mon, 18 Apr 2022 05:54:11 GMT
7229823777879110783
tpc.googlesyndication.com/simgad/ Frame C0E3
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCbytu53wEQ0A8Y0A8yCG2CAc6upiFS
  • https://tpc.googlesyndication.com/simgad/7229823777879110783
142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7229823777879110783
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46894820aeea1f8c8a9d2b6a5b5ef1c142725af4454cdf48bcbd2ea1aad8fba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:14:17 GMT
x-content-type-options
nosniff
age
451494
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145000
x-xss-protection
0
last-modified
Tue, 24 Sep 2019 08:52:08 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Apr 2022 02:14:17 GMT

Redirect headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 12:56:14 GMT
x-content-type-options
nosniff
server
cafe
age
67377
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/7229823777879110783
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 19 May 2021 12:56:14 GMT
container.html
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6355 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 20 Apr 2021 07:39:11 GMT
expires
Wed, 20 Apr 2022 07:39:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame D5DF 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTeGkUcUB-rLSDg1jwhsDngL5yYyzc7T1xeunoQzi5xdYe8RHcheXVvAdIYP_-d3BOl9Lpr9Im0UWfuiq1Tt-RE7AkElQW247c5Ff4l5P3tNIxS_E1BGzxg5rG39UVE4gUtRKpVaP2ybHo129hVm81yMFlQ&dbm_d=AKAmf-DXNLsd8OC4ySUn_DjKU-qoxbcBBbFbMn01-XU77mwPT6G3dbgoPHoAlHE9L-W_C19LLYXPtwZtHWbr-R2W9sl3IrYYztvNvWg56X4BAJXKjqBsGdd3ZuLIYgKdyOEue8M9HPmIeyrx9V6EbGlYWGweWJ2oEJGwE5THNAPAPHHh-UtLeWRzyTzsI3Z-uXWJ3edHWNPhEoK4RmkvEJ7BsNFkObQ5ngV6q3iZ4hWdJyjZmt6xoBt1VsL74nnwsSZtpSLOrxjjAK3KmpJ6PjTBMapGv_zx-RRj3y_iS2cUTOHA024HM41IdQIkz9B0YqEbr6IgREGv136RjLNiKgNbqRvw6u8X8NDifEnldy9z3vecJgNhQvZRfcXFPFpLAMS0q6MDqHJX2YUi16vKqcMnFgLnJi-2Qne_q7aBGjxQ4yhjelq4ry0lw36oeS39VnmKDsaTzw6N3F-Dez4iHnOP2tRtuzCsXun4rwJHEiPO-KE4hxRMVR5OvQ0OgXztp29XAn783rzENkyBG1-DZCbrUUgqMG_WB-A-BqiGNyRt4qsxDr0DHv5c7YkaQLZLizeaPft2sbqF2hesTvhtNjzr0-wM7qf1LtPH0reoho2BaJkuX2khPhFK2AzbODuZjL1CYzmDpL7ZKMH_mEGi5src0_WsTxZRkr8zahX_g2S9URnin6dcFSjY_hdha4mpDaflbk2cV3pznHWY0aOvTeXQJ7vqRBvdN8xuzgo3XEL5fnuswurDYL5x1dOOS-30DB_EuGtimh8jRsCryeb1sp_jatX4NKuFdnPep8W6D1ociu48yeJT8uYfJeV6I19aqI6eSQe-502BhDVuU8gvzuGX0-yJ-OsmbpgiiKoFHZx6-MyOPNEB3K3qIVCoS-1-Idn08iZq-JPDYU-Cgtas-pYjp6vH21cYMe86PPbl0xV31MvE_nslMNPTDekOGDtt0wU4bbRct-_HcRVRjO4BbPkvX80vt7WKJfIJf99zx6-jz4fHRfEdgmJUXKfOL2IXmP_kwWQ1gGVUcZhCfRrUpkxjW4syqp9ThlU5fY-47eh54JdP4ON0uCydf6BhzXKJ_-cDWvoNhp4kVCiQjS3ASewXVDHp6QgKx8MuZ_Q8QdKG5v4nEYvEk9LcKE5cigCIL-hlopslfBlh8qurUaWklyteve6EzD9GgutT-Z_--ZxuN8wOhjoUXaBQIaSXbWI58rmZYyzsLG3N0Fyk-6xpA7dxVQ76nhYh9yxxmVPGs49hHFu15CpEQWtCPlvxjCZGxmOUl2HgBJ7zEC5wip9fSoQR89hH-hWXIEUnWctPPSektVkBsUrKhNxHFtRQtFPuv8F1okgXTRC6KToTOF4g_JH8CIPXzaq6KUj1ponExecqHT56FDfPuM7qWcSUlYmxipQRsNA4d9pisJjFYPnHphFrBIeXCjRqEG-3WxfnQ1-O16NzzhHSFyjAxizlqzxl0o0QpSUAR2zNC7Be_kaBWnEw7oe9i4VLgxdYrCoDAbmH5Q1Tyadpqj-sKOGIpAS4rfIVRIn-Sd2_UdPdbFawzzDSqABWPGiSwSe6tF-tSsJNutMFIoadY2rWRzkBPCmCZg1tiHCFGl81ll2MvpHsMGKzfOztEm7W_woCgtM2_XTjedDWoeDLI3XHkvnpLe7qvcTAUHhWJPauQ-7xPEaab14gPqnX0JQdQtBJ5bK_WW4I7MYgF4ShUQk0kFbOIL5ZdawINM_k6M-maNmE0Ua-oHKy7YJRvFurkpzsrHVSvr0sHPkbsCOJGssK1tri9LjCBMGo8rSO02SL8N2otXQD5hQvo5ZuvM2iYF__BviSRgDqQkGux7V0oDoWeQVPL-5p3xZCDA1aCNByw3nIYSclfar96_tzUGekLLOW2pOIHxTBK34vPPmIQfHgE7jX7S33V6rjvzm57HWD3EejCx4D_bonwXpCSngTQQRSJL9PG7n7pebxxBUrj3hHaDf_wli0LG1eOfgIgwlkZv33-A3b9O-Ezt9Fdc8Re1ZSDpWZemd67MeI6Z72wLYiLtBUru0cxztKjd5ukJH2F4G0-OC_qaz9vOdElU6gOtMqC-iCdQLlMs44rkLEp6leQiYKyo9wvXgYFPWbd3vyclG0-pBKz52eqL-F99V7bYwH0xZTOWa3zc3qMbVdyiIYtcgBnWO5AatQw_TsZDH5yOJcXIkkWcXsSWcfy40OVO6zIskymrE_W6ra_KjQ_8CttANUsQqBwflBA5raFcmRFPVZTqfOfT0HbxamFSuOxGq2KbyT5AudvvxkGogRk8-e6jX26cQURJlpQ10bJ-ogOjKy0SHgB9xNgwYCLAXDyJsrpbaqKZIH-wKsKICmYrXPOG6SIE51dlZNL6C-F8zkMhksaTRFOBeIV_LdVYRDAZMT286axBR0mCHd0fba5wDei5aQGyhafLMGmJG5YXZVgzZ0J1MpYk89_mUk0UKFLzSOMP4wbKf6DEiFM93uM2e4ldNgKAQa76Yt0hgNRvmKWISZ82bc7dF0UgcGbO8zGui3Ri0_DeUrWcQXzEfPetS4kG-cIpvthEk7l3VjP0SQKCf24j0qJWbn63qS163_byOiCbqZIH5F76uGYAawpxgjfs22XAxaGbk0akpcgOPjJfNnAR_IxlUzGtXFO67WnGt-W0saUDAo3tW5O2CeXK6b8wgTM38J5g26rGci98MDBkfdcSw0uXD4f-12FkQ-0Y2SmuabPz2lcDxjAfpqLv3HCvdfNmrrKKAPqPQjB4rwpr0K4x2Ku-JWCzEA9oDZ6g2hQMDqOB5wvEopMdxs5SOIl-Xc7HvrTaxEQw2IQzlspGVcrbDwy-qlv4M8OyTw7EynoazqjuhjetUiTOzUNqa1x5jUsWnBNH6ym3i-Z7vNY2lc2u6v_ntME7XjnrZ5tkoc6kAt-8ku-XvAKlVLGnL-2Q5FlcUWH_faE4xSBvrRykuDUMqIcZlD5jpOCUk_8K_67WlW5Hl0v6GmtxO7sO9oZffaJX43Y_uRSlwlHiIyC8GoCbMTnmoQ0kOvlNk6YEclmQjy5NG6S_bcTYAQJAaI6w3d0nmlEpb0gYpysI0KnNZ63ExjXykV5akxoEnF3g&cid=CAASPeRozOMSWR1ABV2kqboCVjZRwhFWMrn6-MloR_6__VWKMtvcONGuEtIVCxxEvetf8-RN0yQ46b310-riJk8&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65c88bdeb2f983517f1be4d68218f801ea8201919dbd9edd28359a344d8a0574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
15267579076523134137
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:38:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/ Frame D5DF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTeGkUcUB-rLSDg1jwhsDngL5yYyzc7T1xeunoQzi5xdYe8RHcheXVvAdIYP_-d3BOl9Lpr9Im0UWfuiq1Tt-RE7AkElQW247c5Ff4l5P3tNIxS_E1BGzxg5rG39UVE4gUtRKpVaP2ybHo129hVm81yMFlQ&dbm_d=AKAmf-DXNLsd8OC4ySUn_DjKU-qoxbcBBbFbMn01-XU77mwPT6G3dbgoPHoAlHE9L-W_C19LLYXPtwZtHWbr-R2W9sl3IrYYztvNvWg56X4BAJXKjqBsGdd3ZuLIYgKdyOEue8M9HPmIeyrx9V6EbGlYWGweWJ2oEJGwE5THNAPAPHHh-UtLeWRzyTzsI3Z-uXWJ3edHWNPhEoK4RmkvEJ7BsNFkObQ5ngV6q3iZ4hWdJyjZmt6xoBt1VsL74nnwsSZtpSLOrxjjAK3KmpJ6PjTBMapGv_zx-RRj3y_iS2cUTOHA024HM41IdQIkz9B0YqEbr6IgREGv136RjLNiKgNbqRvw6u8X8NDifEnldy9z3vecJgNhQvZRfcXFPFpLAMS0q6MDqHJX2YUi16vKqcMnFgLnJi-2Qne_q7aBGjxQ4yhjelq4ry0lw36oeS39VnmKDsaTzw6N3F-Dez4iHnOP2tRtuzCsXun4rwJHEiPO-KE4hxRMVR5OvQ0OgXztp29XAn783rzENkyBG1-DZCbrUUgqMG_WB-A-BqiGNyRt4qsxDr0DHv5c7YkaQLZLizeaPft2sbqF2hesTvhtNjzr0-wM7qf1LtPH0reoho2BaJkuX2khPhFK2AzbODuZjL1CYzmDpL7ZKMH_mEGi5src0_WsTxZRkr8zahX_g2S9URnin6dcFSjY_hdha4mpDaflbk2cV3pznHWY0aOvTeXQJ7vqRBvdN8xuzgo3XEL5fnuswurDYL5x1dOOS-30DB_EuGtimh8jRsCryeb1sp_jatX4NKuFdnPep8W6D1ociu48yeJT8uYfJeV6I19aqI6eSQe-502BhDVuU8gvzuGX0-yJ-OsmbpgiiKoFHZx6-MyOPNEB3K3qIVCoS-1-Idn08iZq-JPDYU-Cgtas-pYjp6vH21cYMe86PPbl0xV31MvE_nslMNPTDekOGDtt0wU4bbRct-_HcRVRjO4BbPkvX80vt7WKJfIJf99zx6-jz4fHRfEdgmJUXKfOL2IXmP_kwWQ1gGVUcZhCfRrUpkxjW4syqp9ThlU5fY-47eh54JdP4ON0uCydf6BhzXKJ_-cDWvoNhp4kVCiQjS3ASewXVDHp6QgKx8MuZ_Q8QdKG5v4nEYvEk9LcKE5cigCIL-hlopslfBlh8qurUaWklyteve6EzD9GgutT-Z_--ZxuN8wOhjoUXaBQIaSXbWI58rmZYyzsLG3N0Fyk-6xpA7dxVQ76nhYh9yxxmVPGs49hHFu15CpEQWtCPlvxjCZGxmOUl2HgBJ7zEC5wip9fSoQR89hH-hWXIEUnWctPPSektVkBsUrKhNxHFtRQtFPuv8F1okgXTRC6KToTOF4g_JH8CIPXzaq6KUj1ponExecqHT56FDfPuM7qWcSUlYmxipQRsNA4d9pisJjFYPnHphFrBIeXCjRqEG-3WxfnQ1-O16NzzhHSFyjAxizlqzxl0o0QpSUAR2zNC7Be_kaBWnEw7oe9i4VLgxdYrCoDAbmH5Q1Tyadpqj-sKOGIpAS4rfIVRIn-Sd2_UdPdbFawzzDSqABWPGiSwSe6tF-tSsJNutMFIoadY2rWRzkBPCmCZg1tiHCFGl81ll2MvpHsMGKzfOztEm7W_woCgtM2_XTjedDWoeDLI3XHkvnpLe7qvcTAUHhWJPauQ-7xPEaab14gPqnX0JQdQtBJ5bK_WW4I7MYgF4ShUQk0kFbOIL5ZdawINM_k6M-maNmE0Ua-oHKy7YJRvFurkpzsrHVSvr0sHPkbsCOJGssK1tri9LjCBMGo8rSO02SL8N2otXQD5hQvo5ZuvM2iYF__BviSRgDqQkGux7V0oDoWeQVPL-5p3xZCDA1aCNByw3nIYSclfar96_tzUGekLLOW2pOIHxTBK34vPPmIQfHgE7jX7S33V6rjvzm57HWD3EejCx4D_bonwXpCSngTQQRSJL9PG7n7pebxxBUrj3hHaDf_wli0LG1eOfgIgwlkZv33-A3b9O-Ezt9Fdc8Re1ZSDpWZemd67MeI6Z72wLYiLtBUru0cxztKjd5ukJH2F4G0-OC_qaz9vOdElU6gOtMqC-iCdQLlMs44rkLEp6leQiYKyo9wvXgYFPWbd3vyclG0-pBKz52eqL-F99V7bYwH0xZTOWa3zc3qMbVdyiIYtcgBnWO5AatQw_TsZDH5yOJcXIkkWcXsSWcfy40OVO6zIskymrE_W6ra_KjQ_8CttANUsQqBwflBA5raFcmRFPVZTqfOfT0HbxamFSuOxGq2KbyT5AudvvxkGogRk8-e6jX26cQURJlpQ10bJ-ogOjKy0SHgB9xNgwYCLAXDyJsrpbaqKZIH-wKsKICmYrXPOG6SIE51dlZNL6C-F8zkMhksaTRFOBeIV_LdVYRDAZMT286axBR0mCHd0fba5wDei5aQGyhafLMGmJG5YXZVgzZ0J1MpYk89_mUk0UKFLzSOMP4wbKf6DEiFM93uM2e4ldNgKAQa76Yt0hgNRvmKWISZ82bc7dF0UgcGbO8zGui3Ri0_DeUrWcQXzEfPetS4kG-cIpvthEk7l3VjP0SQKCf24j0qJWbn63qS163_byOiCbqZIH5F76uGYAawpxgjfs22XAxaGbk0akpcgOPjJfNnAR_IxlUzGtXFO67WnGt-W0saUDAo3tW5O2CeXK6b8wgTM38J5g26rGci98MDBkfdcSw0uXD4f-12FkQ-0Y2SmuabPz2lcDxjAfpqLv3HCvdfNmrrKKAPqPQjB4rwpr0K4x2Ku-JWCzEA9oDZ6g2hQMDqOB5wvEopMdxs5SOIl-Xc7HvrTaxEQw2IQzlspGVcrbDwy-qlv4M8OyTw7EynoazqjuhjetUiTOzUNqa1x5jUsWnBNH6ym3i-Z7vNY2lc2u6v_ntME7XjnrZ5tkoc6kAt-8ku-XvAKlVLGnL-2Q5FlcUWH_faE4xSBvrRykuDUMqIcZlD5jpOCUk_8K_67WlW5Hl0v6GmtxO7sO9oZffaJX43Y_uRSlwlHiIyC8GoCbMTnmoQ0kOvlNk6YEclmQjy5NG6S_bcTYAQJAaI6w3d0nmlEpb0gYpysI0KnNZ63ExjXykV5akxoEnF3g&cid=CAASPeRozOMSWR1ABV2kqboCVjZRwhFWMrn6-MloR_6__VWKMtvcONGuEtIVCxxEvetf8-RN0yQ46b310-riJk8&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:38:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:38:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D5DF 		0
566 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv28AR8SOfgoCobhCB1ErE_Dk_zTAiBVkmSDWVAKUyPncQX1feo_RKxIWf9wmN2HCiRn00D5IkeUVUcR4QBukNJnkOVmh_fqp39RHFmg0Z4Qve_J7ER7Xy0fdq1lGUS3D5etnmTRAveLbsBwd9qYjmjc1SBbLr_tb0na0fSm5aw2pWU0kpUFODjLGHJaKsv6HhOtj3ledMgZYUKS8lXI1LiOE7ut7fMSxAVnXC_6XoKpIvQOMG4YbpKRq9sIGlFTsSS4NSoCl8bKouC4NFuV-3QWMQ14JCnVx65x9abinlUjOg12vBiFwkXTYvGEY-SEfFAzxCxg3Ms12xm_LlXLXhyIIYwTw070DFHgmv9CQjz5eypv7-L690j3msFvqmiXtnUrdzeSmDxMCyVxNRuq8M0a2oMPL_9tZogDdLSshZ8-RwIXzMoksUyi1d3QG0psqgRW6zhnfvQrqEVlqzCoe3ISil53ZY4N5YGVXWuvVGP9g0Iuc9z5Ih0kO0qaR3jcDArlnqVQiTT-hRZkmPm296i48tpHGU_Fmo5eb6zDzZF84STthuuZ-vO3DHhKrz5NpB5guWZu5ArU-7lq6HPzGqCxcxBWbZuHv9gD0CGsaNQxBJNqW_rSAxiOeJyNJL_7B35qGo8c4j9s1a6IXmbkEaiGrx0CyMqoUA5O7mzm3Gh3jcmRoRPn8TT2WrJT0QClw5PhhNX66iy_E5S6VacNGhJW4C8xwLrOe1vCIKDRyF5V6acRU9KX-P8aCbAEi6SbjOKd0ANVoTQhoVKu-e6kovMa-9BH4HQoK0KLL6k6OuO8cHYfjxxF96WzwdHL4Mwi-W8ZO058gjFV_oLDxo_f9u79hfKMSE4-ggAKQO2229DRoEnFrI0Soyofc3dPjibudT4H9gy4E6xBmsiRXtd59DHVydktDVbKQfunVivYXSJlNAWbzF6NnJLBQs9fpj_S8rE6L87asgkBhAIgN_5S9HuU8wNurrEL6uDdFN4BWs7i72xWKuzxHHP_lYjhvlGPuxPNFlj1TT92FX-dSmqbg3A7BFV2Ol93KpjrSoAjjLGP7GFo5IYDnRzzBHN5JSPzkqEPqHywWh023D-o12hLcxl-Gw75nXLFbKS_8FDDtDTE-nVjHGXKSLx-ovZcR4XtW--c2Y7cmF8Cz1Xhg2l8ejnFNyeE-6fM3ocmV5uQLscpWTvCST7cmvq9LauZH4gGdElmxuDtKkIGIZpTq9T&sai=AMfl-YS7_dm7HAXeVU8d0-eaujyZq7jl59M3fYmozT7gy-ONFZr4v5QaTNGGZN7FJx-SjhPN9OyFKsGORiR4fhdFs8thoeY-Z2TM6whnfV3wqseP1zN25v9w6AH3ofyF7x_3hML-X27G18d1yDq8ryh85729OQstpjS9aZXPuuwE1cl-oC0D3XCeUsGwEjy9f2Pub0XAF6D955e65gvkJ_G34KOTaIAk2sH0C77Jkev2gSjDA010xz7EEhxc0j9UmRnbBw&sig=Cg0ArKJSzLYhduwCKapkEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210415.00866&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTeGkUcUB-rLSDg1jwhsDngL5yYyzc7T1xeunoQzi5xdYe8RHcheXVvAdIYP_-d3BOl9Lpr9Im0UWfuiq1Tt-RE7AkElQW247c5Ff4l5P3tNIxS_E1BGzxg5rG39UVE4gUtRKpVaP2ybHo129hVm81yMFlQ&dbm_d=AKAmf-DXNLsd8OC4ySUn_DjKU-qoxbcBBbFbMn01-XU77mwPT6G3dbgoPHoAlHE9L-W_C19LLYXPtwZtHWbr-R2W9sl3IrYYztvNvWg56X4BAJXKjqBsGdd3ZuLIYgKdyOEue8M9HPmIeyrx9V6EbGlYWGweWJ2oEJGwE5THNAPAPHHh-UtLeWRzyTzsI3Z-uXWJ3edHWNPhEoK4RmkvEJ7BsNFkObQ5ngV6q3iZ4hWdJyjZmt6xoBt1VsL74nnwsSZtpSLOrxjjAK3KmpJ6PjTBMapGv_zx-RRj3y_iS2cUTOHA024HM41IdQIkz9B0YqEbr6IgREGv136RjLNiKgNbqRvw6u8X8NDifEnldy9z3vecJgNhQvZRfcXFPFpLAMS0q6MDqHJX2YUi16vKqcMnFgLnJi-2Qne_q7aBGjxQ4yhjelq4ry0lw36oeS39VnmKDsaTzw6N3F-Dez4iHnOP2tRtuzCsXun4rwJHEiPO-KE4hxRMVR5OvQ0OgXztp29XAn783rzENkyBG1-DZCbrUUgqMG_WB-A-BqiGNyRt4qsxDr0DHv5c7YkaQLZLizeaPft2sbqF2hesTvhtNjzr0-wM7qf1LtPH0reoho2BaJkuX2khPhFK2AzbODuZjL1CYzmDpL7ZKMH_mEGi5src0_WsTxZRkr8zahX_g2S9URnin6dcFSjY_hdha4mpDaflbk2cV3pznHWY0aOvTeXQJ7vqRBvdN8xuzgo3XEL5fnuswurDYL5x1dOOS-30DB_EuGtimh8jRsCryeb1sp_jatX4NKuFdnPep8W6D1ociu48yeJT8uYfJeV6I19aqI6eSQe-502BhDVuU8gvzuGX0-yJ-OsmbpgiiKoFHZx6-MyOPNEB3K3qIVCoS-1-Idn08iZq-JPDYU-Cgtas-pYjp6vH21cYMe86PPbl0xV31MvE_nslMNPTDekOGDtt0wU4bbRct-_HcRVRjO4BbPkvX80vt7WKJfIJf99zx6-jz4fHRfEdgmJUXKfOL2IXmP_kwWQ1gGVUcZhCfRrUpkxjW4syqp9ThlU5fY-47eh54JdP4ON0uCydf6BhzXKJ_-cDWvoNhp4kVCiQjS3ASewXVDHp6QgKx8MuZ_Q8QdKG5v4nEYvEk9LcKE5cigCIL-hlopslfBlh8qurUaWklyteve6EzD9GgutT-Z_--ZxuN8wOhjoUXaBQIaSXbWI58rmZYyzsLG3N0Fyk-6xpA7dxVQ76nhYh9yxxmVPGs49hHFu15CpEQWtCPlvxjCZGxmOUl2HgBJ7zEC5wip9fSoQR89hH-hWXIEUnWctPPSektVkBsUrKhNxHFtRQtFPuv8F1okgXTRC6KToTOF4g_JH8CIPXzaq6KUj1ponExecqHT56FDfPuM7qWcSUlYmxipQRsNA4d9pisJjFYPnHphFrBIeXCjRqEG-3WxfnQ1-O16NzzhHSFyjAxizlqzxl0o0QpSUAR2zNC7Be_kaBWnEw7oe9i4VLgxdYrCoDAbmH5Q1Tyadpqj-sKOGIpAS4rfIVRIn-Sd2_UdPdbFawzzDSqABWPGiSwSe6tF-tSsJNutMFIoadY2rWRzkBPCmCZg1tiHCFGl81ll2MvpHsMGKzfOztEm7W_woCgtM2_XTjedDWoeDLI3XHkvnpLe7qvcTAUHhWJPauQ-7xPEaab14gPqnX0JQdQtBJ5bK_WW4I7MYgF4ShUQk0kFbOIL5ZdawINM_k6M-maNmE0Ua-oHKy7YJRvFurkpzsrHVSvr0sHPkbsCOJGssK1tri9LjCBMGo8rSO02SL8N2otXQD5hQvo5ZuvM2iYF__BviSRgDqQkGux7V0oDoWeQVPL-5p3xZCDA1aCNByw3nIYSclfar96_tzUGekLLOW2pOIHxTBK34vPPmIQfHgE7jX7S33V6rjvzm57HWD3EejCx4D_bonwXpCSngTQQRSJL9PG7n7pebxxBUrj3hHaDf_wli0LG1eOfgIgwlkZv33-A3b9O-Ezt9Fdc8Re1ZSDpWZemd67MeI6Z72wLYiLtBUru0cxztKjd5ukJH2F4G0-OC_qaz9vOdElU6gOtMqC-iCdQLlMs44rkLEp6leQiYKyo9wvXgYFPWbd3vyclG0-pBKz52eqL-F99V7bYwH0xZTOWa3zc3qMbVdyiIYtcgBnWO5AatQw_TsZDH5yOJcXIkkWcXsSWcfy40OVO6zIskymrE_W6ra_KjQ_8CttANUsQqBwflBA5raFcmRFPVZTqfOfT0HbxamFSuOxGq2KbyT5AudvvxkGogRk8-e6jX26cQURJlpQ10bJ-ogOjKy0SHgB9xNgwYCLAXDyJsrpbaqKZIH-wKsKICmYrXPOG6SIE51dlZNL6C-F8zkMhksaTRFOBeIV_LdVYRDAZMT286axBR0mCHd0fba5wDei5aQGyhafLMGmJG5YXZVgzZ0J1MpYk89_mUk0UKFLzSOMP4wbKf6DEiFM93uM2e4ldNgKAQa76Yt0hgNRvmKWISZ82bc7dF0UgcGbO8zGui3Ri0_DeUrWcQXzEfPetS4kG-cIpvthEk7l3VjP0SQKCf24j0qJWbn63qS163_byOiCbqZIH5F76uGYAawpxgjfs22XAxaGbk0akpcgOPjJfNnAR_IxlUzGtXFO67WnGt-W0saUDAo3tW5O2CeXK6b8wgTM38J5g26rGci98MDBkfdcSw0uXD4f-12FkQ-0Y2SmuabPz2lcDxjAfpqLv3HCvdfNmrrKKAPqPQjB4rwpr0K4x2Ku-JWCzEA9oDZ6g2hQMDqOB5wvEopMdxs5SOIl-Xc7HvrTaxEQw2IQzlspGVcrbDwy-qlv4M8OyTw7EynoazqjuhjetUiTOzUNqa1x5jUsWnBNH6ym3i-Z7vNY2lc2u6v_ntME7XjnrZ5tkoc6kAt-8ku-XvAKlVLGnL-2Q5FlcUWH_faE4xSBvrRykuDUMqIcZlD5jpOCUk_8K_67WlW5Hl0v6GmtxO7sO9oZffaJX43Y_uRSlwlHiIyC8GoCbMTnmoQ0kOvlNk6YEclmQjy5NG6S_bcTYAQJAaI6w3d0nmlEpb0gYpysI0KnNZ63ExjXykV5akxoEnF3g&cid=CAASPeRozOMSWR1ABV2kqboCVjZRwhFWMrn6-MloR_6__VWKMtvcONGuEtIVCxxEvetf8-RN0yQ46b310-riJk8&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 20 Apr 2021 07:39:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D5DF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTeGkUcUB-rLSDg1jwhsDngL5yYyzc7T1xeunoQzi5xdYe8RHcheXVvAdIYP_-d3BOl9Lpr9Im0UWfuiq1Tt-RE7AkElQW247c5Ff4l5P3tNIxS_E1BGzxg5rG39UVE4gUtRKpVaP2ybHo129hVm81yMFlQ&dbm_d=AKAmf-DXNLsd8OC4ySUn_DjKU-qoxbcBBbFbMn01-XU77mwPT6G3dbgoPHoAlHE9L-W_C19LLYXPtwZtHWbr-R2W9sl3IrYYztvNvWg56X4BAJXKjqBsGdd3ZuLIYgKdyOEue8M9HPmIeyrx9V6EbGlYWGweWJ2oEJGwE5THNAPAPHHh-UtLeWRzyTzsI3Z-uXWJ3edHWNPhEoK4RmkvEJ7BsNFkObQ5ngV6q3iZ4hWdJyjZmt6xoBt1VsL74nnwsSZtpSLOrxjjAK3KmpJ6PjTBMapGv_zx-RRj3y_iS2cUTOHA024HM41IdQIkz9B0YqEbr6IgREGv136RjLNiKgNbqRvw6u8X8NDifEnldy9z3vecJgNhQvZRfcXFPFpLAMS0q6MDqHJX2YUi16vKqcMnFgLnJi-2Qne_q7aBGjxQ4yhjelq4ry0lw36oeS39VnmKDsaTzw6N3F-Dez4iHnOP2tRtuzCsXun4rwJHEiPO-KE4hxRMVR5OvQ0OgXztp29XAn783rzENkyBG1-DZCbrUUgqMG_WB-A-BqiGNyRt4qsxDr0DHv5c7YkaQLZLizeaPft2sbqF2hesTvhtNjzr0-wM7qf1LtPH0reoho2BaJkuX2khPhFK2AzbODuZjL1CYzmDpL7ZKMH_mEGi5src0_WsTxZRkr8zahX_g2S9URnin6dcFSjY_hdha4mpDaflbk2cV3pznHWY0aOvTeXQJ7vqRBvdN8xuzgo3XEL5fnuswurDYL5x1dOOS-30DB_EuGtimh8jRsCryeb1sp_jatX4NKuFdnPep8W6D1ociu48yeJT8uYfJeV6I19aqI6eSQe-502BhDVuU8gvzuGX0-yJ-OsmbpgiiKoFHZx6-MyOPNEB3K3qIVCoS-1-Idn08iZq-JPDYU-Cgtas-pYjp6vH21cYMe86PPbl0xV31MvE_nslMNPTDekOGDtt0wU4bbRct-_HcRVRjO4BbPkvX80vt7WKJfIJf99zx6-jz4fHRfEdgmJUXKfOL2IXmP_kwWQ1gGVUcZhCfRrUpkxjW4syqp9ThlU5fY-47eh54JdP4ON0uCydf6BhzXKJ_-cDWvoNhp4kVCiQjS3ASewXVDHp6QgKx8MuZ_Q8QdKG5v4nEYvEk9LcKE5cigCIL-hlopslfBlh8qurUaWklyteve6EzD9GgutT-Z_--ZxuN8wOhjoUXaBQIaSXbWI58rmZYyzsLG3N0Fyk-6xpA7dxVQ76nhYh9yxxmVPGs49hHFu15CpEQWtCPlvxjCZGxmOUl2HgBJ7zEC5wip9fSoQR89hH-hWXIEUnWctPPSektVkBsUrKhNxHFtRQtFPuv8F1okgXTRC6KToTOF4g_JH8CIPXzaq6KUj1ponExecqHT56FDfPuM7qWcSUlYmxipQRsNA4d9pisJjFYPnHphFrBIeXCjRqEG-3WxfnQ1-O16NzzhHSFyjAxizlqzxl0o0QpSUAR2zNC7Be_kaBWnEw7oe9i4VLgxdYrCoDAbmH5Q1Tyadpqj-sKOGIpAS4rfIVRIn-Sd2_UdPdbFawzzDSqABWPGiSwSe6tF-tSsJNutMFIoadY2rWRzkBPCmCZg1tiHCFGl81ll2MvpHsMGKzfOztEm7W_woCgtM2_XTjedDWoeDLI3XHkvnpLe7qvcTAUHhWJPauQ-7xPEaab14gPqnX0JQdQtBJ5bK_WW4I7MYgF4ShUQk0kFbOIL5ZdawINM_k6M-maNmE0Ua-oHKy7YJRvFurkpzsrHVSvr0sHPkbsCOJGssK1tri9LjCBMGo8rSO02SL8N2otXQD5hQvo5ZuvM2iYF__BviSRgDqQkGux7V0oDoWeQVPL-5p3xZCDA1aCNByw3nIYSclfar96_tzUGekLLOW2pOIHxTBK34vPPmIQfHgE7jX7S33V6rjvzm57HWD3EejCx4D_bonwXpCSngTQQRSJL9PG7n7pebxxBUrj3hHaDf_wli0LG1eOfgIgwlkZv33-A3b9O-Ezt9Fdc8Re1ZSDpWZemd67MeI6Z72wLYiLtBUru0cxztKjd5ukJH2F4G0-OC_qaz9vOdElU6gOtMqC-iCdQLlMs44rkLEp6leQiYKyo9wvXgYFPWbd3vyclG0-pBKz52eqL-F99V7bYwH0xZTOWa3zc3qMbVdyiIYtcgBnWO5AatQw_TsZDH5yOJcXIkkWcXsSWcfy40OVO6zIskymrE_W6ra_KjQ_8CttANUsQqBwflBA5raFcmRFPVZTqfOfT0HbxamFSuOxGq2KbyT5AudvvxkGogRk8-e6jX26cQURJlpQ10bJ-ogOjKy0SHgB9xNgwYCLAXDyJsrpbaqKZIH-wKsKICmYrXPOG6SIE51dlZNL6C-F8zkMhksaTRFOBeIV_LdVYRDAZMT286axBR0mCHd0fba5wDei5aQGyhafLMGmJG5YXZVgzZ0J1MpYk89_mUk0UKFLzSOMP4wbKf6DEiFM93uM2e4ldNgKAQa76Yt0hgNRvmKWISZ82bc7dF0UgcGbO8zGui3Ri0_DeUrWcQXzEfPetS4kG-cIpvthEk7l3VjP0SQKCf24j0qJWbn63qS163_byOiCbqZIH5F76uGYAawpxgjfs22XAxaGbk0akpcgOPjJfNnAR_IxlUzGtXFO67WnGt-W0saUDAo3tW5O2CeXK6b8wgTM38J5g26rGci98MDBkfdcSw0uXD4f-12FkQ-0Y2SmuabPz2lcDxjAfpqLv3HCvdfNmrrKKAPqPQjB4rwpr0K4x2Ku-JWCzEA9oDZ6g2hQMDqOB5wvEopMdxs5SOIl-Xc7HvrTaxEQw2IQzlspGVcrbDwy-qlv4M8OyTw7EynoazqjuhjetUiTOzUNqa1x5jUsWnBNH6ym3i-Z7vNY2lc2u6v_ntME7XjnrZ5tkoc6kAt-8ku-XvAKlVLGnL-2Q5FlcUWH_faE4xSBvrRykuDUMqIcZlD5jpOCUk_8K_67WlW5Hl0v6GmtxO7sO9oZffaJX43Y_uRSlwlHiIyC8GoCbMTnmoQ0kOvlNk6YEclmQjy5NG6S_bcTYAQJAaI6w3d0nmlEpb0gYpysI0KnNZ63ExjXykV5akxoEnF3g&cid=CAASPeRozOMSWR1ABV2kqboCVjZRwhFWMrn6-MloR_6__VWKMtvcONGuEtIVCxxEvetf8-RN0yQ46b310-riJk8&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 13:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64418
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 13:45:33 GMT
SS2021_DV360_SS21_Guess_160x600_20210301.jpg
s0.2mdn.net/9389849/ Frame D5DF 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9389849/SS2021_DV360_SS21_Guess_160x600_20210301.jpg
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2df81a21342e8e2ec2a17738dac199c55a248712dc3a2804b701f38d7acf5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 20:58:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 15:07:19 GMT
server
sffe
age
38464
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100011
x-xss-protection
0
expires
Tue, 20 Apr 2021 20:58:08 GMT
sync
partners.tremorhub.com/ Frame B511
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEM0qsSHqht8EFOBvgVH6G2M&google_cver=1
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEM0qsSHqht8EFOBvgVH6G2M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRD_krICGIWU1qMBMAE&v=APEucNWlMud8fYUE3yKDJWcBGAe2EL4J3yiaKi_5dUfvXu97FzMsvpLvp5Nt-onczyHlpTgseCmB4d-CNn-mv1xn_HFD45uAUFNbpjUbjx2UUMAQjdncCcQzIyObgAKQs_k2VE3dKUYb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:5e41:f643:f5d9:712d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:13 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEM0qsSHqht8EFOBvgVH6G2M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame C0E3 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c25fee9760ab3bbf8f9b0865782ac0f978b3d414b9e54fee89943ed572c817b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame C0E3 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:32 GMT
server
sffe
age
164134
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDvD9oS_a.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame C0E3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDvD9oS_a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
171b7202bd88c01135aff85554b7293c7cfbb15ec83803866343dce39f6a29a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:34 GMT
server
sffe
age
164134
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14856
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
css
fonts.googleapis.com/ Frame 6355 		5 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac448c4dc7cde4494ffa0350d3228b4285034a0e99e81838560d4ed1024cd1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 07:13:40 GMT
server
ESF
date
Tue, 20 Apr 2021 07:39:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Apr 2021 07:39:12 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 6355 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:33:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:33:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6355 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqI4zH4V-YNXEFPKqrASV2abAAZbd77davpTu_44M9Yrryc4IEAEgldSZH2DM4e2B_C6gAavSj9YCyAEJqQLlncOa5vFoPuACAKgDAcgDmwSqBNwBT9CX-swdyyCwz-BnkN5VgJmM1UUXz6BNapteoRbsTCv4g2PhJ2-KKZAf7i3WvJIfdTriZ8BpMl6ifmaR4AUxNWjbYGkGPTdLgcvClZo0SbMuMFlRJkWYBQHP4E76qu7PYCmDKTK31YcEqrFyqQtvGBcDALzT0PTXUbodolPU0NkOGv3M5BZLuwe7ioMIJlh2o-BrsgW8fqEHJoXr9K6Fye_lskAHjlVWRl6kcGBwGjcCcd4N42QCoAPZwqyAZQN31sHgWnO6XSfXG5P0tp2eXBmYrfT4Jge014E0nsAEgJiE6KED4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB86C-w-oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEL-OD9IICQiA4YBQEAEYHYAKA8gLAdgTC4gUAdAVAZgWAYAXAbIXGgoYCAASFHB1Yi02MzU3MTU3MDIwODgxNzk3&sigh=nSwWFWyYPuw&template_id=494
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 6355 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
5240039360651012885
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:39:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 6355 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:34:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6355 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Tue, 20 Apr 2021 07:39:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 6355 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:38:08 GMT
a0b5068ca1fc7f6ff765c7833258ec42.js
www.gstatic.com/mysidia/ Frame 6355 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 10:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 02:07:20 GMT
server
sffe
age
76348
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10491
x-xss-protection
0
expires
Sun, 18 Jul 2021 10:26:44 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 42C4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 19 Apr 2021 19:27:31 GMT
expires
Tue, 19 Apr 2022 19:27:31 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
43901
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame D5DF 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv28AR8SOfgoCobhCB1ErE_Dk_zTAiBVkmSDWVAKUyPncQX1feo_RKxIWf9wmN2HCiRn00D5IkeUVUcR4QBukNJnkOVmh_fqp39RHFmg0Z4Qve_J7ER7Xy0fdq1lGUS3D5etnmTRAveLbsBwd9qYjmjc1SBbLr_tb0na0fSm5aw2pWU0kpUFODjLGHJaKsv6HhOtj3ledMgZYUKS8lXI1LiOE7ut7fMSxAVnXC_6XoKpIvQOMG4YbpKRq9sIGlFTsSS4NSoCl8bKouC4NFuV-3QWMQ14JCnVx65x9abinlUjOg12vBiFwkXTYvGEY-SEfFAzxCxg3Ms12xm_LlXLXhyIIYwTw070DFHgmv9CQjz5eypv7-L690j3msFvqmiXtnUrdzeSmDxMCyVxNRuq8M0a2oMPL_9tZogDdLSshZ8-RwIXzMoksUyi1d3QG0psqgRW6zhnfvQrqEVlqzCoe3ISil53ZY4N5YGVXWuvVGP9g0Iuc9z5Ih0kO0qaR3jcDArlnqVQiTT-hRZkmPm296i48tpHGU_Fmo5eb6zDzZF84STthuuZ-vO3DHhKrz5NpB5guWZu5ArU-7lq6HPzGqCxcxBWbZuHv9gD0CGsaNQxBJNqW_rSAxiOeJyNJL_7B35qGo8c4j9s1a6IXmbkEaiGrx0CyMqoUA5O7mzm3Gh3jcmRoRPn8TT2WrJT0QClw5PhhNX66iy_E5S6VacNGhJW4C8xwLrOe1vCIKDRyF5V6acRU9KX-P8aCbAEi6SbjOKd0ANVoTQhoVKu-e6kovMa-9BH4HQoK0KLL6k6OuO8cHYfjxxF96WzwdHL4Mwi-W8ZO058gjFV_oLDxo_f9u79hfKMSE4-ggAKQO2229DRoEnFrI0Soyofc3dPjibudT4H9gy4E6xBmsiRXtd59DHVydktDVbKQfunVivYXSJlNAWbzF6NnJLBQs9fpj_S8rE6L87asgkBhAIgN_5S9HuU8wNurrEL6uDdFN4BWs7i72xWKuzxHHP_lYjhvlGPuxPNFlj1TT92FX-dSmqbg3A7BFV2Ol93KpjrSoAjjLGP7GFo5IYDnRzzBHN5JSPzkqEPqHywWh023D-o12hLcxl-Gw75nXLFbKS_8FDDtDTE-nVjHGXKSLx-ovZcR4XtW--c2Y7cmF8Cz1Xhg2l8ejnFNyeE-6fM3ocmV5uQLscpWTvCST7cmvq9LauZH4gGdElmxuDtKkIGIZpTq9T&sai=AMfl-YS7_dm7HAXeVU8d0-eaujyZq7jl59M3fYmozT7gy-ONFZr4v5QaTNGGZN7FJx-SjhPN9OyFKsGORiR4fhdFs8thoeY-Z2TM6whnfV3wqseP1zN25v9w6AH3ofyF7x_3hML-X27G18d1yDq8ryh85729OQstpjS9aZXPuuwE1cl-oC0D3XCeUsGwEjy9f2Pub0XAF6D955e65gvkJ_G34KOTaIAk2sH0C77Jkev2gSjDA010xz7EEhxc0j9UmRnbBw&sig=Cg0ArKJSzLYhduwCKapkEAE&urlfix=1&omid=0&rm=1&ctpt=236&vt=11&dtpt=235&dett=2&cstd=0&cisv=r20210415.00866&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTeGkUcUB-rLSDg1jwhsDngL5yYyzc7T1xeunoQzi5xdYe8RHcheXVvAdIYP_-d3BOl9Lpr9Im0UWfuiq1Tt-RE7AkElQW247c5Ff4l5P3tNIxS_E1BGzxg5rG39UVE4gUtRKpVaP2ybHo129hVm81yMFlQ&dbm_d=AKAmf-DXNLsd8OC4ySUn_DjKU-qoxbcBBbFbMn01-XU77mwPT6G3dbgoPHoAlHE9L-W_C19LLYXPtwZtHWbr-R2W9sl3IrYYztvNvWg56X4BAJXKjqBsGdd3ZuLIYgKdyOEue8M9HPmIeyrx9V6EbGlYWGweWJ2oEJGwE5THNAPAPHHh-UtLeWRzyTzsI3Z-uXWJ3edHWNPhEoK4RmkvEJ7BsNFkObQ5ngV6q3iZ4hWdJyjZmt6xoBt1VsL74nnwsSZtpSLOrxjjAK3KmpJ6PjTBMapGv_zx-RRj3y_iS2cUTOHA024HM41IdQIkz9B0YqEbr6IgREGv136RjLNiKgNbqRvw6u8X8NDifEnldy9z3vecJgNhQvZRfcXFPFpLAMS0q6MDqHJX2YUi16vKqcMnFgLnJi-2Qne_q7aBGjxQ4yhjelq4ry0lw36oeS39VnmKDsaTzw6N3F-Dez4iHnOP2tRtuzCsXun4rwJHEiPO-KE4hxRMVR5OvQ0OgXztp29XAn783rzENkyBG1-DZCbrUUgqMG_WB-A-BqiGNyRt4qsxDr0DHv5c7YkaQLZLizeaPft2sbqF2hesTvhtNjzr0-wM7qf1LtPH0reoho2BaJkuX2khPhFK2AzbODuZjL1CYzmDpL7ZKMH_mEGi5src0_WsTxZRkr8zahX_g2S9URnin6dcFSjY_hdha4mpDaflbk2cV3pznHWY0aOvTeXQJ7vqRBvdN8xuzgo3XEL5fnuswurDYL5x1dOOS-30DB_EuGtimh8jRsCryeb1sp_jatX4NKuFdnPep8W6D1ociu48yeJT8uYfJeV6I19aqI6eSQe-502BhDVuU8gvzuGX0-yJ-OsmbpgiiKoFHZx6-MyOPNEB3K3qIVCoS-1-Idn08iZq-JPDYU-Cgtas-pYjp6vH21cYMe86PPbl0xV31MvE_nslMNPTDekOGDtt0wU4bbRct-_HcRVRjO4BbPkvX80vt7WKJfIJf99zx6-jz4fHRfEdgmJUXKfOL2IXmP_kwWQ1gGVUcZhCfRrUpkxjW4syqp9ThlU5fY-47eh54JdP4ON0uCydf6BhzXKJ_-cDWvoNhp4kVCiQjS3ASewXVDHp6QgKx8MuZ_Q8QdKG5v4nEYvEk9LcKE5cigCIL-hlopslfBlh8qurUaWklyteve6EzD9GgutT-Z_--ZxuN8wOhjoUXaBQIaSXbWI58rmZYyzsLG3N0Fyk-6xpA7dxVQ76nhYh9yxxmVPGs49hHFu15CpEQWtCPlvxjCZGxmOUl2HgBJ7zEC5wip9fSoQR89hH-hWXIEUnWctPPSektVkBsUrKhNxHFtRQtFPuv8F1okgXTRC6KToTOF4g_JH8CIPXzaq6KUj1ponExecqHT56FDfPuM7qWcSUlYmxipQRsNA4d9pisJjFYPnHphFrBIeXCjRqEG-3WxfnQ1-O16NzzhHSFyjAxizlqzxl0o0QpSUAR2zNC7Be_kaBWnEw7oe9i4VLgxdYrCoDAbmH5Q1Tyadpqj-sKOGIpAS4rfIVRIn-Sd2_UdPdbFawzzDSqABWPGiSwSe6tF-tSsJNutMFIoadY2rWRzkBPCmCZg1tiHCFGl81ll2MvpHsMGKzfOztEm7W_woCgtM2_XTjedDWoeDLI3XHkvnpLe7qvcTAUHhWJPauQ-7xPEaab14gPqnX0JQdQtBJ5bK_WW4I7MYgF4ShUQk0kFbOIL5ZdawINM_k6M-maNmE0Ua-oHKy7YJRvFurkpzsrHVSvr0sHPkbsCOJGssK1tri9LjCBMGo8rSO02SL8N2otXQD5hQvo5ZuvM2iYF__BviSRgDqQkGux7V0oDoWeQVPL-5p3xZCDA1aCNByw3nIYSclfar96_tzUGekLLOW2pOIHxTBK34vPPmIQfHgE7jX7S33V6rjvzm57HWD3EejCx4D_bonwXpCSngTQQRSJL9PG7n7pebxxBUrj3hHaDf_wli0LG1eOfgIgwlkZv33-A3b9O-Ezt9Fdc8Re1ZSDpWZemd67MeI6Z72wLYiLtBUru0cxztKjd5ukJH2F4G0-OC_qaz9vOdElU6gOtMqC-iCdQLlMs44rkLEp6leQiYKyo9wvXgYFPWbd3vyclG0-pBKz52eqL-F99V7bYwH0xZTOWa3zc3qMbVdyiIYtcgBnWO5AatQw_TsZDH5yOJcXIkkWcXsSWcfy40OVO6zIskymrE_W6ra_KjQ_8CttANUsQqBwflBA5raFcmRFPVZTqfOfT0HbxamFSuOxGq2KbyT5AudvvxkGogRk8-e6jX26cQURJlpQ10bJ-ogOjKy0SHgB9xNgwYCLAXDyJsrpbaqKZIH-wKsKICmYrXPOG6SIE51dlZNL6C-F8zkMhksaTRFOBeIV_LdVYRDAZMT286axBR0mCHd0fba5wDei5aQGyhafLMGmJG5YXZVgzZ0J1MpYk89_mUk0UKFLzSOMP4wbKf6DEiFM93uM2e4ldNgKAQa76Yt0hgNRvmKWISZ82bc7dF0UgcGbO8zGui3Ri0_DeUrWcQXzEfPetS4kG-cIpvthEk7l3VjP0SQKCf24j0qJWbn63qS163_byOiCbqZIH5F76uGYAawpxgjfs22XAxaGbk0akpcgOPjJfNnAR_IxlUzGtXFO67WnGt-W0saUDAo3tW5O2CeXK6b8wgTM38J5g26rGci98MDBkfdcSw0uXD4f-12FkQ-0Y2SmuabPz2lcDxjAfpqLv3HCvdfNmrrKKAPqPQjB4rwpr0K4x2Ku-JWCzEA9oDZ6g2hQMDqOB5wvEopMdxs5SOIl-Xc7HvrTaxEQw2IQzlspGVcrbDwy-qlv4M8OyTw7EynoazqjuhjetUiTOzUNqa1x5jUsWnBNH6ym3i-Z7vNY2lc2u6v_ntME7XjnrZ5tkoc6kAt-8ku-XvAKlVLGnL-2Q5FlcUWH_faE4xSBvrRykuDUMqIcZlD5jpOCUk_8K_67WlW5Hl0v6GmtxO7sO9oZffaJX43Y_uRSlwlHiIyC8GoCbMTnmoQ0kOvlNk6YEclmQjy5NG6S_bcTYAQJAaI6w3d0nmlEpb0gYpysI0KnNZ63ExjXykV5akxoEnF3g&cid=CAASPeRozOMSWR1ABV2kqboCVjZRwhFWMrn6-MloR_6__VWKMtvcONGuEtIVCxxEvetf8-RN0yQ46b310-riJk8&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 20 Apr 2021 07:39:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 6355 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62aa9862e3cf4a2d546055e17fa129c12dcfb282d2fde5227a5e9c60b3bc406e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn3.gstatic.com/ Frame 6355 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTSHDNcnf8aPBbJKehNUpWiMiMcQqB9fL8pwl2pi-lIut9yKrXMsNKyi0PF-A&usqp=CAI
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88a4f7a61bcc295bb968425365acd5c78e49818b33eb2b4ca6bff9ffa49f27db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 13:19:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Feb 2020 11:06:06 GMT
server
sffe
age
497993
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18922
x-xss-protection
0
expires
Thu, 14 Apr 2022 13:19:19 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 6355 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRJvyBkvcM4YytZoyqepYbbdHFlDS-gjBgtyJ4Ymjv53vO0mW1_2ljRqdHaHCM&usqp=CAI
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dabe207d5d4dd967f59c448afa910bd193f195494beb72485ba6e0d0d49a5a9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 17:32:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 21:33:26 GMT
server
sffe
age
223587
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13976
x-xss-protection
0
expires
Sun, 17 Apr 2022 17:32:45 GMT
8252139978024777535
tpc.googlesyndication.com/simgad/ Frame 6355
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrk__JzAEQsAkYsAkyCFjvkr9Febwj
  • https://tpc.googlesyndication.com/simgad/8252139978024777535
54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8252139978024777535
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c716da6ff73138a628905ea31915bd8eefda2f60eee845d0b1eda470c51e212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 17:48:05 GMT
x-content-type-options
nosniff
age
395467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55700
x-xss-protection
0
last-modified
Mon, 16 Jul 2018 11:02:12 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Apr 2022 17:48:05 GMT

Redirect headers

timing-allow-origin
*
date
Tue, 20 Apr 2021 01:59:49 GMT
x-content-type-options
nosniff
server
cafe
age
20363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/8252139978024777535
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 20 May 2021 01:59:49 GMT
truncated
/ Frame D5DF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55a55861068aeea1b8c461136f9b3932f4db307d1075521197675ae22b350fbe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
userconnect.js
js.adscale.de/ Frame 772A 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Vg_Jp.ZJ2u3YbQXNKkA7T4fbgrmEYgFi
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
Server
AmazonS3
x-amz-request-id
EDC715E2D26061E9
ETag
"98f37b242862929d9aef4bde91abc8ad"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Tue, 20 Apr 2021 07:39:12 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4485
x-amz-id-2
pg2juwEhgbhKwRzUK6AnbhHVUA4qO3OtkoMVfN1BVox6+pHHc4w7pE0EPBQCfVP/z/Ntjig6z78=
csync
sync.console.adtarget.com.tr/ Frame 772A 		86 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=d0762a31326341628ff64cfdea5976e1
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif
truncated
/ Frame 6355 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5bfb91732aabaf92bf2189ca3c7e1ea92da027f9805dc6562af3f37a25290e4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 6355 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 10:38:22 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:32 GMT
server
sffe
age
421250
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
expires
Fri, 15 Apr 2022 10:38:22 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6355 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
452170
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:03:02 GMT
4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6355 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c4e4e0b02318697c2eb4a16c05126c5113eea9f0a4a9a6cb40c8261bbd17ec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:03 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:26 GMT
server
sffe
age
452169
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15456
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:03:03 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDvD9oS_a.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 6355 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDvD9oS_a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
171b7202bd88c01135aff85554b7293c7cfbb15ec83803866343dce39f6a29a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 00:17:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:34 GMT
server
sffe
age
26490
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14856
x-xss-protection
0
expires
Wed, 20 Apr 2022 00:17:42 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/wrapper_hb_300016_4947.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.ukr.net
Date
Tue, 20 Apr 2021 07:39:11 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame 42C4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 10:13:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
77161
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Tue, 19 Apr 2022 10:13:11 GMT
userconnect
ih.adscale.de/ Frame 772A 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1618904352354&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:12 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame AA85 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aa627bfef345f2f99e052cf9bd3fd3b0d3ed5cae9a8a9fdd6351a5b3c0dc7cb8

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.adscale.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uu=d0762a31326341628ff64cfdea5976e1; cct=1618904352085
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.adscale.de/

Response headers

date
Tue, 20 Apr 2021 07:39:12 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2702
set-cookie
tu=4#3129954469#48~~449695~449695~1#101~~449695~449695~1#39~~449695~449695~1#40~~449695~449695~1#42~~449695~449695~1#75~~449695~449695~1#108~~449695~449695~1#63~~449695~449695~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None cct=1618904352401; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None
match.js
js.adscale.de/ Frame AA85 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wLpT08_wLXVkyJ1J8XFuEEwEpe2lwEj_
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
Server
AmazonS3
x-amz-request-id
0CJGEPQ2ZKSDZJTR
ETag
"b75124846aec28a28b7a3441813682d5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Tue, 20 Apr 2021 07:39:12 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1700
x-amz-id-2
rTeXxEVlmwvubu+6mFW79yFbR/gN1X2gq0lQgaMPHQj754I0ueECxgXGlb1NT3Jw/38xunNd2r8=
img
ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352400/0/ Frame AA85
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=d0762a31326341628ff64cfdea5976e1&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352400%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352400/0/img?tpid=101&tpuid=BBID-01-02936183532918999-16266456
49 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352400/0/img?tpid=101&tpuid=BBID-01-02936183532918999-16266456
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:13 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Tue, 20 Apr 2021 07:39:13 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352400/0/img?tpid=101&tpuid=BBID-01-02936183532918999-16266456
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
gen_204
pagead2.googlesyndication.com/pagead/ Frame 42C4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRCpcH4V-YL6UOKCDjuwPoNet0AEAAAAAOAHgBAI&bg=!dnWldTHNAAZUuIlwVLg7ACkAdvg8Wr1zMH8hOzB2YrH-e0lX30n9vQ5pkhMUld9RGyJaJzY6RpvoIwIAAABjUgAAAA5oAQcKAHd-YNoFXZQU2T1zyZqf7HFC1CbFpthMQYj2CqyViNKwd0u-CNS_e0ETkWvTNK6-HVa2AEjvoLzRZXs3vDsVklcX26XepTdLRmXezavIdMTKNt0bGHoSS-gs2VUTTUguYYqOCp5g9E6p75zZZ2AK2TFDYO-4m0iKcZkCXbpJRp0BDbX3o7jnD4o5j-0k9MfqtmmX4KX-FyAsOyrfBJ7BYT7yyD85DDZ4Q6PiOwopls3PvO-RNp9Lz0mYYBDJZLdT1LIprHFTA9dpetKVqIuW5F0zoLfaZaw-FThXMaAMmgfpU8cqBVZPVVa7P3ohbzbpZZ8NIzXor_4r_4HGJ_-1pR1TMMSVYyTE-EFHL3WnLXn2k1AVAEnMef-tUfaewSFMzTDZCCwCZT4stVUaqz6-2NxuHOBDR2bTOdxEB5Hmj1cafaRrlMTtGW8H7ZVy4EiS4W6MIXAulG98cVro19YkgquOSs_Bv63tosTyrDDf8JX6kGPF8NHAk2K07ukyK_1AVc2qoNEUgb6g6isVomVvqqhVwtTz15PryOvdqpTHdMBXFuv8uimhsWMCNUX1C8_AHdmGxZcpoc6nj1znUIGgHUPENBhggbzkdXEsCbSmXo7KRoiASQMGGUOLtqhJMEOavoPK4fLwnSDWdW7oW96MEE3PXYtkjDyNIxLZPnI3oLhy_BKT5lCHqu_I-OLuvV-iyH7SpX1k6-TtLj1DKsyS3Tm7SRLSSipynJvWnrzGRDUs2UiAc4W0a6kfIV2mRNgEblqXK8lBOj_bU1vlWmXUlwSn93rLSYF_U7JfDEQOrC7UineUMeCGwQb9c_M5ZXz1_HdcMtS_H5vE7_5GgRK-89re10Ru4zGNqrYWyTSNAPXUDE-5p9ZXcRkWRYkoQ775QG38pDApiBl4S0VQCFrR9bNy1uhte4VT1NyC7o5MBBMA73TaTOb5f37iHnMHJ_LTTieov8FO4Qqs
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Wed, 21 Apr 2021 07:39:12 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Wed, 21 Apr 2021 07:39:12 GMT
container.html
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 91E6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 20 Apr 2021 07:39:11 GMT
expires
Wed, 20 Apr 2022 07:39:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame EFA8 		157 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRDs8t8BGN-jgZ8BMAE&v=APEucNWqo3MFrrbNcdD0zbfS7nGr6ykeIt8KPFrn4ar7T5s4MT9XWJqKHIaT7VHQS8fSHD2I-azdBec8mB0Ba1ZBP02EaPns0wVoS1uIzHJpxVbRWW8wPVU2CG3lUhQMyKUVGiu5WzBC
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2900a771d3f6ae1a49699beedd12cd4902b97b2d2066515a215d140e3f942b09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJuhcRDs8t8BGN-jgZ8BMAE&v=APEucNWqo3MFrrbNcdD0zbfS7nGr6ykeIt8KPFrn4ar7T5s4MT9XWJqKHIaT7VHQS8fSHD2I-azdBec8mB0Ba1ZBP02EaPns0wVoS1uIzHJpxVbRWW8wPVU2CG3lUhQMyKUVGiu5WzBC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 20 Apr 2021 07:39:13 GMT
server
cafe
cache-control
private
content-length
138
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUmW2-wDhkQsmgZdTp81yDdWsnVj3nikqedUKlv1zfFZOz0iolTzVSc_5-Pd; expires=Sun, 15-May-2022 07:39:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 20 Apr 2021 07:39:13 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 91E6 		42 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZt_UyKMmdeLPhsl_9L_GM38ZrDXl-85Spzje8Cx4Ndi5baae9KcMqMRZQiPtyJnSz2u7eBKQJerDNiAcKJyR1nlbaJpBJ0_xV_J79RsEsAIyKa-OQhaDjgzkJ0PgrXhtYl8uroY-MaFeCEq0B7C_kCYDyvQ&dbm_d=AKAmf-A9xpOl12s8uBSvXNF83vzpBXxRD06uDgbkbs1nBGCzrL6LdYAY1qDOrZTSD2RpJcBkttSFe5nzsU14pH2BOvvZ3OI92EK6qU90rERHbdVoHo8DpmV5YV_um4seL-cdWolFK7bS6d0nCRUKKDTCkRbs0UzzNPjWz0DMbIsQjDeLF82ny8Pwq1rWrDBdTKPyLYImBfr-D2wpp3-4OCWxkcdd9rYuaL_oqHh_L-Du04xkgYzCKnE17KWaddfdnQD3cUe8tXt0x8sfnaqIKVJxSAp3UN_u9F52oWcuxbyiWYbzPcUBKbPTePuORoriM-QEYJ8pyBvRdWujbVK1yafUH4LVA8lWGTt5lfPGSDeZx7Mi585KfFjclKXccyzmBaafIamz2mLEGg90jl_PoBCNv-h_F096l--yq0vOlsARTuwV8uKZFpGqWOg81ru-Q4gjVBoV7JR6Il0lx4s3C_QCOVKXgIRu8O1eeDBCrt7iNlnUmSFIWPm7S4JzTgzLduCJBXmWFodPp_A_XRI-ay0yhc_-MYD8QEiAz_0h0HXiFvU5lwmc4-_5RUDbPXrs2auhMh71ifiXbAe2PInMgPgFBDHtTk3sVo25wb_rX_QLtVKkCWzQwDN0QS4r7scEX3tzPV4VHxMVT-wGOawCLXLOEGc7EBsUyH9qcnT4nEn7F-f456WnClHzYie0aIj45t5DN_DPxNJkdcyJGQv6X02otm1GWhl53jjHDX6p5c78KK--6-WBb9GSxeT9FXz4nLuK7jG92LwKdZvK_IeOR_ntDgshcmqiXBfZdRu5RtWCuX49HYnOA1C-9QmFpedbb75OwY_6R1cO32B2rNaBppSGlxkcezUA_zxkF6YhiB_W01wm_ANbuupvQiPRO-oDsWuo0kl5UzGw2HnxbHYVQSVyzkaxuSzzaI270nLf6aC7lvbNqqLXAfGvBwL6sULR_miS61j77-HsUDoNc435S5X75OsSq9cESjplaZF4ExfpG1Os0nbtO-lPFAPxLNc7gJvDUXfg933WYs9Cjqtpj8wwUyVGvONIEb1Mrs9QQJmj7llQINz7ZPY7ZRHUe7JSzX7XtdzOhbBQu5P2h_kxcLStY8Og2Aa46XqQ9ac2NGEauCIlEMi2l39vT_ewQ3oP8fs-nH4gMc5Jl6uv1ZCastQOJmKcOY96U5lp1rMoo1mtZWigbj7sLwfUa4gCHqtb6wb7ewLpBxDxdD7lczXKhJfPN-ZnFVFjkose1TaWg6g1R7cg5BkS3WMyvID3XJjDqttA9SiIy1TlfUaYvWbLCdVwh4LrYCV1Er3kWm0Io95AU82pR_NPKil0pNtPDAn0WO7mtviWIWgw6snb0oSrdWJZki_QejtviPssbdf2QHssK7lv3-gkgTUALAlj7hs4UKufgRlBDBGD3gb56yQSbsZVNYuhFFTnp5sbdtO1k5b-UnM0O2Tw7LUGunV_kRa_V_xsj7r4dpQ17JVTeAY5CtVHzX569xqtVLL12feKinxgFeflD8PRcTlZcq-7gJRtqW5-gKUfuWsnYv9ooKBh938O2trr4tSCAPL9YIz8GqaiyINvlRbo1mQQx3Z0hbhnE_DtMOpk6Hms5im9nsBSXdL9O8jWbg8QGigcnLz5heTD453Vv0ssz9r-OL8cOyitysISTQvuDeqJbgKNcYv62O5KvXypGYt3IRPROwSrl3UFse0pdkm8hi8YijaKZcEY05p049LJeLve7CXwKXC4QnWsyy0r_2RQDk24c7Ynv2PuSq0FIbM9ctOaZEKRpCc6aurAz6PrRet5R7p2vmTybbOWdkn4HK09CyO6anjCqpKVNSn3ML0uDwJvR5Z7sP_qQyPsLmMwC8CIX2NVnr_j0imWNYJbw7st-Fz89ptLgBkVXk0Fq0dGs0hxNKQGyi32LZdTNEPHTFXYw2Akz7mw9dXER9lUeSAPAjeQCinIt_t0hZPPCbVfR_fEb4JV78yUtRzyWi0AXuh4a8JJGI2jARUUiPs4N48CTjmkZ4_Bvea5s65GinV7nCh38y__AsWE6K_RwRG9vOFo3LM3plkgA0LDGfULF6kcdSq9DyVpEqVO2I6YGi1JuNA7T2Mu-vWf9DUjAzQKc8fQ6D_xOyVaN720CTjDyqdblGsTl32vYWE40ukUUP3JACkVNkEDvtSVnM4Ix5Jcd880TOY-qGtfm1FwzwIPXh0yLLFgVJjKBxFpZ6VzWr7itFlO18Qd2UQqcN5_av9XFGBjK1BgdnKS8HFogEueCmukMnminX0_E9k4lPCSKHu6RqAltAFurgQ6rI3ERaX2SHqvPK5B0qA0s6DlVaVnZ3KxfJWW1_8Nghzk-aRBTQaF_sgkd-N-8oN8mKmULNm0wB6JxmkvJ8feb-AYeko88VQntHjpi59LBRwVSxtyXqJwtYgYDmOvVVXkAJQGOvBodNlgoG9dd8sZNV9FpGsmfaV9THmRAlfhM0WdU_9KdOTjicD_o0V3_MwYta8PFto8CF22TysDHo82jKqf8Mw2TAiGQ3DGQ4Q4D027Qic2v7gLOVIg5R7AoLTSsLK1UT4rpfhqppwctp5UqPky83RUHfvUMg6cLiH-b470t9tOV2qiCzx8iGdIRChNhNOwtevWVtYWVzALdnTWpXJvEBX1mxLWvAnjiFktzbBpE76GtUZcU57jFL7RBFH5VwElGQy0gvy_A9xuIb0qGKYhqOvUh7C_ObH7gFSbW88163UPSfL5Z8tFKyr4eV-Gb-WzlK2S8eprkWVtGCQ4oZQtwO48zqawfvLJcUBYAZfdUfhWSXS-Gi5z_43GUAmj5sTxfuYvs9BSYgZsDgVhcBalGJ--J9-PXqzHJ-ztWrVxmPu7S2OYCGoU3aj-SFyiktBCe29vcmbNpaWQJKjJSfuTJIT_EMWQ9JvxOMOWYSmNSg3diuidrGrW2pfAeDk2a9N-C2hy1vHlptZHm3en4XnhfB4LrBVV59pjibeUfdl0vmPe7BIgn-iLjCTbZ8XartU4_vwlyAy03r-Xy_esQE0heX8uX71N1DjA5a9fVhcFHQ43XsrD8qdR8ZQGTZ2mHp832O6oKHoz8CO5qK-bL9BBVR3W0fuDvnZYt-E8fRVdXSCXR1u1IZNMOkTJwlQOssRecsam-0EVLljIh9IWbLbuLCi3gQivKMqNULy9mcf_x7255w7LHnPDUmogItZQ_fwyu7gIZV80qsoMILl8W2PSsIXkm3GCyDzohCMWDNvjfOJSxAoGFQOg2frIcl-63MJXUz2YEJB-ET26cKMp5h69-CRjIfj8W0j-xRQow9esGKvv3Y-GLVMe3M_MTCNCMf_eXE7ffrhQKBbvwfFRUzc_92eemp8ywpmEeS6xLlQzq0Kaq-HRovHwvQbchL2DrKsJLMri3k2seNKkKTGiNOL8t4Ib8l0tDmpe7iLmsEQTFWZim_vRKrwZlkDD_KNyUBkCiTqNQdFWwXixZ5ZJDjPR0ST-5lK2ATxuNEpdYHqpuSU9MXqdjUg3TNtXnDEiU5aMioPQxsVvKzjyIvhnn2LUbDIA7xZdog&cid=CAASPeRoVK9QKL__LDUcXIlKDFnsnjX17qtD_9Gne-r9DKzxuWeOY0jJe4w64WmfhzKMmhUHdicDp9u-gNK7xtM&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e4889f3b7cd77ce12182e5c0fa2c7c8b0ec7f6e2fda8178195e77b4396c3333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20558
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 91E6 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8lpODc3TY2mRrnp-kXW_5QwBgkrQh9ddxJNKbxm9nTDy1QRxjo3ott2qZ4DfAy5JIgcM2tFnAplaZ1jk2ch1djtBO4mUsu1KTtyqibwNWWHgJY8I
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 91E6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:36:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 91E6 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Tue, 20 Apr 2021 07:39:13 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 91E6 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:38:08 GMT
l
www.google.com/ads/measurement/ Frame 91E6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpxJIleVqSkjIRNRvscqjRw0fzyeeLTgJOCPIDkrJKCnzZHIoyxaedS1c7iM79v9oRPZvU
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
partners.tremorhub.com/ Frame EFA8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEDqaWXQrP7mJ2Awk1VsgwsM&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEDqaWXQrP7mJ2Awk1VsgwsM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRDs8t8BGN-jgZ8BMAE&v=APEucNWqo3MFrrbNcdD0zbfS7nGr6ykeIt8KPFrn4ar7T5s4MT9XWJqKHIaT7VHQS8fSHD2I-azdBec8mB0Ba1ZBP02EaPns0wVoS1uIzHJpxVbRWW8wPVU2CG3lUhQMyKUVGiu5WzBC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:5e41:f643:f5d9:712d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:13 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEDqaWXQrP7mJ2Awk1VsgwsM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 91E6 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZt_UyKMmdeLPhsl_9L_GM38ZrDXl-85Spzje8Cx4Ndi5baae9KcMqMRZQiPtyJnSz2u7eBKQJerDNiAcKJyR1nlbaJpBJ0_xV_J79RsEsAIyKa-OQhaDjgzkJ0PgrXhtYl8uroY-MaFeCEq0B7C_kCYDyvQ&dbm_d=AKAmf-A9xpOl12s8uBSvXNF83vzpBXxRD06uDgbkbs1nBGCzrL6LdYAY1qDOrZTSD2RpJcBkttSFe5nzsU14pH2BOvvZ3OI92EK6qU90rERHbdVoHo8DpmV5YV_um4seL-cdWolFK7bS6d0nCRUKKDTCkRbs0UzzNPjWz0DMbIsQjDeLF82ny8Pwq1rWrDBdTKPyLYImBfr-D2wpp3-4OCWxkcdd9rYuaL_oqHh_L-Du04xkgYzCKnE17KWaddfdnQD3cUe8tXt0x8sfnaqIKVJxSAp3UN_u9F52oWcuxbyiWYbzPcUBKbPTePuORoriM-QEYJ8pyBvRdWujbVK1yafUH4LVA8lWGTt5lfPGSDeZx7Mi585KfFjclKXccyzmBaafIamz2mLEGg90jl_PoBCNv-h_F096l--yq0vOlsARTuwV8uKZFpGqWOg81ru-Q4gjVBoV7JR6Il0lx4s3C_QCOVKXgIRu8O1eeDBCrt7iNlnUmSFIWPm7S4JzTgzLduCJBXmWFodPp_A_XRI-ay0yhc_-MYD8QEiAz_0h0HXiFvU5lwmc4-_5RUDbPXrs2auhMh71ifiXbAe2PInMgPgFBDHtTk3sVo25wb_rX_QLtVKkCWzQwDN0QS4r7scEX3tzPV4VHxMVT-wGOawCLXLOEGc7EBsUyH9qcnT4nEn7F-f456WnClHzYie0aIj45t5DN_DPxNJkdcyJGQv6X02otm1GWhl53jjHDX6p5c78KK--6-WBb9GSxeT9FXz4nLuK7jG92LwKdZvK_IeOR_ntDgshcmqiXBfZdRu5RtWCuX49HYnOA1C-9QmFpedbb75OwY_6R1cO32B2rNaBppSGlxkcezUA_zxkF6YhiB_W01wm_ANbuupvQiPRO-oDsWuo0kl5UzGw2HnxbHYVQSVyzkaxuSzzaI270nLf6aC7lvbNqqLXAfGvBwL6sULR_miS61j77-HsUDoNc435S5X75OsSq9cESjplaZF4ExfpG1Os0nbtO-lPFAPxLNc7gJvDUXfg933WYs9Cjqtpj8wwUyVGvONIEb1Mrs9QQJmj7llQINz7ZPY7ZRHUe7JSzX7XtdzOhbBQu5P2h_kxcLStY8Og2Aa46XqQ9ac2NGEauCIlEMi2l39vT_ewQ3oP8fs-nH4gMc5Jl6uv1ZCastQOJmKcOY96U5lp1rMoo1mtZWigbj7sLwfUa4gCHqtb6wb7ewLpBxDxdD7lczXKhJfPN-ZnFVFjkose1TaWg6g1R7cg5BkS3WMyvID3XJjDqttA9SiIy1TlfUaYvWbLCdVwh4LrYCV1Er3kWm0Io95AU82pR_NPKil0pNtPDAn0WO7mtviWIWgw6snb0oSrdWJZki_QejtviPssbdf2QHssK7lv3-gkgTUALAlj7hs4UKufgRlBDBGD3gb56yQSbsZVNYuhFFTnp5sbdtO1k5b-UnM0O2Tw7LUGunV_kRa_V_xsj7r4dpQ17JVTeAY5CtVHzX569xqtVLL12feKinxgFeflD8PRcTlZcq-7gJRtqW5-gKUfuWsnYv9ooKBh938O2trr4tSCAPL9YIz8GqaiyINvlRbo1mQQx3Z0hbhnE_DtMOpk6Hms5im9nsBSXdL9O8jWbg8QGigcnLz5heTD453Vv0ssz9r-OL8cOyitysISTQvuDeqJbgKNcYv62O5KvXypGYt3IRPROwSrl3UFse0pdkm8hi8YijaKZcEY05p049LJeLve7CXwKXC4QnWsyy0r_2RQDk24c7Ynv2PuSq0FIbM9ctOaZEKRpCc6aurAz6PrRet5R7p2vmTybbOWdkn4HK09CyO6anjCqpKVNSn3ML0uDwJvR5Z7sP_qQyPsLmMwC8CIX2NVnr_j0imWNYJbw7st-Fz89ptLgBkVXk0Fq0dGs0hxNKQGyi32LZdTNEPHTFXYw2Akz7mw9dXER9lUeSAPAjeQCinIt_t0hZPPCbVfR_fEb4JV78yUtRzyWi0AXuh4a8JJGI2jARUUiPs4N48CTjmkZ4_Bvea5s65GinV7nCh38y__AsWE6K_RwRG9vOFo3LM3plkgA0LDGfULF6kcdSq9DyVpEqVO2I6YGi1JuNA7T2Mu-vWf9DUjAzQKc8fQ6D_xOyVaN720CTjDyqdblGsTl32vYWE40ukUUP3JACkVNkEDvtSVnM4Ix5Jcd880TOY-qGtfm1FwzwIPXh0yLLFgVJjKBxFpZ6VzWr7itFlO18Qd2UQqcN5_av9XFGBjK1BgdnKS8HFogEueCmukMnminX0_E9k4lPCSKHu6RqAltAFurgQ6rI3ERaX2SHqvPK5B0qA0s6DlVaVnZ3KxfJWW1_8Nghzk-aRBTQaF_sgkd-N-8oN8mKmULNm0wB6JxmkvJ8feb-AYeko88VQntHjpi59LBRwVSxtyXqJwtYgYDmOvVVXkAJQGOvBodNlgoG9dd8sZNV9FpGsmfaV9THmRAlfhM0WdU_9KdOTjicD_o0V3_MwYta8PFto8CF22TysDHo82jKqf8Mw2TAiGQ3DGQ4Q4D027Qic2v7gLOVIg5R7AoLTSsLK1UT4rpfhqppwctp5UqPky83RUHfvUMg6cLiH-b470t9tOV2qiCzx8iGdIRChNhNOwtevWVtYWVzALdnTWpXJvEBX1mxLWvAnjiFktzbBpE76GtUZcU57jFL7RBFH5VwElGQy0gvy_A9xuIb0qGKYhqOvUh7C_ObH7gFSbW88163UPSfL5Z8tFKyr4eV-Gb-WzlK2S8eprkWVtGCQ4oZQtwO48zqawfvLJcUBYAZfdUfhWSXS-Gi5z_43GUAmj5sTxfuYvs9BSYgZsDgVhcBalGJ--J9-PXqzHJ-ztWrVxmPu7S2OYCGoU3aj-SFyiktBCe29vcmbNpaWQJKjJSfuTJIT_EMWQ9JvxOMOWYSmNSg3diuidrGrW2pfAeDk2a9N-C2hy1vHlptZHm3en4XnhfB4LrBVV59pjibeUfdl0vmPe7BIgn-iLjCTbZ8XartU4_vwlyAy03r-Xy_esQE0heX8uX71N1DjA5a9fVhcFHQ43XsrD8qdR8ZQGTZ2mHp832O6oKHoz8CO5qK-bL9BBVR3W0fuDvnZYt-E8fRVdXSCXR1u1IZNMOkTJwlQOssRecsam-0EVLljIh9IWbLbuLCi3gQivKMqNULy9mcf_x7255w7LHnPDUmogItZQ_fwyu7gIZV80qsoMILl8W2PSsIXkm3GCyDzohCMWDNvjfOJSxAoGFQOg2frIcl-63MJXUz2YEJB-ET26cKMp5h69-CRjIfj8W0j-xRQow9esGKvv3Y-GLVMe3M_MTCNCMf_eXE7ffrhQKBbvwfFRUzc_92eemp8ywpmEeS6xLlQzq0Kaq-HRovHwvQbchL2DrKsJLMri3k2seNKkKTGiNOL8t4Ib8l0tDmpe7iLmsEQTFWZim_vRKrwZlkDD_KNyUBkCiTqNQdFWwXixZ5ZJDjPR0ST-5lK2ATxuNEpdYHqpuSU9MXqdjUg3TNtXnDEiU5aMioPQxsVvKzjyIvhnn2LUbDIA7xZdog&cid=CAASPeRoVK9QKL__LDUcXIlKDFnsnjX17qtD_9Gne-r9DKzxuWeOY0jJe4w64WmfhzKMmhUHdicDp9u-gNK7xtM&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65c88bdeb2f983517f1be4d68218f801ea8201919dbd9edd28359a344d8a0574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
15267579076523134137
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:38:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/ Frame 91E6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZt_UyKMmdeLPhsl_9L_GM38ZrDXl-85Spzje8Cx4Ndi5baae9KcMqMRZQiPtyJnSz2u7eBKQJerDNiAcKJyR1nlbaJpBJ0_xV_J79RsEsAIyKa-OQhaDjgzkJ0PgrXhtYl8uroY-MaFeCEq0B7C_kCYDyvQ&dbm_d=AKAmf-A9xpOl12s8uBSvXNF83vzpBXxRD06uDgbkbs1nBGCzrL6LdYAY1qDOrZTSD2RpJcBkttSFe5nzsU14pH2BOvvZ3OI92EK6qU90rERHbdVoHo8DpmV5YV_um4seL-cdWolFK7bS6d0nCRUKKDTCkRbs0UzzNPjWz0DMbIsQjDeLF82ny8Pwq1rWrDBdTKPyLYImBfr-D2wpp3-4OCWxkcdd9rYuaL_oqHh_L-Du04xkgYzCKnE17KWaddfdnQD3cUe8tXt0x8sfnaqIKVJxSAp3UN_u9F52oWcuxbyiWYbzPcUBKbPTePuORoriM-QEYJ8pyBvRdWujbVK1yafUH4LVA8lWGTt5lfPGSDeZx7Mi585KfFjclKXccyzmBaafIamz2mLEGg90jl_PoBCNv-h_F096l--yq0vOlsARTuwV8uKZFpGqWOg81ru-Q4gjVBoV7JR6Il0lx4s3C_QCOVKXgIRu8O1eeDBCrt7iNlnUmSFIWPm7S4JzTgzLduCJBXmWFodPp_A_XRI-ay0yhc_-MYD8QEiAz_0h0HXiFvU5lwmc4-_5RUDbPXrs2auhMh71ifiXbAe2PInMgPgFBDHtTk3sVo25wb_rX_QLtVKkCWzQwDN0QS4r7scEX3tzPV4VHxMVT-wGOawCLXLOEGc7EBsUyH9qcnT4nEn7F-f456WnClHzYie0aIj45t5DN_DPxNJkdcyJGQv6X02otm1GWhl53jjHDX6p5c78KK--6-WBb9GSxeT9FXz4nLuK7jG92LwKdZvK_IeOR_ntDgshcmqiXBfZdRu5RtWCuX49HYnOA1C-9QmFpedbb75OwY_6R1cO32B2rNaBppSGlxkcezUA_zxkF6YhiB_W01wm_ANbuupvQiPRO-oDsWuo0kl5UzGw2HnxbHYVQSVyzkaxuSzzaI270nLf6aC7lvbNqqLXAfGvBwL6sULR_miS61j77-HsUDoNc435S5X75OsSq9cESjplaZF4ExfpG1Os0nbtO-lPFAPxLNc7gJvDUXfg933WYs9Cjqtpj8wwUyVGvONIEb1Mrs9QQJmj7llQINz7ZPY7ZRHUe7JSzX7XtdzOhbBQu5P2h_kxcLStY8Og2Aa46XqQ9ac2NGEauCIlEMi2l39vT_ewQ3oP8fs-nH4gMc5Jl6uv1ZCastQOJmKcOY96U5lp1rMoo1mtZWigbj7sLwfUa4gCHqtb6wb7ewLpBxDxdD7lczXKhJfPN-ZnFVFjkose1TaWg6g1R7cg5BkS3WMyvID3XJjDqttA9SiIy1TlfUaYvWbLCdVwh4LrYCV1Er3kWm0Io95AU82pR_NPKil0pNtPDAn0WO7mtviWIWgw6snb0oSrdWJZki_QejtviPssbdf2QHssK7lv3-gkgTUALAlj7hs4UKufgRlBDBGD3gb56yQSbsZVNYuhFFTnp5sbdtO1k5b-UnM0O2Tw7LUGunV_kRa_V_xsj7r4dpQ17JVTeAY5CtVHzX569xqtVLL12feKinxgFeflD8PRcTlZcq-7gJRtqW5-gKUfuWsnYv9ooKBh938O2trr4tSCAPL9YIz8GqaiyINvlRbo1mQQx3Z0hbhnE_DtMOpk6Hms5im9nsBSXdL9O8jWbg8QGigcnLz5heTD453Vv0ssz9r-OL8cOyitysISTQvuDeqJbgKNcYv62O5KvXypGYt3IRPROwSrl3UFse0pdkm8hi8YijaKZcEY05p049LJeLve7CXwKXC4QnWsyy0r_2RQDk24c7Ynv2PuSq0FIbM9ctOaZEKRpCc6aurAz6PrRet5R7p2vmTybbOWdkn4HK09CyO6anjCqpKVNSn3ML0uDwJvR5Z7sP_qQyPsLmMwC8CIX2NVnr_j0imWNYJbw7st-Fz89ptLgBkVXk0Fq0dGs0hxNKQGyi32LZdTNEPHTFXYw2Akz7mw9dXER9lUeSAPAjeQCinIt_t0hZPPCbVfR_fEb4JV78yUtRzyWi0AXuh4a8JJGI2jARUUiPs4N48CTjmkZ4_Bvea5s65GinV7nCh38y__AsWE6K_RwRG9vOFo3LM3plkgA0LDGfULF6kcdSq9DyVpEqVO2I6YGi1JuNA7T2Mu-vWf9DUjAzQKc8fQ6D_xOyVaN720CTjDyqdblGsTl32vYWE40ukUUP3JACkVNkEDvtSVnM4Ix5Jcd880TOY-qGtfm1FwzwIPXh0yLLFgVJjKBxFpZ6VzWr7itFlO18Qd2UQqcN5_av9XFGBjK1BgdnKS8HFogEueCmukMnminX0_E9k4lPCSKHu6RqAltAFurgQ6rI3ERaX2SHqvPK5B0qA0s6DlVaVnZ3KxfJWW1_8Nghzk-aRBTQaF_sgkd-N-8oN8mKmULNm0wB6JxmkvJ8feb-AYeko88VQntHjpi59LBRwVSxtyXqJwtYgYDmOvVVXkAJQGOvBodNlgoG9dd8sZNV9FpGsmfaV9THmRAlfhM0WdU_9KdOTjicD_o0V3_MwYta8PFto8CF22TysDHo82jKqf8Mw2TAiGQ3DGQ4Q4D027Qic2v7gLOVIg5R7AoLTSsLK1UT4rpfhqppwctp5UqPky83RUHfvUMg6cLiH-b470t9tOV2qiCzx8iGdIRChNhNOwtevWVtYWVzALdnTWpXJvEBX1mxLWvAnjiFktzbBpE76GtUZcU57jFL7RBFH5VwElGQy0gvy_A9xuIb0qGKYhqOvUh7C_ObH7gFSbW88163UPSfL5Z8tFKyr4eV-Gb-WzlK2S8eprkWVtGCQ4oZQtwO48zqawfvLJcUBYAZfdUfhWSXS-Gi5z_43GUAmj5sTxfuYvs9BSYgZsDgVhcBalGJ--J9-PXqzHJ-ztWrVxmPu7S2OYCGoU3aj-SFyiktBCe29vcmbNpaWQJKjJSfuTJIT_EMWQ9JvxOMOWYSmNSg3diuidrGrW2pfAeDk2a9N-C2hy1vHlptZHm3en4XnhfB4LrBVV59pjibeUfdl0vmPe7BIgn-iLjCTbZ8XartU4_vwlyAy03r-Xy_esQE0heX8uX71N1DjA5a9fVhcFHQ43XsrD8qdR8ZQGTZ2mHp832O6oKHoz8CO5qK-bL9BBVR3W0fuDvnZYt-E8fRVdXSCXR1u1IZNMOkTJwlQOssRecsam-0EVLljIh9IWbLbuLCi3gQivKMqNULy9mcf_x7255w7LHnPDUmogItZQ_fwyu7gIZV80qsoMILl8W2PSsIXkm3GCyDzohCMWDNvjfOJSxAoGFQOg2frIcl-63MJXUz2YEJB-ET26cKMp5h69-CRjIfj8W0j-xRQow9esGKvv3Y-GLVMe3M_MTCNCMf_eXE7ffrhQKBbvwfFRUzc_92eemp8ywpmEeS6xLlQzq0Kaq-HRovHwvQbchL2DrKsJLMri3k2seNKkKTGiNOL8t4Ib8l0tDmpe7iLmsEQTFWZim_vRKrwZlkDD_KNyUBkCiTqNQdFWwXixZ5ZJDjPR0ST-5lK2ATxuNEpdYHqpuSU9MXqdjUg3TNtXnDEiU5aMioPQxsVvKzjyIvhnn2LUbDIA7xZdog&cid=CAASPeRoVK9QKL__LDUcXIlKDFnsnjX17qtD_9Gne-r9DKzxuWeOY0jJe4w64WmfhzKMmhUHdicDp9u-gNK7xtM&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:38:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 May 2021 07:38:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 91E6 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudH8OJfa17mq4wxyo3c8BGE58wChL0EkDegVAggBUiNMh-N9_CetUZD5dE9zMo2Z68uY-OdGdXDzAiCd2vmrBQjD7KnfZ4if5D7XCBNdK3ExJ2koJdN1GbABQ7QSzM7fDw5Bmg-cU8suRHzAZWdLv4UpppeSm08QjXvn9yHI6u-E90iKLhstcmyrxTZUnEx_ssRPBqR2mBflSZ4mJw58d7KTFUOBSaneiNFhAViu1yIMBoNENutU85sW0CEP0tipw2iCvNL2BRnM_qMlVnLBSYMHxF_-LHvCE_vOwbV_iBFV0qwgDCdHxzhTSt_7jaldrOx0B42z3nRW4NuyejG9fY9k9D25yul-ksqSoYKngs56CwldwOt-GdrZCjI3_WlV-2H4UQg93_-91xudbPc6ObmolDMCZkw9sQnUnMi_LwAEny_lo6mEFzhxIJhnsFv6_ehrD6uXYiixg8Zqkih-0RXO1XmafswE56x8zEuezhr0yk6v5iPztdR6lwO4os1ojboBHh9yc97ioSjmBI4DE3geLxbDX6nBqYHtDaWN70egWy7rTt35u_NPuEDbbY9BKsM3ZK_ukNpSKmGjqYCUGkr-2Wfj81KVBG7K5D4r-28_DKThGmHgTDx3L2HdMIQ3jdfUKrERB-PStoKAtBeGsyBjk15NJoRbA0-punomGpHYr78iT3-f7cF6yWmaXuBsttheAuyhhlcLR0uarHojjxI4MLUBsujNBvDK1GF48L9ewj7YrvQWvpaAjUU_3RHyinN9H8jzCYtD21JsHc7XYjiN9btk074hZZSY1ByfxBWAwD7Ilq0dOSkHqpWTAOaBohUtBwNuIik_P8jnY_OjP498aSs1VXLxq4d5oxJjLIrdO_pgWVOoSysuzuP9TnRZUHbr13vQKo0-9swpw27Q4u9jAkd7W1vsLL9RWruDbNu9WAstJ-gR8kYB3_wb0nICgpjo83gSy_lFtTG6i5EHKZ3DyfHhyQw0Qc73RL-e-U3JIO-suLDl9mxcZeGVx8a0G_mbdGcoX70-5Y4Boos1IeWZbn1iAW_SprpgKNkYpTLO-uWGpRK0J-el-y0yfoaHe3vzJW0aiOQnFjjW24zz2NNtHj_m_Kz-4-USQfklRiJiFZOSu4szkppiz0APlj950ycztDd0p8k7_Vjo1eFGvfa9SJcSz1O-L-4MIWI-HaGGm1vBNMkHddsT8ItjVnmgUC7yZAgZxwkvegNKId_oiJGfh5bGyNqGA&sai=AMfl-YTy5OoUA0Lg0FIvRQUADh5KQOz5N_JEEeP0JKikmqqJDr_dfx7kbiykNZqNiL6b1ltFWc-r58xBO8kiM0JmRsXB3QtCwgIhyePBOB0fgEXFU2IRlYC_jxjN_X77D8jkGa9qNwh4pefjH2EbXuq403DVoZKP2n3phMBoBRndTIf24rt5nrFHzBFGCzN7LPSQPVi9Zg6BYU5DJtbi1UHX64BWRmvQD0xGVYaU8171hxxxelbRQNPd8Ro8ZYJwgJ1Lhw&sig=Cg0ArKJSzCuQNC8KXHhTEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210415.99137&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZt_UyKMmdeLPhsl_9L_GM38ZrDXl-85Spzje8Cx4Ndi5baae9KcMqMRZQiPtyJnSz2u7eBKQJerDNiAcKJyR1nlbaJpBJ0_xV_J79RsEsAIyKa-OQhaDjgzkJ0PgrXhtYl8uroY-MaFeCEq0B7C_kCYDyvQ&dbm_d=AKAmf-A9xpOl12s8uBSvXNF83vzpBXxRD06uDgbkbs1nBGCzrL6LdYAY1qDOrZTSD2RpJcBkttSFe5nzsU14pH2BOvvZ3OI92EK6qU90rERHbdVoHo8DpmV5YV_um4seL-cdWolFK7bS6d0nCRUKKDTCkRbs0UzzNPjWz0DMbIsQjDeLF82ny8Pwq1rWrDBdTKPyLYImBfr-D2wpp3-4OCWxkcdd9rYuaL_oqHh_L-Du04xkgYzCKnE17KWaddfdnQD3cUe8tXt0x8sfnaqIKVJxSAp3UN_u9F52oWcuxbyiWYbzPcUBKbPTePuORoriM-QEYJ8pyBvRdWujbVK1yafUH4LVA8lWGTt5lfPGSDeZx7Mi585KfFjclKXccyzmBaafIamz2mLEGg90jl_PoBCNv-h_F096l--yq0vOlsARTuwV8uKZFpGqWOg81ru-Q4gjVBoV7JR6Il0lx4s3C_QCOVKXgIRu8O1eeDBCrt7iNlnUmSFIWPm7S4JzTgzLduCJBXmWFodPp_A_XRI-ay0yhc_-MYD8QEiAz_0h0HXiFvU5lwmc4-_5RUDbPXrs2auhMh71ifiXbAe2PInMgPgFBDHtTk3sVo25wb_rX_QLtVKkCWzQwDN0QS4r7scEX3tzPV4VHxMVT-wGOawCLXLOEGc7EBsUyH9qcnT4nEn7F-f456WnClHzYie0aIj45t5DN_DPxNJkdcyJGQv6X02otm1GWhl53jjHDX6p5c78KK--6-WBb9GSxeT9FXz4nLuK7jG92LwKdZvK_IeOR_ntDgshcmqiXBfZdRu5RtWCuX49HYnOA1C-9QmFpedbb75OwY_6R1cO32B2rNaBppSGlxkcezUA_zxkF6YhiB_W01wm_ANbuupvQiPRO-oDsWuo0kl5UzGw2HnxbHYVQSVyzkaxuSzzaI270nLf6aC7lvbNqqLXAfGvBwL6sULR_miS61j77-HsUDoNc435S5X75OsSq9cESjplaZF4ExfpG1Os0nbtO-lPFAPxLNc7gJvDUXfg933WYs9Cjqtpj8wwUyVGvONIEb1Mrs9QQJmj7llQINz7ZPY7ZRHUe7JSzX7XtdzOhbBQu5P2h_kxcLStY8Og2Aa46XqQ9ac2NGEauCIlEMi2l39vT_ewQ3oP8fs-nH4gMc5Jl6uv1ZCastQOJmKcOY96U5lp1rMoo1mtZWigbj7sLwfUa4gCHqtb6wb7ewLpBxDxdD7lczXKhJfPN-ZnFVFjkose1TaWg6g1R7cg5BkS3WMyvID3XJjDqttA9SiIy1TlfUaYvWbLCdVwh4LrYCV1Er3kWm0Io95AU82pR_NPKil0pNtPDAn0WO7mtviWIWgw6snb0oSrdWJZki_QejtviPssbdf2QHssK7lv3-gkgTUALAlj7hs4UKufgRlBDBGD3gb56yQSbsZVNYuhFFTnp5sbdtO1k5b-UnM0O2Tw7LUGunV_kRa_V_xsj7r4dpQ17JVTeAY5CtVHzX569xqtVLL12feKinxgFeflD8PRcTlZcq-7gJRtqW5-gKUfuWsnYv9ooKBh938O2trr4tSCAPL9YIz8GqaiyINvlRbo1mQQx3Z0hbhnE_DtMOpk6Hms5im9nsBSXdL9O8jWbg8QGigcnLz5heTD453Vv0ssz9r-OL8cOyitysISTQvuDeqJbgKNcYv62O5KvXypGYt3IRPROwSrl3UFse0pdkm8hi8YijaKZcEY05p049LJeLve7CXwKXC4QnWsyy0r_2RQDk24c7Ynv2PuSq0FIbM9ctOaZEKRpCc6aurAz6PrRet5R7p2vmTybbOWdkn4HK09CyO6anjCqpKVNSn3ML0uDwJvR5Z7sP_qQyPsLmMwC8CIX2NVnr_j0imWNYJbw7st-Fz89ptLgBkVXk0Fq0dGs0hxNKQGyi32LZdTNEPHTFXYw2Akz7mw9dXER9lUeSAPAjeQCinIt_t0hZPPCbVfR_fEb4JV78yUtRzyWi0AXuh4a8JJGI2jARUUiPs4N48CTjmkZ4_Bvea5s65GinV7nCh38y__AsWE6K_RwRG9vOFo3LM3plkgA0LDGfULF6kcdSq9DyVpEqVO2I6YGi1JuNA7T2Mu-vWf9DUjAzQKc8fQ6D_xOyVaN720CTjDyqdblGsTl32vYWE40ukUUP3JACkVNkEDvtSVnM4Ix5Jcd880TOY-qGtfm1FwzwIPXh0yLLFgVJjKBxFpZ6VzWr7itFlO18Qd2UQqcN5_av9XFGBjK1BgdnKS8HFogEueCmukMnminX0_E9k4lPCSKHu6RqAltAFurgQ6rI3ERaX2SHqvPK5B0qA0s6DlVaVnZ3KxfJWW1_8Nghzk-aRBTQaF_sgkd-N-8oN8mKmULNm0wB6JxmkvJ8feb-AYeko88VQntHjpi59LBRwVSxtyXqJwtYgYDmOvVVXkAJQGOvBodNlgoG9dd8sZNV9FpGsmfaV9THmRAlfhM0WdU_9KdOTjicD_o0V3_MwYta8PFto8CF22TysDHo82jKqf8Mw2TAiGQ3DGQ4Q4D027Qic2v7gLOVIg5R7AoLTSsLK1UT4rpfhqppwctp5UqPky83RUHfvUMg6cLiH-b470t9tOV2qiCzx8iGdIRChNhNOwtevWVtYWVzALdnTWpXJvEBX1mxLWvAnjiFktzbBpE76GtUZcU57jFL7RBFH5VwElGQy0gvy_A9xuIb0qGKYhqOvUh7C_ObH7gFSbW88163UPSfL5Z8tFKyr4eV-Gb-WzlK2S8eprkWVtGCQ4oZQtwO48zqawfvLJcUBYAZfdUfhWSXS-Gi5z_43GUAmj5sTxfuYvs9BSYgZsDgVhcBalGJ--J9-PXqzHJ-ztWrVxmPu7S2OYCGoU3aj-SFyiktBCe29vcmbNpaWQJKjJSfuTJIT_EMWQ9JvxOMOWYSmNSg3diuidrGrW2pfAeDk2a9N-C2hy1vHlptZHm3en4XnhfB4LrBVV59pjibeUfdl0vmPe7BIgn-iLjCTbZ8XartU4_vwlyAy03r-Xy_esQE0heX8uX71N1DjA5a9fVhcFHQ43XsrD8qdR8ZQGTZ2mHp832O6oKHoz8CO5qK-bL9BBVR3W0fuDvnZYt-E8fRVdXSCXR1u1IZNMOkTJwlQOssRecsam-0EVLljIh9IWbLbuLCi3gQivKMqNULy9mcf_x7255w7LHnPDUmogItZQ_fwyu7gIZV80qsoMILl8W2PSsIXkm3GCyDzohCMWDNvjfOJSxAoGFQOg2frIcl-63MJXUz2YEJB-ET26cKMp5h69-CRjIfj8W0j-xRQow9esGKvv3Y-GLVMe3M_MTCNCMf_eXE7ffrhQKBbvwfFRUzc_92eemp8ywpmEeS6xLlQzq0Kaq-HRovHwvQbchL2DrKsJLMri3k2seNKkKTGiNOL8t4Ib8l0tDmpe7iLmsEQTFWZim_vRKrwZlkDD_KNyUBkCiTqNQdFWwXixZ5ZJDjPR0ST-5lK2ATxuNEpdYHqpuSU9MXqdjUg3TNtXnDEiU5aMioPQxsVvKzjyIvhnn2LUbDIA7xZdog&cid=CAASPeRoVK9QKL__LDUcXIlKDFnsnjX17qtD_9Gne-r9DKzxuWeOY0jJe4w64WmfhzKMmhUHdicDp9u-gNK7xtM&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 20 Apr 2021 07:39:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 91E6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZt_UyKMmdeLPhsl_9L_GM38ZrDXl-85Spzje8Cx4Ndi5baae9KcMqMRZQiPtyJnSz2u7eBKQJerDNiAcKJyR1nlbaJpBJ0_xV_J79RsEsAIyKa-OQhaDjgzkJ0PgrXhtYl8uroY-MaFeCEq0B7C_kCYDyvQ&dbm_d=AKAmf-A9xpOl12s8uBSvXNF83vzpBXxRD06uDgbkbs1nBGCzrL6LdYAY1qDOrZTSD2RpJcBkttSFe5nzsU14pH2BOvvZ3OI92EK6qU90rERHbdVoHo8DpmV5YV_um4seL-cdWolFK7bS6d0nCRUKKDTCkRbs0UzzNPjWz0DMbIsQjDeLF82ny8Pwq1rWrDBdTKPyLYImBfr-D2wpp3-4OCWxkcdd9rYuaL_oqHh_L-Du04xkgYzCKnE17KWaddfdnQD3cUe8tXt0x8sfnaqIKVJxSAp3UN_u9F52oWcuxbyiWYbzPcUBKbPTePuORoriM-QEYJ8pyBvRdWujbVK1yafUH4LVA8lWGTt5lfPGSDeZx7Mi585KfFjclKXccyzmBaafIamz2mLEGg90jl_PoBCNv-h_F096l--yq0vOlsARTuwV8uKZFpGqWOg81ru-Q4gjVBoV7JR6Il0lx4s3C_QCOVKXgIRu8O1eeDBCrt7iNlnUmSFIWPm7S4JzTgzLduCJBXmWFodPp_A_XRI-ay0yhc_-MYD8QEiAz_0h0HXiFvU5lwmc4-_5RUDbPXrs2auhMh71ifiXbAe2PInMgPgFBDHtTk3sVo25wb_rX_QLtVKkCWzQwDN0QS4r7scEX3tzPV4VHxMVT-wGOawCLXLOEGc7EBsUyH9qcnT4nEn7F-f456WnClHzYie0aIj45t5DN_DPxNJkdcyJGQv6X02otm1GWhl53jjHDX6p5c78KK--6-WBb9GSxeT9FXz4nLuK7jG92LwKdZvK_IeOR_ntDgshcmqiXBfZdRu5RtWCuX49HYnOA1C-9QmFpedbb75OwY_6R1cO32B2rNaBppSGlxkcezUA_zxkF6YhiB_W01wm_ANbuupvQiPRO-oDsWuo0kl5UzGw2HnxbHYVQSVyzkaxuSzzaI270nLf6aC7lvbNqqLXAfGvBwL6sULR_miS61j77-HsUDoNc435S5X75OsSq9cESjplaZF4ExfpG1Os0nbtO-lPFAPxLNc7gJvDUXfg933WYs9Cjqtpj8wwUyVGvONIEb1Mrs9QQJmj7llQINz7ZPY7ZRHUe7JSzX7XtdzOhbBQu5P2h_kxcLStY8Og2Aa46XqQ9ac2NGEauCIlEMi2l39vT_ewQ3oP8fs-nH4gMc5Jl6uv1ZCastQOJmKcOY96U5lp1rMoo1mtZWigbj7sLwfUa4gCHqtb6wb7ewLpBxDxdD7lczXKhJfPN-ZnFVFjkose1TaWg6g1R7cg5BkS3WMyvID3XJjDqttA9SiIy1TlfUaYvWbLCdVwh4LrYCV1Er3kWm0Io95AU82pR_NPKil0pNtPDAn0WO7mtviWIWgw6snb0oSrdWJZki_QejtviPssbdf2QHssK7lv3-gkgTUALAlj7hs4UKufgRlBDBGD3gb56yQSbsZVNYuhFFTnp5sbdtO1k5b-UnM0O2Tw7LUGunV_kRa_V_xsj7r4dpQ17JVTeAY5CtVHzX569xqtVLL12feKinxgFeflD8PRcTlZcq-7gJRtqW5-gKUfuWsnYv9ooKBh938O2trr4tSCAPL9YIz8GqaiyINvlRbo1mQQx3Z0hbhnE_DtMOpk6Hms5im9nsBSXdL9O8jWbg8QGigcnLz5heTD453Vv0ssz9r-OL8cOyitysISTQvuDeqJbgKNcYv62O5KvXypGYt3IRPROwSrl3UFse0pdkm8hi8YijaKZcEY05p049LJeLve7CXwKXC4QnWsyy0r_2RQDk24c7Ynv2PuSq0FIbM9ctOaZEKRpCc6aurAz6PrRet5R7p2vmTybbOWdkn4HK09CyO6anjCqpKVNSn3ML0uDwJvR5Z7sP_qQyPsLmMwC8CIX2NVnr_j0imWNYJbw7st-Fz89ptLgBkVXk0Fq0dGs0hxNKQGyi32LZdTNEPHTFXYw2Akz7mw9dXER9lUeSAPAjeQCinIt_t0hZPPCbVfR_fEb4JV78yUtRzyWi0AXuh4a8JJGI2jARUUiPs4N48CTjmkZ4_Bvea5s65GinV7nCh38y__AsWE6K_RwRG9vOFo3LM3plkgA0LDGfULF6kcdSq9DyVpEqVO2I6YGi1JuNA7T2Mu-vWf9DUjAzQKc8fQ6D_xOyVaN720CTjDyqdblGsTl32vYWE40ukUUP3JACkVNkEDvtSVnM4Ix5Jcd880TOY-qGtfm1FwzwIPXh0yLLFgVJjKBxFpZ6VzWr7itFlO18Qd2UQqcN5_av9XFGBjK1BgdnKS8HFogEueCmukMnminX0_E9k4lPCSKHu6RqAltAFurgQ6rI3ERaX2SHqvPK5B0qA0s6DlVaVnZ3KxfJWW1_8Nghzk-aRBTQaF_sgkd-N-8oN8mKmULNm0wB6JxmkvJ8feb-AYeko88VQntHjpi59LBRwVSxtyXqJwtYgYDmOvVVXkAJQGOvBodNlgoG9dd8sZNV9FpGsmfaV9THmRAlfhM0WdU_9KdOTjicD_o0V3_MwYta8PFto8CF22TysDHo82jKqf8Mw2TAiGQ3DGQ4Q4D027Qic2v7gLOVIg5R7AoLTSsLK1UT4rpfhqppwctp5UqPky83RUHfvUMg6cLiH-b470t9tOV2qiCzx8iGdIRChNhNOwtevWVtYWVzALdnTWpXJvEBX1mxLWvAnjiFktzbBpE76GtUZcU57jFL7RBFH5VwElGQy0gvy_A9xuIb0qGKYhqOvUh7C_ObH7gFSbW88163UPSfL5Z8tFKyr4eV-Gb-WzlK2S8eprkWVtGCQ4oZQtwO48zqawfvLJcUBYAZfdUfhWSXS-Gi5z_43GUAmj5sTxfuYvs9BSYgZsDgVhcBalGJ--J9-PXqzHJ-ztWrVxmPu7S2OYCGoU3aj-SFyiktBCe29vcmbNpaWQJKjJSfuTJIT_EMWQ9JvxOMOWYSmNSg3diuidrGrW2pfAeDk2a9N-C2hy1vHlptZHm3en4XnhfB4LrBVV59pjibeUfdl0vmPe7BIgn-iLjCTbZ8XartU4_vwlyAy03r-Xy_esQE0heX8uX71N1DjA5a9fVhcFHQ43XsrD8qdR8ZQGTZ2mHp832O6oKHoz8CO5qK-bL9BBVR3W0fuDvnZYt-E8fRVdXSCXR1u1IZNMOkTJwlQOssRecsam-0EVLljIh9IWbLbuLCi3gQivKMqNULy9mcf_x7255w7LHnPDUmogItZQ_fwyu7gIZV80qsoMILl8W2PSsIXkm3GCyDzohCMWDNvjfOJSxAoGFQOg2frIcl-63MJXUz2YEJB-ET26cKMp5h69-CRjIfj8W0j-xRQow9esGKvv3Y-GLVMe3M_MTCNCMf_eXE7ffrhQKBbvwfFRUzc_92eemp8ywpmEeS6xLlQzq0Kaq-HRovHwvQbchL2DrKsJLMri3k2seNKkKTGiNOL8t4Ib8l0tDmpe7iLmsEQTFWZim_vRKrwZlkDD_KNyUBkCiTqNQdFWwXixZ5ZJDjPR0ST-5lK2ATxuNEpdYHqpuSU9MXqdjUg3TNtXnDEiU5aMioPQxsVvKzjyIvhnn2LUbDIA7xZdog&cid=CAASPeRoVK9QKL__LDUcXIlKDFnsnjX17qtD_9Gne-r9DKzxuWeOY0jJe4w64WmfhzKMmhUHdicDp9u-gNK7xtM&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 13:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64420
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 13:45:33 GMT
FW20_DV360_na_wiosenny_deszcz_300x250_20210301.jpg
s0.2mdn.net/9064743/ Frame 91E6 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9064743/FW20_DV360_na_wiosenny_deszcz_300x250_20210301.jpg
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e90e10e1ebdb08c4c9d60da734ff42d91a3dbf7fcfea963e86ca054761817095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 22:41:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 11:35:27 GMT
server
sffe
age
32261
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21222
x-xss-protection
0
expires
Tue, 20 Apr 2021 22:41:32 GMT
truncated
/ Frame 91E6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d4e6314be04243015511ac25390f0fb3314cd8f5ad35e3b568e8818b78fae36

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 91E6 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudH8OJfa17mq4wxyo3c8BGE58wChL0EkDegVAggBUiNMh-N9_CetUZD5dE9zMo2Z68uY-OdGdXDzAiCd2vmrBQjD7KnfZ4if5D7XCBNdK3ExJ2koJdN1GbABQ7QSzM7fDw5Bmg-cU8suRHzAZWdLv4UpppeSm08QjXvn9yHI6u-E90iKLhstcmyrxTZUnEx_ssRPBqR2mBflSZ4mJw58d7KTFUOBSaneiNFhAViu1yIMBoNENutU85sW0CEP0tipw2iCvNL2BRnM_qMlVnLBSYMHxF_-LHvCE_vOwbV_iBFV0qwgDCdHxzhTSt_7jaldrOx0B42z3nRW4NuyejG9fY9k9D25yul-ksqSoYKngs56CwldwOt-GdrZCjI3_WlV-2H4UQg93_-91xudbPc6ObmolDMCZkw9sQnUnMi_LwAEny_lo6mEFzhxIJhnsFv6_ehrD6uXYiixg8Zqkih-0RXO1XmafswE56x8zEuezhr0yk6v5iPztdR6lwO4os1ojboBHh9yc97ioSjmBI4DE3geLxbDX6nBqYHtDaWN70egWy7rTt35u_NPuEDbbY9BKsM3ZK_ukNpSKmGjqYCUGkr-2Wfj81KVBG7K5D4r-28_DKThGmHgTDx3L2HdMIQ3jdfUKrERB-PStoKAtBeGsyBjk15NJoRbA0-punomGpHYr78iT3-f7cF6yWmaXuBsttheAuyhhlcLR0uarHojjxI4MLUBsujNBvDK1GF48L9ewj7YrvQWvpaAjUU_3RHyinN9H8jzCYtD21JsHc7XYjiN9btk074hZZSY1ByfxBWAwD7Ilq0dOSkHqpWTAOaBohUtBwNuIik_P8jnY_OjP498aSs1VXLxq4d5oxJjLIrdO_pgWVOoSysuzuP9TnRZUHbr13vQKo0-9swpw27Q4u9jAkd7W1vsLL9RWruDbNu9WAstJ-gR8kYB3_wb0nICgpjo83gSy_lFtTG6i5EHKZ3DyfHhyQw0Qc73RL-e-U3JIO-suLDl9mxcZeGVx8a0G_mbdGcoX70-5Y4Boos1IeWZbn1iAW_SprpgKNkYpTLO-uWGpRK0J-el-y0yfoaHe3vzJW0aiOQnFjjW24zz2NNtHj_m_Kz-4-USQfklRiJiFZOSu4szkppiz0APlj950ycztDd0p8k7_Vjo1eFGvfa9SJcSz1O-L-4MIWI-HaGGm1vBNMkHddsT8ItjVnmgUC7yZAgZxwkvegNKId_oiJGfh5bGyNqGA&sai=AMfl-YTy5OoUA0Lg0FIvRQUADh5KQOz5N_JEEeP0JKikmqqJDr_dfx7kbiykNZqNiL6b1ltFWc-r58xBO8kiM0JmRsXB3QtCwgIhyePBOB0fgEXFU2IRlYC_jxjN_X77D8jkGa9qNwh4pefjH2EbXuq403DVoZKP2n3phMBoBRndTIf24rt5nrFHzBFGCzN7LPSQPVi9Zg6BYU5DJtbi1UHX64BWRmvQD0xGVYaU8171hxxxelbRQNPd8Ro8ZYJwgJ1Lhw&sig=Cg0ArKJSzCuQNC8KXHhTEAE&urlfix=1&omid=0&rm=1&ctpt=40&vt=11&dtpt=39&dett=2&cstd=0&cisv=r20210415.99137&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZt_UyKMmdeLPhsl_9L_GM38ZrDXl-85Spzje8Cx4Ndi5baae9KcMqMRZQiPtyJnSz2u7eBKQJerDNiAcKJyR1nlbaJpBJ0_xV_J79RsEsAIyKa-OQhaDjgzkJ0PgrXhtYl8uroY-MaFeCEq0B7C_kCYDyvQ&dbm_d=AKAmf-A9xpOl12s8uBSvXNF83vzpBXxRD06uDgbkbs1nBGCzrL6LdYAY1qDOrZTSD2RpJcBkttSFe5nzsU14pH2BOvvZ3OI92EK6qU90rERHbdVoHo8DpmV5YV_um4seL-cdWolFK7bS6d0nCRUKKDTCkRbs0UzzNPjWz0DMbIsQjDeLF82ny8Pwq1rWrDBdTKPyLYImBfr-D2wpp3-4OCWxkcdd9rYuaL_oqHh_L-Du04xkgYzCKnE17KWaddfdnQD3cUe8tXt0x8sfnaqIKVJxSAp3UN_u9F52oWcuxbyiWYbzPcUBKbPTePuORoriM-QEYJ8pyBvRdWujbVK1yafUH4LVA8lWGTt5lfPGSDeZx7Mi585KfFjclKXccyzmBaafIamz2mLEGg90jl_PoBCNv-h_F096l--yq0vOlsARTuwV8uKZFpGqWOg81ru-Q4gjVBoV7JR6Il0lx4s3C_QCOVKXgIRu8O1eeDBCrt7iNlnUmSFIWPm7S4JzTgzLduCJBXmWFodPp_A_XRI-ay0yhc_-MYD8QEiAz_0h0HXiFvU5lwmc4-_5RUDbPXrs2auhMh71ifiXbAe2PInMgPgFBDHtTk3sVo25wb_rX_QLtVKkCWzQwDN0QS4r7scEX3tzPV4VHxMVT-wGOawCLXLOEGc7EBsUyH9qcnT4nEn7F-f456WnClHzYie0aIj45t5DN_DPxNJkdcyJGQv6X02otm1GWhl53jjHDX6p5c78KK--6-WBb9GSxeT9FXz4nLuK7jG92LwKdZvK_IeOR_ntDgshcmqiXBfZdRu5RtWCuX49HYnOA1C-9QmFpedbb75OwY_6R1cO32B2rNaBppSGlxkcezUA_zxkF6YhiB_W01wm_ANbuupvQiPRO-oDsWuo0kl5UzGw2HnxbHYVQSVyzkaxuSzzaI270nLf6aC7lvbNqqLXAfGvBwL6sULR_miS61j77-HsUDoNc435S5X75OsSq9cESjplaZF4ExfpG1Os0nbtO-lPFAPxLNc7gJvDUXfg933WYs9Cjqtpj8wwUyVGvONIEb1Mrs9QQJmj7llQINz7ZPY7ZRHUe7JSzX7XtdzOhbBQu5P2h_kxcLStY8Og2Aa46XqQ9ac2NGEauCIlEMi2l39vT_ewQ3oP8fs-nH4gMc5Jl6uv1ZCastQOJmKcOY96U5lp1rMoo1mtZWigbj7sLwfUa4gCHqtb6wb7ewLpBxDxdD7lczXKhJfPN-ZnFVFjkose1TaWg6g1R7cg5BkS3WMyvID3XJjDqttA9SiIy1TlfUaYvWbLCdVwh4LrYCV1Er3kWm0Io95AU82pR_NPKil0pNtPDAn0WO7mtviWIWgw6snb0oSrdWJZki_QejtviPssbdf2QHssK7lv3-gkgTUALAlj7hs4UKufgRlBDBGD3gb56yQSbsZVNYuhFFTnp5sbdtO1k5b-UnM0O2Tw7LUGunV_kRa_V_xsj7r4dpQ17JVTeAY5CtVHzX569xqtVLL12feKinxgFeflD8PRcTlZcq-7gJRtqW5-gKUfuWsnYv9ooKBh938O2trr4tSCAPL9YIz8GqaiyINvlRbo1mQQx3Z0hbhnE_DtMOpk6Hms5im9nsBSXdL9O8jWbg8QGigcnLz5heTD453Vv0ssz9r-OL8cOyitysISTQvuDeqJbgKNcYv62O5KvXypGYt3IRPROwSrl3UFse0pdkm8hi8YijaKZcEY05p049LJeLve7CXwKXC4QnWsyy0r_2RQDk24c7Ynv2PuSq0FIbM9ctOaZEKRpCc6aurAz6PrRet5R7p2vmTybbOWdkn4HK09CyO6anjCqpKVNSn3ML0uDwJvR5Z7sP_qQyPsLmMwC8CIX2NVnr_j0imWNYJbw7st-Fz89ptLgBkVXk0Fq0dGs0hxNKQGyi32LZdTNEPHTFXYw2Akz7mw9dXER9lUeSAPAjeQCinIt_t0hZPPCbVfR_fEb4JV78yUtRzyWi0AXuh4a8JJGI2jARUUiPs4N48CTjmkZ4_Bvea5s65GinV7nCh38y__AsWE6K_RwRG9vOFo3LM3plkgA0LDGfULF6kcdSq9DyVpEqVO2I6YGi1JuNA7T2Mu-vWf9DUjAzQKc8fQ6D_xOyVaN720CTjDyqdblGsTl32vYWE40ukUUP3JACkVNkEDvtSVnM4Ix5Jcd880TOY-qGtfm1FwzwIPXh0yLLFgVJjKBxFpZ6VzWr7itFlO18Qd2UQqcN5_av9XFGBjK1BgdnKS8HFogEueCmukMnminX0_E9k4lPCSKHu6RqAltAFurgQ6rI3ERaX2SHqvPK5B0qA0s6DlVaVnZ3KxfJWW1_8Nghzk-aRBTQaF_sgkd-N-8oN8mKmULNm0wB6JxmkvJ8feb-AYeko88VQntHjpi59LBRwVSxtyXqJwtYgYDmOvVVXkAJQGOvBodNlgoG9dd8sZNV9FpGsmfaV9THmRAlfhM0WdU_9KdOTjicD_o0V3_MwYta8PFto8CF22TysDHo82jKqf8Mw2TAiGQ3DGQ4Q4D027Qic2v7gLOVIg5R7AoLTSsLK1UT4rpfhqppwctp5UqPky83RUHfvUMg6cLiH-b470t9tOV2qiCzx8iGdIRChNhNOwtevWVtYWVzALdnTWpXJvEBX1mxLWvAnjiFktzbBpE76GtUZcU57jFL7RBFH5VwElGQy0gvy_A9xuIb0qGKYhqOvUh7C_ObH7gFSbW88163UPSfL5Z8tFKyr4eV-Gb-WzlK2S8eprkWVtGCQ4oZQtwO48zqawfvLJcUBYAZfdUfhWSXS-Gi5z_43GUAmj5sTxfuYvs9BSYgZsDgVhcBalGJ--J9-PXqzHJ-ztWrVxmPu7S2OYCGoU3aj-SFyiktBCe29vcmbNpaWQJKjJSfuTJIT_EMWQ9JvxOMOWYSmNSg3diuidrGrW2pfAeDk2a9N-C2hy1vHlptZHm3en4XnhfB4LrBVV59pjibeUfdl0vmPe7BIgn-iLjCTbZ8XartU4_vwlyAy03r-Xy_esQE0heX8uX71N1DjA5a9fVhcFHQ43XsrD8qdR8ZQGTZ2mHp832O6oKHoz8CO5qK-bL9BBVR3W0fuDvnZYt-E8fRVdXSCXR1u1IZNMOkTJwlQOssRecsam-0EVLljIh9IWbLbuLCi3gQivKMqNULy9mcf_x7255w7LHnPDUmogItZQ_fwyu7gIZV80qsoMILl8W2PSsIXkm3GCyDzohCMWDNvjfOJSxAoGFQOg2frIcl-63MJXUz2YEJB-ET26cKMp5h69-CRjIfj8W0j-xRQow9esGKvv3Y-GLVMe3M_MTCNCMf_eXE7ffrhQKBbvwfFRUzc_92eemp8ywpmEeS6xLlQzq0Kaq-HRovHwvQbchL2DrKsJLMri3k2seNKkKTGiNOL8t4Ib8l0tDmpe7iLmsEQTFWZim_vRKrwZlkDD_KNyUBkCiTqNQdFWwXixZ5ZJDjPR0ST-5lK2ATxuNEpdYHqpuSU9MXqdjUg3TNtXnDEiU5aMioPQxsVvKzjyIvhnn2LUbDIA7xZdog&cid=CAASPeRoVK9QKL__LDUcXIlKDFnsnjX17qtD_9Gne-r9DKzxuWeOY0jJe4w64WmfhzKMmhUHdicDp9u-gNK7xtM&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 20 Apr 2021 07:39:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C5F6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 19 Apr 2021 19:27:31 GMT
expires
Tue, 19 Apr 2022 19:27:31 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
43902
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame C5F6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 10:13:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
77162
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Tue, 19 Apr 2022 10:13:11 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C0E3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWgVpI1B0ilY1ZkiBKHrewLMd6xIY-89ShxCXTYcl3hn_XSAznDb95IBvJb744A9MOmpl4IsEIDlUcGz3CpxFbznwkDp4Kpk8CTx91xpPhfRmOQ2u406PVjf5IvA&sai=AMfl-YTeZIRds3a8DpxuU9EWyAmknuDXr6mt4MUODHkIlOhrnx-IM6KiPGhw_odaF_PVV4whfb6dMsYbHRcNhGnzAu2LwaWZJ2VrOpK4gQ0uyDh6To9NVupUm08_BxkJSC4&sig=Cg0ArKJSzELzupuUCDIKEAE&cid=CAASPeRoXhKj77OO1irJt1BDSFUMUTRxR9tr-EmjkoHFyTFVVb1XpkWBUfNBMoo9sSRWmkOsEcuL1_g7zp_SVPA&id=lidar2&mcvt=1008&p=456,995,601,1295&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2005426448&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618904351900&dlt=16&rpt=246&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D5DF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkKJ-0ZJwgrZktAx_yDB2tEOoqPyyI4AYcK_jmjv-GPh_L147YO9mQsrdwpAb393FWqy_DkQi4-sySDsqI_A0whOKM_h0uoJ0YaNDxLxlPi83TYQQOP81bAhfnrA&sai=AMfl-YQTlf3th6V2pB-ZcyMqzra16jY2_IzH1gRI8wQuxXcGXhyXLQfLfateq7akdWQQR0DtRc3eB3x3kUWJzDdrTpryFb1vFBPR3SFGxafGfOzyO2Q7lvGwdYN60HYSNvo&sig=Cg0ArKJSzFH_wHF2x5oeEAE&cid=CAASPeRozOMSWR1ABV2kqboCVjZRwhFWMrn6-MloR_6__VWKMtvcONGuEtIVCxxEvetf8-RN0yQ46b310-riJk8&id=lidar2&mcvt=1003&p=89,130,693,290&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=1069264500&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618904351868&dlt=20&rpt=412&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C5F6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxxJuIYV-YNDuA4WlrAS0lKrgCAAAAAA4AeAEAg&bg=!-Pul-7_NAAZUuIlwVLg7ACkAdvg8WgHD9Y8_b223KAgywajN7f0ZZP5O-1ygGHD-fYZa8pyknEcPrwIAAABrUgAAAA5oAQcKAKUeo_OQTux8X-bXGUvPXW1GZ12N-4p4wOgeOyBvH06tjViW32TJqyLofYMXT_ezGCi_i1W2RkybFqJUevJoInaqM_4GVZy4gz3QmskKWoygwMdUnCnDySJ2RbB0AHMXA2VnmR05nn7k30GucfUTKEs0xGhBY8PiexsCIl85ax5duaMrgaII6gUHlrkr1rYyiV2_Ivvk2Ntyqr4kTb5-lwsPe_HiKKCZAmpqmeCBFfdL6X-FtoQgqFofm0ko0ioo_Q8_lelk3eD2TErSA_CgiOLjy0CbYzNTNlkNruuG_sPFK0OO6qlfjCHzyoEGRgKgEMk9Jgr9GcEBoatoDuYXVm-xx3LsXE1UllUX-xPUYa_pDd5YtXpp4QlPrAPw9GZs4uyXY1nPq3uKZfxBTSfrg5huC0cLpAJQfpOsSduCb-X1goIwHrVh9jlUU6Xs818nen1CA4Z7NoVHg_YJpGIuwCfYETSttqkHOdFR1_9uT-1yT72WI5GHKXiYH7o-S5nA6L7tOzX5kSV9O7SJpcUvS1RqfL5JjV_B8afjj_Bnm0GR7r7EvfYNt_pLEc0blSd4LNU8kS0_77n9oRGTt5RyZsf2wyuO0YtKB-92ur8mXV91HqcV8T2OPzdeyl3JcOMEosVbUGR0Wbb7-f7kvZ7PKubTfYcLnnaeewUo5mA_qHBnK-ardtPBF87e8M2ui5pzYcsXbMHzBjvMBDlppoURmTVSJ_tr-SjvGeUG1S9YSehdzsPmAG1GdgyYUg1KGfO8mwtW9CxHe1FL9uaAwH-G06AMN9S4hr2hY-2VWDnx9HxvdoapEtZM46wuZZ7XlgFTeXl1XG14RyTQdAs66_2TZlNPZ3M_14GIraBgkskQ1f0LxcOv_Om-Nenqpo3wnhMrJqNyCLs6o8OHbhFqcMpzlbdWUrfbha9_qUersffQahXWChdg4RGIeypKv9YWhlfToxEAVST9CXgjrh26z5vFeHg5KHTEC3fsDN4_W4vWvpbmsyBA_0mfr0AO-AxFgCYRSTFPZ-XWxnKOMm59XJWEpLP3G5Q
Requested by
Host: e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
URL: https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame AA85
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=ab4d41e01763ed95ac8b540...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=bf3a607e-8521-4e00-95c4-3c7695032d88&gdpr=0&gdpr_consent=
49 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=bf3a607e-8521-4e00-95c4-3c7695032d88&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:13 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Tue, 20 Apr 2021 07:40:43 GMT
Server
MT3 3660 495c301 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=bf3a607e-8521-4e00-95c4-3c7695032d88&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Apr 2021 07:40:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6355 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUdjdPvUsbqXJlo3XWzQulN7woXfGewqeOBiwGtsv3K-lE8nlXxbNGwtAwG7cigKvwBIGujULD-P1qJUICLWKxVwASAECKjU66naTok7H7LuHFByRm16d6KVLXHA&sai=AMfl-YQ1b7kbhWqsebnMWy3s37z_vNtbqBRA4I74VRBSavu1oae1XoyiKEyaMbJzw1HyEW-1889zDDujYhG--m2TcV3B2BQPSd_w2bfmCThs69YJ29VSYEJr0lGfksORl5SL&sig=Cg0ArKJSzCiL-0uq972EEAE&cid=CAASPeRohzlotUWXJ8Txw6DnpcuLXppU3Mdwm1Duo2WM3ysSyzHZTwOeml2GxDHkf7zKuESf9Wj0YeeE6GVp3nE&id=lidar2&mcvt=1001&p=196,995,446,1295&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=583682291&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618904351974&dlt=18&rpt=2&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/ Frame AA85
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002ca31894673%2F1618904352401%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://adscale-emea.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fih.adscale.de%252Fsium%252F40dbe81991e34736a23002ca31894673%252F1618904352401%252F0%252Fimg%253Ftpid%253D75%2526tpuid%253D%2524...
  • https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/img?tpid=75&tpuid=5911564705932407096&gdpr=0
49 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/img?tpid=75&tpuid=5911564705932407096&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:16 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:16 GMT
X-Proxy-Origin
217.138.199.20; 217.138.199.20; 831.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.29:80
AN-X-Request-Uuid
2ad2e594-c855-4376-9b05-ca579390f162
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/img?tpid=75&tpuid=5911564705932407096&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 203C 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aab475e61325aa8b10d5fc1127dc89c6562731d9a0dbd32db36b85a5e792ced5

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Apr 2021 20:37:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37082
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9236
Expires
Tue, 20 Apr 2021 17:57:15 GMT
khaos.jpg
token.rubiconproject.com/ Frame 203C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
v2_300016_4947.json
player.adtelligent.com/prebidlink/2698173/ 		27 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/2698173/v2_300016_4947.json?cb=www.ukr.net
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/449695/wrapper_hb_300016_4947.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
eaf5b6c9d06af1ad833f23798f7ffc9468dfef28bfaefbe1dea90ced8af684e6

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:13 GMT
content-encoding
gzip
last-modified
Sun, 18 Apr 2021 22:52:48 GMT
server
nginx
etag
W/"607cb840-6c1b"
content-type
application/json
access-control-allow-origin
https://www.ukr.net
expires
Tue, 20 Apr 2021 08:39:13 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame AA85
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=578fff8c86bcc62d758fdf106...
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=578fff8c86bcc62d758fdf106...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YH6FIwgKrevDeIf.FSrosAAA%261185&gdpr=0
49 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YH6FIwgKrevDeIf.FSrosAAA%261185&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YH6FIwgKrevDeIf.FSrosAAA%261185&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Tue, 20 Apr 2021 07:39:15 GMT
img
ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/ Frame AA85
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=804768c12a69954a8f062e99e7df886184a8111aa8961538260de9afbdb88ce0&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a23002...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=804768c12a69954a8f062e99e7df886184a8111aa8961538260de9afbdb88ce0&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e34736a...
  • https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/img?tpid=42&gdpr=0&tpuid=4705802686020999872
49 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/img?tpid=42&gdpr=0&tpuid=4705802686020999872
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:15 GMT
server
nginx
location
https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/img?tpid=42&gdpr=0&tpuid=4705802686020999872
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame AA85
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=051676c8-ab30-4936-a172-25325eb8df3f
49 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=051676c8-ab30-4936-a172-25325eb8df3f
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:16 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
x-errorlevel
0
date
Tue, 20 Apr 2021 07:39:16 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=051676c8-ab30-4936-a172-25325eb8df3f
cache-control
no-cache
server-processing-duration-in-ticks
2104
content-type
text/html; charset=utf-8
content-length
237
expires
Tue, 20 Apr 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame AA85
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=0aedbff72b16bc05ffba5de4...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=bf3a607e-8521-4e00-95c4-3c7695032d88&gdpr=0&gdpr_consent=
49 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=bf3a607e-8521-4e00-95c4-3c7695032d88&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:16 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Tue, 20 Apr 2021 07:40:46 GMT
Server
MT3 3660 495c301 master cdg-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=bf3a607e-8521-4e00-95c4-3c7695032d88&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Apr 2021 07:40:45 GMT
js
ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/ Frame AA85
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=50f837a9c13e0a845032ed82c2504d3c7d3d645f308e17b2076486ae15c754a3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e347...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=50f837a9c13e0a845032ed82c2504d3c7d3d645f308e17b2076486ae15c754a3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F40dbe81991e347...
  • https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/js?tpid=48&tpuid=53b1cc8ed42ae31f23edde5d20585d37
44 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/js?tpid=48&tpuid=53b1cc8ed42ae31f23edde5d20585d37
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bc1a449c86c27cfd1fe5fe32a7d823b43e6bc82cbf9f4d49089eeb76e9123d6f

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:16 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Location
https://ih.adscale.de/sium/40dbe81991e34736a23002ca31894673/1618904352401/0/js?tpid=48&tpuid=53b1cc8ed42ae31f23edde5d20585d37
Date
Tue, 20 Apr 2021 07:39:16 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
147
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sium
ih.adscale.de/ Frame AA85 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.148.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Tue, 20 Apr 2021 07:39:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2CDF 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=109062
Expires
Wed, 21 Apr 2021 13:57:00 GMT
Date
Tue, 20 Apr 2021 07:39:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame B470 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4bdde01f762de4a5%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4bdde01f762de4a5%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4bdde01f762de4a5%26uid%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=109062
Expires
Wed, 21 Apr 2021 13:57:00 GMT
Date
Tue, 20 Apr 2021 07:39:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 2CDF 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=21091773&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:17 GMT
Content-Length
0
Cookie set usermatch
ssum.casalemedia.com/ Frame D6E3
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3892fd791f199135f4db92167a3c4aae12bf5fe098c19fcacbd3cb35367d184b

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YH6FJwP5ZWSiGGVT..gSCwAA; CMPS=5162
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|230|241|4|130|8|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1709
Expires
Tue, 20 Apr 2021 07:39:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YH6FJwP5ZWSiGGVT..gSCwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Apr 2022 07:39:19 GMT CMPS=5162;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Jul 2021 07:39:19 GMT CMPRO=1172;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Jul 2021 07:39:19 GMT CMRUM3=04607e852705a0&e6607e852727600&2d607e852705a0&58607e852705a0&27607e85270b40&f1607e852705a0&08607e852705a00&82607e8527a8c0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Apr 2022 07:39:19 GMT CMST=YH6FJ2B+hScA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 21 Apr 2021 07:39:19 GMT

Redirect headers

Server
Apache
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 20 Apr 2021 07:39:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YH6FJwP5ZWSiGGVT..gSCwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Apr 2022 07:39:19 GMT CMPS=5162;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Jul 2021 07:39:19 GMT
/
spl.zeotap.com/ Frame 77ED 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d50b07896e45830a339157df633101bd1362f1880b5148025f90e16b6836993

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
content-type
text/html
set-cookie
__cfduid=dc6f6648fb9530f0d3073bb5781cbd8df1618904359; expires=Thu, 20-May-21 07:39:19 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=2df405c3-f702-46d2-73b4-c52a2aceadbe; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%29%CB-%BF%CA%AB%5E%19%91%2C%CF%9B%40%E9l%F2c%ADkG%CF%9C%19%93%80%17%10%C2%06%C9%15%CC%606%E7%9D-%5DWF%EF%04n%2C%A7A%E4%F2%89%C5L%95%E0%3F0%DFhHV9c%18%11%D4x%E5%01%D4%FB%84%F2%93%AD%9D%3A%B2%836%D7%3AH7%83%88%2F%F1%ED%5E%F8m%E8%7C%08%8B%EE%D3%DB%9E%EE%8B%F99%DF5%2A%5C%C3p%B8%D1%84%3D%24%A2%84%19%120i%CA%04%9FG%EB%03M%3C%FBu%97%9E%E3%F0%B0%60%B4%89%F0Z%D7%23%2A%99%8E%98%1C6%DAb%E0ZZ%FDF%80%C6%98%F8%16%C1d%86Y%F4%D18%B2; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
098fd1393600000eb365bc9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
642cb7d529b90eb3-FRA
content-encoding
br
getuid
ib.adnxs.com/ Frame 77ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEP67Es3tOrvjR62eORTcUPY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff...
95 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEP67Es3tOrvjR62eORTcUPY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7d63b3a0eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd139e200000eb3598c1000000001

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEP67Es3tOrvjR62eORTcUPY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=8425c741-a1ab-11eb-ab5a-faa977835cd4&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=8425c741-a1ab-11eb-ab5a-faa977835cd4&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7d64b560eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd139ed00000eb35f381000000001

Redirect headers

date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=8425c741-a1ab-11eb-ab5a-faa977835cd4&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 77ED 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:19 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6...
  • https://mwzeom.zeotap.com/mw?cid=ec878adb-d896-441e-8fcd-96a94924c5d6&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ec878adb-d896-441e-8fcd-96a94924c5d6&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7d63b370eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd139e100000eb35718c000000001

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=ec878adb-d896-441e-8fcd-96a94924c5d6&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 77ED 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
68
date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 varnish
server
nginx
x-timer
S1618904359.355309,VS0,VE68
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11572-HHN
u
dmp.v.fwmrm.net/ad/ Frame 77ED 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.57.158.51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:19 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 77ED 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:19 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=322d6aab-a379-4cbf-8612-9fab01a695e3&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=322d6aab-a379-4cbf-8612-9fab01a695e3&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7d6dc260eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd13a4800000eb33e0ad000000001

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:19 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=322d6aab-a379-4cbf-8612-9fab01a695e3&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2df405c3-f702-46d2-73b4-c52a2aceadbe&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2df405c3-f702-46d2-73b4-c52a2aceadbe&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=53381495512425623741221716835790322106&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=53381495512425623741221716835790322106&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7d72cb70eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd13a7a00000eb3f5120000000001

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ERXUQWsnSkg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=53381495512425623741221716835790322106&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
loadeu.exelator.com/load/ Frame 77ED 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=2df405c3-f702-46d2-73b4-c52a2aceadbe&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021042009-25207-0.174453001618904357-36eb390a06a067dcc58bc0cff6308e91&zdid=533&env=mWeb
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021042009-25207-0.174453001618904357-36eb390a06a067dcc58bc0cff6308e91&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7d6fc6c0eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd13a5e00000eb3ef11a000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021042009-25207-0.174453001618904357-36eb390a06a067dcc58bc0cff6308e91&zdid=533&env=mWeb
Date
Tue, 20 Apr 2021 07:39:17 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6953141277267458190&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6953141277267458190&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7d6bbf20eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd13a3300000eb305a79000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6953141277267458190&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Date
Tue, 20 Apr 2021 07:39:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 77ED 		95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=2df405c3-f702-46d2-73b4-c52a2aceadbe
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2df405c3-f702-46d2-73b4-c52a2aceadbe&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2df405c3-f702-46d2-73b4-c52a2aceadbe&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=xFJDW9cHVZhWsietqHWP4O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-48...
95 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=xFJDW9cHVZhWsietqHWP4O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7ddaf0a0eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd13e8b00000eb308a59000000001

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:20 GMT
via
1.1 google
last-modified
Tue, 20 Apr 2021 07:39:20 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=xFJDW9cHVZhWsietqHWP4O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 77ED 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=2df405c3-f702-46d2-73b4-c52a2aceadbe&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.101 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:20 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=2df405c3-f702-46d2-73b4-c52a2aceadbe?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=2df405c3-f702-46d2-73b4-c52a2aceadbe?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=5cdc284a7c53f72e7e1732adae3d7925&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=5cdc284a7c53f72e7e1732adae3d7925&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7d7cd730eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd13adb00000eb32d234000000001

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:19 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=5cdc284a7c53f72e7e1732adae3d7925&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
cache-control
no-cache
x-server
10.45.5.69
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-ftgy3adE2oppTAFslxX.Z4Juyq87FL2vHg--~A&zpartnerid=570&env=mWeb
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-ftgy3adE2oppTAFslxX.Z4Juyq87FL2vHg--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7ddef6c0eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd13eb100000eb31c25c000000001

Redirect headers

date
Tue, 20 Apr 2021 07:39:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-ftgy3adE2oppTAFslxX.Z4Juyq87FL2vHg--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=YtLEkm4VeI6DCZKFmQEbfuX6BzcgCYSp%2BS41iYitP1U%3D
95 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=YtLEkm4VeI6DCZKFmQEbfuX6BzcgCYSp%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7dd6eaf0eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd13e5c00000eb344a30000000001

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:20 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=YtLEkm4VeI6DCZKFmQEbfuX6BzcgCYSp%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 77ED 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=2df405c3-f702-46d2-73b4-c52a2aceadbe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:20 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 77ED 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.18.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-18-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1618904359
x-served-by
beacon-n018-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 77ED 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=2df405c3-f702-46d2-73b4-c52a2aceadbe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YH6FJwAASSZGXQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YH6FJwAASSZGXQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7d7cd850eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd13ae100000eb3e88e4000000001

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1618904360.540988,VS0,VE92
x-served-by
cache-hhn4036-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YH6FJwAASSZGXQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=6af9607e-8528-4e00-b509-0e375f8a9fc0&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1...
95 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6af9607e-8528-4e00-b509-0e375f8a9fc0&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7dc8d3f0eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd13dd400000eb3f80eb000000001

Redirect headers

Date
Tue, 20 Apr 2021 07:39:20 GMT
Server
MT3 3660 495c301 master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=6af9607e-8528-4e00-b509-0e375f8a9fc0&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Tue, 20 Apr 2021 07:38:48 GMT
usermatch.gif
beacon.krxd.net/ Frame 77ED
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dc...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.18.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-18-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:22 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1618904362
x-served-by
beacon-n021-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
date
Tue, 20 Apr 2021 07:39:22 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a005-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 77ED
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2df405c3-f702-46d2-73b4-c52a2aceadbe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2df405c3-f702-46d2-73b4-c52a2aceadbe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2df405c3-f702-46d2-73b4-c52a2aceadbe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:20 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:20 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2df405c3-f702-46d2-73b4-c52a2aceadbe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 77ED
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=2df405c3-f702-46d2-73b4-c52a2aceadbe&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
642cb7d8ff6d0eb3-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fd13b9f00000eb36c1b1000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Tue, 20 Apr 2021 07:39:19 GMT
Connection
keep-alive
Content-Length
0
BK-Server
9f0f
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 77ED 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2df405c3-f702-46d2-73b4-c52a2aceadbe%26reqId%3D6376ff1b-5e9c-4845-5a11-47f081dcddb7%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.98.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:21 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 77ED 		557 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad8fc5d94326e9c388b2ad0999dd56c89f3942bd4d20ad8a495cc7e347aaa60

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
642cb7d57a260eb3-FRA
date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
098fd1396c00000eb35427b000000001
crum
dsum-sec.casalemedia.com/ Frame D6E3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YH6FJwP5ZWSiGGVT..gSCwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECU8XCUWt7Xh0Z-3fuckX0w&google_cver=1&google_hm=2
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECU8XCUWt7Xh0Z-3fuckX0w&google_cver=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 20 Apr 2021 07:39:19 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECU8XCUWt7Xh0Z-3fuckX0w&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame D6E3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YH6FJwP5ZWSiGGVT..gSCwAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.54.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-54-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame D6E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEPUewfiqcUNuEyM1D_CbHEc&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEPUewfiqcUNuEyM1D_CbHEc&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 20 Apr 2021 07:39:20 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEPUewfiqcUNuEyM1D_CbHEc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame D6E3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:19 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:19 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D6E3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2597334486314776682
43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2597334486314776682
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 20 Apr 2021 07:39:19 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2597334486314776682
pragma
no-cache
date
Tue, 20 Apr 2021 07:39:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame D6E3 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.202.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:19 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D6E3
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7d70433b-5ad3-4bff-b7ce-f9c99b7842f2&expiration=1650440359
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7d70433b-5ad3-4bff-b7ce-f9c99b7842f2&expiration=1650440359
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 20 Apr 2021 07:39:19 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7d70433b-5ad3-4bff-b7ce-f9c99b7842f2&expiration=1650440359
date
Tue, 20 Apr 2021 07:39:19 GMT
server
Kestrel
content-length
0
rum
dsum-sec.casalemedia.com/ Frame D6E3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YH6FJwAASSZGXQAC
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YH6FJwAASSZGXQAC&gdpr=1&_test=YH6FJwAASSZGXQAC
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YH6FJwAASSZGXQAC&gdpr=1&_test=YH6FJwAASSZGXQAC
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 20 Apr 2021 07:39:19 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:19 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618904360.501244,VS0,VE0
x-served-by
cache-hhn4036-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YH6FJwAASSZGXQAC&gdpr=1&_test=YH6FJwAASSZGXQAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
um
u-ams02.e-planning.net/ Frame D6E3 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=4bdde01f762de4a5&uid=YH6FJwP5ZWSiGGVT..gSCwAA%261172
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4bdde01f762de4a5%26uid%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
server
openresty
content-type
image/gif
cmp
spl.zeotap.com/ Frame 77ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2df405c3-f702-46d2-73b4-c52a2aceadbe&reqId=6376ff1b-5e9c-4845-5a11-47f081dcddb7&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=2df405c3-f702-46d2-73b4-c52a2aceadbe; zsc=%29%CB-%BF%CA%AB%5E%19%91%2C%CF%9B%40%E9l%F2c%ADkG%CF%9C%19%93%80%17%10%C2%06%C9%15%CC%606%E7%9D-%5DWF%EF%04n%2C%A7A%E4%F2%89%C5L%95%E0%3F0%DFhHV9c%18%11%D4x%E5%01%D4%FB%84%F2%93%AD%9D%3A%B2%836%D7%3AH7%83%88%2F%F1%ED%5E%F8m%E8%7C%08%8B%EE%D3%DB%9E%EE%8B%F99%DF5%2A%5C%C3p%B8%D1%84%3D%24%A2%84%19%120i%CA%04%9FG%EB%03M%3C%FBu%97%9E%E3%F0%B0%60%B4%89%F0Z%D7%23%2A%99%8E%98%1C6%DAb%E0ZZ%FDF%80%C6%98%F8%16%C1d%86Y%F4%D18%B2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
set-cookie
__cfduid=d20c050aaae6ca95ed3d625dcc509e1b81618904359; expires=Thu, 20-May-21 07:39:19 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
098fd1398c00000eb35c865000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
642cb7d5aa780eb3-FRA
cc.js
tags.crwdcntrl.net/c/15238/ Frame 25E5 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-111.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:25:43 GMT
via
1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
4417
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age: 86400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
38402
x-amz-cf-id
1uuziadkuc2ZkED7mjhoAWoVE754fw99hmKuy94jSG88lXh9ZeAv-w==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 2689 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Tue, 20 Apr 2021 07:39:19 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sun, 19 Apr 2026 07:39:19 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame B607 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb00f4e118dfd733c445aadbf7b58536e6ff1b68b46f01c8bf6d7dd21b2c1436

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
content-type
text/html
set-cookie
__cfduid=d2983e07f3a755d845f071b5f1b4a6f861618904359; expires=Thu, 20-May-21 07:39:19 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=5bb83ae0-f2f6-4cf6-b1ee-0fa7b8501404; expires=Mon, 10 May 2021 07:39:19 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
098fd13a990000535d3e972000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZNc0bJr4h0Tza19qIT%2FRxvp6ho%2F3AHV7YkjWT4yO6LfVj%2BaHlLTJvyv%2FCoRcB1HpeN%2FLX9MtplyfKf9T3wcv0Kk4m2uTUpwzYQBumfq5NkQfTIZVXg%2BQobYqENisCok%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
642cb7d75dce535d-FRA
content-encoding
br
Cookie set csync
sync.console.adtarget.com.tr/ Frame 063D 		86 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AHHfMKD0aH-u5UCe
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=4c45121115b852ee; a306709=av-c9dd754e-2b4f-476d-9184-75d813de11b1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Tue, 20 Apr 2021 07:39:18 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=4c45121115b852ee; expires=Mon, 21 Jun 2021 07:39:19 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307442=AHHfMKD0aH-u5UCe; expires=Mon, 21 Jun 2021 07:39:19 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
GS.d
js.cookieless-data.com/ Frame 2689 		0
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1618904359599
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.113 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:21 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame B607
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4123763812902736587
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4123763812902736587
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:20 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y9kYZpqSkVwmYx8MTvB2udJP9xZsb0v6E3%2BxxBQWm9qUWEfxgN2wHyLztyALZf92E0sw%2Bq1EV14bI3JzgYe1aWpnvEjOvHBDOebaMvk1gS78zCV4ijUqezJyOugKVck%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
642cb7d99a78535d-FRA
content-length
43
cf-request-id
098fd13bff0000535d232ec000000001

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:19 GMT
X-Proxy-Origin
217.138.199.20; 217.138.199.20; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.166:80
AN-X-Request-Uuid
47357220-4398-438a-bd8e-05f24922d4cb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4123763812902736587
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame B607
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4334516455023208741
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4334516455023208741
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:20 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s%2FVhp9e6dKXuzvZuzayKWzzN63w47OzoxQV5w20lyqZIUd%2BAj8CIZxu5wIdvrJdRMNH0eTRf0T7VQwJdUCs%2BDBhUk7XUSfBXxDFjFnVnDJVie3UgWskIVzmAaNTHR68%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
642cb7d9daf7535d-FRA
content-length
43
cf-request-id
098fd13c220000535d4a3bf000000001

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:19 GMT
X-Proxy-Origin
217.138.199.20; 217.138.199.20; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.109:80
AN-X-Request-Uuid
59bcc004-460d-494b-8f4d-e934cac68a8f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4334516455023208741
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame B607
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DOCA7RlE2uG7Gl9eTNFp8nxBr1ZMDs56zfqeBd8-~A
43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DOCA7RlE2uG7Gl9eTNFp8nxBr1ZMDs56zfqeBd8-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TahWLdVKPTTTjevrAscrtRE7PoeKIhiiJPUva7UHmxqLuhPb8BgyVY4KSbTU6HJs9AGpv0jV1lFjsBncQ7kJn5CY0UKft8J4ukPVnpakkBqGQTskba56hcCkd7k6e2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
642cb7d89878535d-FRA
content-length
43
cf-request-id
098fd13b610000535d472c6000000001

Redirect headers

Date
Tue, 20 Apr 2021 07:39:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DOCA7RlE2uG7Gl9eTNFp8nxBr1ZMDs56zfqeBd8-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame B607
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=84186159-b400-516e-a89d-e57fc8e36058
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=84186159-b400-516e-a89d-e57fc8e36058
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:20 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9nYWPSKQtWuLvbQ9Wm9q65K1Hw6826Tyhc6d4K42MSdyBSU26GlgC%2BpKvgcS83ptJA1Nkihh7arlM33do5DJmujB5Wcn8uwDexI6EHSdfmfub01QhbHb1AEuMs%2FX%2Fhw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
642cb7d949bf535d-FRA
content-length
43
cf-request-id
098fd13bc90000535d0114f000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=84186159-b400-516e-a89d-e57fc8e36058
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
um
sync.e-planning.net/ Frame B607 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=5bb83ae0-f2f6-4cf6-b1ee-0fa7b8501404
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:19 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 0A4A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e1cf01326e3e13fe65bff588e942b208bd803bbbfcf7ad5932e1e62f13779c0

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YH6FJwP5ZWSiGGVT..gSCwAA; CMPS=5162; CMPRO=1172; CMST=YH6FJ2B+hScA; CMRUM3=04607e852727602597334486314776682&2d607e852705a0&e6607e852727600&27607e85270b40&58607e852705a0&f1607e852705a0&82607e8527a8c0&08607e852705a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|3|206|195|81|57|111
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1589
Expires
Tue, 20 Apr 2021 07:39:20 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:20 GMT
Connection
keep-alive
Set-Cookie
CMID=YH6FJwP5ZWSiGGVT..gSCwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Apr 2022 07:39:20 GMT CMPS=5162;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Jul 2021 07:39:20 GMT CMPRO=1172;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Jul 2021 07:39:20 GMT CMRUM3=58607e852705a0&27607e85270b40&6f607e852805a0&e6607e852727600&2d607e852705a0&51607e852805a0&39607e852805a0&2e607e852805a0&ce607e852805a00&04607e852727602597334486314776682&08607e852705a00&49607e852805a00&82607e8527a8c0&f1607e852705a0&c3607e852805a00&03607e852805a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Apr 2022 07:39:20 GMT CMST=YH6FJ2B+hSgA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 21 Apr 2021 07:39:20 GMT
d
ic.tynt.com/r/ Frame B088 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
ic.tynt.com
:scheme
https
:path
/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

server
nginx/1.16.1
date
Tue, 20 Apr 2021 07:39:19 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
/
onetag-sys.com/usync/ Frame 8E57 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0A4A 		43 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 0A4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 0A4A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6af9607e-8528-4e00-b509-0e375f8a9fc0&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6af9607e-8528-4e00-b509-0e375f8a9fc0&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 20 Apr 2021 07:39:20 GMT

Redirect headers

Date
Tue, 20 Apr 2021 07:40:50 GMT
Server
MT3 3660 495c301 master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6af9607e-8528-4e00-b509-0e375f8a9fc0&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Apr 2021 07:40:49 GMT
YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0A4A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB
43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 20 Apr 2021 07:39:20 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 0A4A
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b7eff915-2b46-4f44-87ad-ec7d3ad5f1fc
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b7eff915-2b46-4f44-87ad-ec7d3ad5f1fc
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 20 Apr 2021 07:39:20 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b7eff915-2b46-4f44-87ad-ec7d3ad5f1fc
date
Tue, 20 Apr 2021 07:39:20 GMT
server
Apache-Coyote/1.1
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 0A4A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=22bKh9Vjz9rAbsiH3mfQg9luxdDAMsTS2TKOKhCB
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=22bKh9Vjz9rAbsiH3mfQg9luxdDAMsTS2TKOKhCB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 20 Apr 2021 07:39:20 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=22bKh9Vjz9rAbsiH3mfQg9luxdDAMsTS2TKOKhCB
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0A4A
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871597494393001684
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871597494393001684
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:39:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 20 Apr 2021 07:39:20 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871597494393001684
Date
Tue, 20 Apr 2021 07:39:20 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame 0A4A 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:21 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
setuid
sync.quantumdex.io/ Frame 0A4A 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YH6FJwP5ZWSiGGVT--gSCwAABJQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:20 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2oAavbfVX4bGEKFSXgxJEKvGqHXZtApdDaCjbxZmWf5Arvvk1Z9EmY0kWHXAEfOo5uL6BjHgQIS7V9DAnSQwAl2TBk%2F4kaBfTnhqeNPkl65I6F13%2F%2FZXD17ncSbxVkw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
642cb7dd5a64535d-FRA
content-length
43
cf-request-id
098fd13e540000535d4a3f3000000001
ptrack
a.audrte.com/ Frame 25E5 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.199.20&p=M1353665098&artime=2021-04-20T07:39:22.489Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-146-169.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8215fd185f2a5ee612f068b8349168c7ceee7e01e6f8f45495d434150a06070c

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:22 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54910f688d6739d21b3068269e0e5755c7e4ccae9f90be2f65b2a6c22e740b8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Apr 2021 07:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6609
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 8137 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.ukr.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.ukr.net
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1546
date
Tue, 20 Apr 2021 07:39:21 GMT
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Tue, 20 Apr 2021 07:39:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1F11 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 20 Apr 2021 07:16:19 GMT
expires
Wed, 20 Apr 2022 07:16:19 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1383
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B54C 		783 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3e7f3181f807ae5fafeebc0c12ca12050564c5e9f2279f62063b94517870efd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nco/NoRRz54ptOIduJ+rUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ukr.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ukr.net/

Response headers

expires
Tue, 20 Apr 2021 07:39:22 GMT
date
Tue, 20 Apr 2021 07:39:22 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-nco/NoRRz54ptOIduJ+rUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame DFB2
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2803dd6dcccbcb6cf48e228cbffc4085c40a0646a615e848e7dc8d4f436ce501

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Tue, 20 Apr 2021 07:39:22 GMT
content-type
text/html;charset=UTF-8
content-length
1314
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.13.191
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 15-Jan-2022 07:01:00 GMT;SameSite=None;Secure _cc_id=5cdc284a7c53f72e7e1732adae3d7925;Path=/;Domain=crwdcntrl.net;Expires=Sat, 15-Jan-2022 07:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQME1OSTayMEk0TzY1TjM3SjVPNTQ3NkpMSUw1TjG3NDJlAIKEulatv%2F%2F%2F%2F%2BcHcSAAAL2eDq0%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 15-Jan-2022 07:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBIqGvVAlJQAAATwgGO";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 15-Jan-2022 07:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

date
Tue, 20 Apr 2021 07:39:22 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.4.16
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame 1F11 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 10:13:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
77171
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Tue, 19 Apr 2022 10:13:11 GMT
tpid=13094582251450700530209189880138120632
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame DFB2
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=5cdc284a7c53f72e7e1732adae3d7925&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=5cdc284a7c53f72e7e1732adae3d7925&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=13094582251450700530209189880138120632
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=13094582251450700530209189880138120632
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:22 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.27.167
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
nQh5mNZWQ/g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=13094582251450700530209189880138120632
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DFB2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWNkYzI4NGE3YzUzZjcyZTdlMTczMmFkYWUzZDc5MjU
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWNkYzI4NGE3YzUzZjcyZTdlMTczMmFkYWUzZDc5MjU&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWNkYzI4NGE3YzUzZjcyZTdlMTczMmFkYWUzZDc5MjU&google_tc=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWNkYzI4NGE3YzUzZjcyZTdlMTczMmFkYWUzZDc5MjU&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=8625b5f5-a1ab-11eb-93df-36fd58919319
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame DFB2
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=5cdc284a7c53f72e7e1732adae3d7925&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=5cdc284a7c53f72e7e1732adae3d7925&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8625b5f5-a1ab-11eb-93df-36fd58919319
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8625b5f5-a1ab-11eb-93df-36fd58919319
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:22 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.69
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Tue, 20 Apr 2021 07:39:22 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8625b5f5-a1ab-11eb-93df-36fd58919319
alt-svc
clear
content-length
0
qmap
sync.crwdcntrl.net/ Frame DFB2
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=6f71607e-852a-4d00-9e98-7f004c893bb2
49 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=6f71607e-852a-4d00-9e98-7f004c893bb2
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:22 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.22.8
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Tue, 20 Apr 2021 07:40:53 GMT
Server
MT3 3660 495c301 master cdg-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=6f71607e-852a-4d00-9e98-7f004c893bb2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Apr 2021 07:40:52 GMT
tpid=8109873692696709488
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame DFB2
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/5cdc284a7c53f72e7e1732adae3d7925/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8109873692696709488
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8109873692696709488
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:22 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.201
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8109873692696709488
pragma
no-cache
date
Tue, 20 Apr 2021 07:39:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
image.sbxx
global.ib-ibi.com/ Frame DFB2 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=5cdc284a7c53f72e7e1732adae3d7925
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=534783932/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_128_CBC
Server
216.46.185.183 Englewood, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041501&jk=1345474708920586&bg=!iIuli8_NAAZUuIlwVLg7ACkAdvg8WlJS46jYT9Rs9HOr8J_FL7aIfd4t1GupUJKpacJZy41HcIuqYwIAAABXUgAAAAloAQcKAI28EIFJ9qulQOGTFGUA1tPoG9qSfMEOZ8wcA1rf9DkvpWVLjX8ZfBEQKEyMZ9XpLud83o1Ak4M4tUZXErX4wCM7fStyLX-2PxJGcT1LsN1-8Kc9ZVzsiJnADGaoLBxgIubXzQnE5MlwDUkFGCJX-uC5TvaIjpc1p4kHOYZK1o50pIT5vrzymMAEnEjqFV6ZAdV5_blw_bV-BIUrU2PrHd9b8sn9z-FKKNF8dHwJcNgkuLcg_gtc6Hv2NRlav8KdngjLOoUTXn9_JMVw_M7bnY7hQX94woFAC9FJ_FF6FoFhWKKAa9MIKQmUERfBtxiBAVXcUwLytBhFZrvA6DJaw_z4TJbxJEqWx2lJ0EhN5ARnZ1jc2uRBuWdk2Qvf15-us-AMj4RLOLz5u7LcLgWP6UvsElBmSUF4e8xA-esmbLPD6YFbguEEXLL1p6F6ktUQtVyMDBpWtbMMR_fH3ZvqJ501yoOYIav8nwyOTShqOi2QOa88ehgeRdYimQxelJ8vXavNXPWee5Tf57MAEa_8pbrrmBPe6gfbCvkl5JDRPx3dfbujG6qzqEHq816XZ3J2AW4uQeFfeFJ3hC3Pa4M4ouP74Ils2_b880gxEhxMBdq3HCf9XwN3mUPb8Y0nGp8WRYBSMm28SA1cCI0zM2TNFCZDFbRzUxDGXhAP3wnHAv7W4CmXJfyG-tghe5a_MrnhuwOvpUg-3K1T3pscAp8zYVQ9Fpu3FGcgM3VPyqnh8r1f_8-wYE8JsDuUhazq-xSjrLuR-Dv5qXJ1ELBmaQzgG3vVyY52xOPY2SQ3NJpxzDizF4cEbu3v
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:39:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ps.eyeota.net/ Frame 25E5 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=655zVqXiKv-TGKn1aolLaIDkQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:22 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 25E5
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=354838045786321235
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=&google_gid=CAESEHFDIezFXm-ZQ6y77WSDyFs&google_cver=1
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=655zVqXiKv-TGKn1aolLaIDkQ&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206N...
  • https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-146-169.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:23 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 20 Apr 2021 07:39:23 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 25E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=655zVqXiKv-TGKn1aolLaIDkQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=655zVqXiKv-TGKn1aolLaIDkQ&gdpr=0&gdpr_consent=&google_gid=CAESEHFDIezFXm-ZQ6y77WSDyFs&google_cver=1
  • https://a.audrte.com/p
68 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-146-169.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:39:23 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 20 Apr 2021 07:39:22 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0

Verdicts & Comments Add Verdict or Comment

315 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer undefined| src undefined| dst object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| is_desktop function| GetCookie function| SetCookie function| DeleteCookie function| getCookieVal function| LocalCache function| ajaxCash function| $ function| jQuery function| _ object| ifvisible function| MailWidget object| Core object| Bookmarks string| zakl_domain string| zakl_domain_back boolean| zakl_css boolean| brandsActiv string| fschema object| chc string| magicHash object| LoginErrors string| fr_text_nonew string| fr_text_new1 string| fr_text_new2 object| globalCommercialData undefined| adUkrNet number| adEcbrStart number| adEcbrDone undefined| rootLeft undefined| rootRight undefined| rootFuel object| ant string| basesearchurl function| isElementInView function| checkElementViewability function| fixSidebar function| setReload_branding function| ellipsizeTextBox object| portalCache object| App object| Lazyload object| Synchronization function| checkAttr object| Services object| Currency object| Fuel function| onCaptcaConfirm function| SHA1 function| transliterate function| ToPlural object| User object| News object| Holydays object| Clicks number| bc_a string| bc_g function| parse_20 object| arrForScrollRefresh function| setReload_300x250 function| onGeoData object| DateFormat object| Columns function| getBase64 function| aGo function| ecbrStart function| collectCommercialData function| go_search function| timeDiff function| zakl_addClass function| zakl_removeClass function| zakl_toggleClass function| zakl_ifClass function| zakl_setDisplay function| zakl_setDisplayById function| zakl_clearSelects function| zakl_restoreSelects function| zakl_setMask function| zakl_removeMask function| zakl_GetCookie function| zakl_SetCookie function| updateCookiesTime function| zakl_DeleteCookie function| zakl_getPageSize function| zakl_$ function| zakl_isEmpty function| zakl_displayMyBookmarks function| zakl_HideBookMarks function| slidePanel function| zakl_DontHideBook function| zakl_treeControl function| zakl_checkBook function| setSubFolderData function| zakl_OpenEditFolder function| zakl_OpenFolder function| zakl_ShowFolders function| zakl_HideFolders function| zakl_DontHideFolders function| zakl_HideFoldersNow function| zakl_showContextMenu function| zakl_HideContextMenu function| zakl_displayFolderMenu function| zakl_displayItemMenu function| zakl_getMousePos function| zakl_windowAddFolder function| zakl_windowAddFolderToImport function| zakl_closeWindowAddFolder function| zakl_windowWizzard function| zakl_closeWizzard function| zakl_wizzardLogin function| zakl_GetItemById function| zakl_WindowEditBookmark function| zakl_WindowEditFolder function| zakl_closeWindowEditFolder function| zakl_closeWindowEditBook function| createImportIframe function| checkItemsForExport function| zakl_setShadow function| zakl_removeShadow function| zakl_windowModalSubMenu function| zakl_windowModal function| zakl_windowSubModal function| zakl_CloseModal function| closeAddBook function| zakl_SelectFolder function| zakl_AddFolder function| zakl_AddFolderFromImport function| zakl_EditFolder function| zakl_AddBookmark function| zakl_EditBookmark function| StdRefreshTree function| StdRefreshTreeAddBook function| StdRefreshTreeAfterAddFolder function| StdRefreshTreeAfterAddFolderFromImport function| zakl_ReportStatus function| zakl_CloseStatus function| zakl_MakeAGetString function| zakl_AddToQuery function| zakl_UpdateFoldersQ function| zakl_UpdateBooksQ function| zakl_UpdateChilds function| zakl_UpdateSelectedItems function| BackAfterDelete function| getParentIdByElementId function| zakl_isUrl function| ReturnTreeBody function| ImportResults function| zakl_saveDataAddBook function| zakl_window_top function| zakl_escapeAjaxParam function| zakl_display function| zakl_loadingStart function| zakl_loadingStop function| zakl_getTitleForURL function| zakl_RefreshTitle function| zakl_clearTitleValue function| zakl_movemouse function| zakl_resetHash function| zakl_selectmouse function| zakl_attachZakl function| loginFocus function| moreRefreshTree undefined| zakl_cmodal undefined| zakl_csubmodal boolean| zakl_returnAddBook boolean| zakl_logged number| zakl_globalTreeId number| zakl_globalTreeSelectedId boolean| zakl_TEST_LOGIN boolean| zakl_DEBUG_ENABLED boolean| zakl_selectPreviousDir number| zakl_pageMinWidth string| zakl_domain_ajax string| zakl_importDoc number| zakl_loadDelay number| zakl_loadDelayAttached boolean| isIE6 string| zakl_homeDir boolean| goto_step object| zakl_BrowserDetect object| zakl_browser undefined| zint undefined| booktime boolean| zakl_importFolder undefined| zakl_response boolean| zakl_autoopen number| zakl_parentEl object| zakl_treeItems object| zakl_tree undefined| hfolders boolean| isImportWizzard undefined| zakl_currentEditItemData string| gsubmodal boolean| isOrganizeWindow number| cfolder undefined| zakl_hmirror string| selectedf string| selectedb string| zakl_addBookHttp string| zakl_addBookSiteName string| zakl_addBookHttpWizzard string| zakl_addBookSiteNameWizzard boolean| zakl_displayModal boolean| nn6 boolean| zakl_isdrag undefined| zakl_x undefined| zakl_y undefined| zakl_tx undefined| zakl_ty undefined| zakl_dobj boolean| zakl_attached string| zakl_html string| zakl_html_main string| zakl_backURL object| googletag object| vmpbjs object| vpb object| __advShowDeferred object| useragent object| topSlot undefined| topSlot2 object| topSlot3 object| topSlot4 object| topSlot5 object| brandSlot function| gosmart object| widget function| __reCaptchaLoad object| gaplugins object| gaGlobal object| gaData function| setIframeHeightCO function| handleDocHeightMsg undefined| bgURL1280 undefined| bgURL1366 undefined| bgURL1600 undefined| back_color_1280 undefined| back_color_1366 undefined| back_color_1600 boolean| brand_exist string| brand_href number| crash function| brandsActivion function| brandsParameters function| setbrandsActivion string| a object| d object| n string| fr number| tz object| s function| vmpbjsChunk object| _pbjsGlobals object| ggeac object| google_js_reporting_queue number| wd number| size function| go function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| regionsList object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| Criteo object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106 object| GoogleGcLKhOms object| google_image_requests

0 Cookies

8 Console Messages

Source Level URL
Text
console-api log URL: https://www.ukr.net/dat/covid19.html(Line 456)
Message:
reload covid widget
console-api warning URL: https://player.adtelligent.com/prebidlink/449695/hb_300016_4947.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api error URL: https://player.adtelligent.com/prebidlink/449695/wrapper_hb_300016_4947.js(Line 1)
Message:
localStorage unavailable
console-api error URL: https://go.rcvlink.com/ifr/5ysrIfrF92(Line 31)
Message:
!responseText
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 127)
Message:
arResponse->{"pxcalls":"https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=655zVqXiKv-TGKn1aolLaIDkQ&gdpr=0&gdpr_consent=|https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=|https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=655zVqXiKv-TGKn1aolLaIDkQ&gdpr=0&gdpr_consent="}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.ukr.net
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
adscale-emea.adnxs.com
adservice.google.com
adservice.google.cz
adtelligent-d.openx.net
ap.lijit.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bidder.criteo.com
bn01.er.bemail.it
c1.adform.net
cdn.admatic.com.tr
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
counter.ukr.net
creativecdn.com
cs.admanmedia.com
csync.loopme.me
d.turn.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e916bc38fe94d8ec785a41536fdddae6.safeframe.googlesyndication.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb1.adtelligent.com
global.ib-ibi.com
go.rcvlink.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
ic.tynt.com
idsync.frontend.weborama.fr
ih.adscale.de
image6.pubmatic.com
inv-nets.admixer.net
js.adscale.de
js.cookieless-data.com
kinoafisha.ua
loadeu.exelator.com
mail.ukr.net
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pinformer.sinoptik.ua
pixel.mathtag.com
pixel.quantserve.com
pixel.sitescout.com
pixel.tapad.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
ps.eyeota.net
recreativ.ru
rtb.adxpremium.services
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.trafmag.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trafmag.com
trc.taboola.com
u-ams02.e-planning.net
ukr.net
ups.analytics.yahoo.com
upst.fwdcdn.com
usermatch.krxd.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ukr.net
zakladki.ukr.net
104.111.230.142
104.111.237.88
104.19.136.78
116.202.114.114
13.224.102.111
136.243.84.74
136.243.84.75
142.250.185.194
142.250.186.66
142.250.186.98
146.0.227.110
151.1.205.165
151.101.114.49
154.57.158.51
168.119.146.39
178.162.133.149
178.250.0.163
178.250.2.131
178.250.2.146
18.184.216.10
18.198.126.47
184.30.20.207
184.30.212.16
185.184.8.30
185.29.135.233
185.33.221.15
185.64.190.78
188.42.29.196
193.0.160.129
193.200.65.2
193.200.65.5
194.213.62.34
195.214.195.101
199.232.137.44
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
212.129.3.113
212.42.75.249
212.42.75.253
212.42.76.151
212.42.76.247
212.42.76.248
212.42.76.252
212.42.76.253
212.42.83.135
212.82.100.182
213.174.135.2
213.19.147.151
213.19.162.61
216.46.185.183
23.218.208.200
23.218.208.246
23.45.110.176
2600:1f18:612b:4216:5e41:f643:f5d9:712d
2606:4700:10::6816:1957
2606:4700:20::ac43:47f1
2606:4700::6810:cf3
2606:4700:e0::ac40:6208
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:801::2001
2a00:1450:4001:801::2008
2a00:1450:4001:808::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200e
2a00:1450:400c:c0d::9b
2a00:f48:2000:1023::3
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:12::1400
2a05:d018:24:b001:cff3:ca6f:14e6:5ad7
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5139::2
2a0c:5c81:5142::2
3.120.52.200
3.126.56.137
3.221.146.169
3.91.110.183
34.199.94.111
34.246.39.225
34.253.111.115
34.98.67.61
35.172.143.213
35.186.253.211
35.201.81.244
35.227.248.159
35.244.159.8
37.157.3.28
37.157.6.252
37.157.6.253
37.187.205.228
37.252.172.250
37.252.172.68
46.249.52.248
5.178.65.253
51.89.9.253
52.29.148.200
52.46.130.13
52.48.18.249
52.49.202.212
52.95.124.165
54.78.98.45
62.149.0.72
66.155.71.25
67.202.110.33
69.173.144.165
72.251.249.9
85.114.159.93
88.214.206.142
89.163.159.101
99.81.54.149
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
061769e5c7eb97935122a0492b7b2365f8a8538ec018a37e31e030f2192750ab
07d3b253e202af1cbbf728e53b09d684206d64240685841a864e80a527101707
0a7811a1e05946d0685186acd8b05d13e942f413b2af0512664b520d330a9b79
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e9914554b80aba1f7ab23fa72b263a779d29fe29aa5d36e826fb60d8cfb9314
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
1134dc30eb340c908a5cb6c95f5bd1b029fec03fe1bed065ae8aaca3c2e2bafe
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
16347bc8ab931957e0943279cc68d6c7f4200640775fb8bedab0c571c3f17cde
168c331ec78c71691ae090d254425729725b22d627e93541f5820f1db1d2008c
171b7202bd88c01135aff85554b7293c7cfbb15ec83803866343dce39f6a29a4
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
19b676f82aa4edf382ed59e1267b59e846d527ab2e1e5ec0a7ce2d512705dc94
1ac65a81554038eda9e11deaf5521cb4a4cb29593189dbdc8669854dd743ba93
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
21a128145790f6014d9d01cf2d2876d7e1c2538a6825173038b410f1b3ba59b5
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2803dd6dcccbcb6cf48e228cbffc4085c40a0646a615e848e7dc8d4f436ce501
2900a771d3f6ae1a49699beedd12cd4902b97b2d2066515a215d140e3f942b09
29b463a65a03d7915d022df12db018494b3aeac05df0121278323a62441a2f33
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad8fc5d94326e9c388b2ad0999dd56c89f3942bd4d20ad8a495cc7e347aaa60
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1cf01326e3e13fe65bff588e942b208bd803bbbfcf7ad5932e1e62f13779c0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30000c0615486c8acf864f183d245466b43e9455a437c99084b80d293464a534
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
338f69fe1de47efce159b38aef5d8ccb729ff5f40e6fb8eb6e5b7ad5f214dfcc
3409afa887a0162e1e9ccdbe405ff6231346fa32bdd46bdb06586e0eb5f0c9df
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3892fd791f199135f4db92167a3c4aae12bf5fe098c19fcacbd3cb35367d184b
38fd106770440e447a7ba3015ddb0c5da6b82703cfe20a91abadf467eee910d6
3cc0251f22c1a7eb6aded802af8bc7cde2d5e37f521b544bae47a68e0fd81ad2
3d4e6314be04243015511ac25390f0fb3314cd8f5ad35e3b568e8818b78fae36
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4575a9a9467e190db27e1d9405fe38cfd74575e92b522c166fe9fb285dbc541a
46894820aeea1f8c8a9d2b6a5b5ef1c142725af4454cdf48bcbd2ea1aad8fba1
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4791467a2f5ef4a053920995c576ba8e7d01c80280d0593b3a72e449414323d5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4be6a47675523c5110a92b5a9c14d46c7327f15fb26ab0fe0e3d6b572c86ec24
4d041c09ff4cf3885898b484faf41f47fcdd9fc3751e9539f69200c4e9d2abb1
4def7e69368bf63d14e4fccb86d007b7e497960213f0a4fd564c8e667ebc85a9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
514b8c25e2e6f1bb545d50b9551875ef81d5624f05598b1830cfb1bd6a15370a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54910f688d6739d21b3068269e0e5755c7e4ccae9f90be2f65b2a6c22e740b8f
55a55861068aeea1b8c461136f9b3932f4db307d1075521197675ae22b350fbe
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
59f0add375fd8730e07dbd559870124e0b167f8fa6ce53c06580907ba4c4a510
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c
5c716da6ff73138a628905ea31915bd8eefda2f60eee845d0b1eda470c51e212
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
62aa9862e3cf4a2d546055e17fa129c12dcfb282d2fde5227a5e9c60b3bc406e
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
65c88bdeb2f983517f1be4d68218f801ea8201919dbd9edd28359a344d8a0574
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a2a30567ebb12a8d345d65a0b81185660e1263584a6bcac041f2a63a868272d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
75c30a3726fac9acaac6f7729d1ec410417b62ff61bf4cd73b65d827c66db348
75f62120b95e617215684e9aef305a9c4db72d7f2326b69e9e4ee78a4c07a353
763a8799aa32101c12131fccf7919219c51109131e012fe3d53c1849e563abfc
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
787663e29d5a6321fbe42944b21653f75c1e3c6b475d7ff75b17c5182e6c46ec
78962cbb1faccbd5baee0ad77dc0507796eb7b30d687a231d4eb643fae0bb281
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7c4e4e0b02318697c2eb4a16c05126c5113eea9f0a4a9a6cb40c8261bbd17ec1
7dbd8c7566195ada3f3e2a2f33b832358d0526e1384d0217ec96264eb17da819
7f9631228b15526e5e750792b9e87363cdc8505a9a20758f46b48669db955dbf
80a615481f500f8fc66d5fa26e8117e1c5ce24e7491023b0d2538f411d451cca
8215fd185f2a5ee612f068b8349168c7ceee7e01e6f8f45495d434150a06070c
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88a4f7a61bcc295bb968425365acd5c78e49818b33eb2b4ca6bff9ffa49f27db
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df
8d50b07896e45830a339157df633101bd1362f1880b5148025f90e16b6836993
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8efcb43423afaee439766d4afc4266809a15a08acff929e7608a44f76e3e64a9
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
95ce0a99aface9f68502ac95e1f25fd4f560a561e72bd77b52c09443d5521cda
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c
9e4889f3b7cd77ce12182e5c0fa2c7c8b0ec7f6e2fda8178195e77b4396c3333
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2af799b642bf2874c60a83411aae8de4768d46d9c150499040a7e93ac8007f2
a3c814b4ed792f8beca08492c856a3d360805e5f5c5d61509749f5f785f0971b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5bfb91732aabaf92bf2189ca3c7e1ea92da027f9805dc6562af3f37a25290e4
a6543694a62a5573bf1709e30effeb56ef3d5864d56f12ad8f58a416b4407a64
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4
a94510912e08647eb40a01fae98d9c758dd2f1691e8cfcc8da44a598bf56bda2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa627bfef345f2f99e052cf9bd3fd3b0d3ed5cae9a8a9fdd6351a5b3c0dc7cb8
aab475e61325aa8b10d5fc1127dc89c6562731d9a0dbd32db36b85a5e792ced5
ac448c4dc7cde4494ffa0350d3228b4285034a0e99e81838560d4ed1024cd1d2
aeb49a5ad222d434ae4f895aaa320fba95c2436d5d4bc40ecc8bd72fd5196f25
af0cb902656b4fde470988b5fafcfb29703d1e18469371fca027bbcb6fbd7724
af992079403976a07e83201be65ea60d93288a986b7785b9bfa40e07438956af
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
b946d8136218d95d49e8f82a64b0f30628a33c241f9671d272f3d06ca6cc6b0c
b949d75bab597234bb9d57818d1f06d98120a2500d23f518c6498389d5535d14
baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48
bb00f4e118dfd733c445aadbf7b58536e6ff1b68b46f01c8bf6d7dd21b2c1436
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1a449c86c27cfd1fe5fe32a7d823b43e6bc82cbf9f4d49089eeb76e9123d6f
be0aed68b096d0d64b930d667c12c9e5cfc35f6adc275af68fff3bccaf966897
bfc9fbc4575f67c1903d4ff0b0d8889b7a66b72676dd61cec9abec0019a2fe50
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25fee9760ab3bbf8f9b0865782ac0f978b3d414b9e54fee89943ed572c817b4
c35f5b8b56d55e7cece8df68b398eb091a17d494357e7eb07e71b87a33b4ed04
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c6e062ccfb4e7bf2e4020e000a457da3cee98015550fb029221d9797d9e19858
cba522390b1c9e02f762cfb76673612b1db16b7093a47998d4944a6752f2fe2f
cf4f8ce4e9d310e448f37a9868c601fe20a9a8b2bf098bce26c59881f92c5a08
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e
d8342c8635ec771dc2136a0af1c847af13adc9cb605a9e9b12c265446386d0e7
da7a5abfb530790959d419713a7f5bf02143b74c6f24bc54de146610f7f47bc6
dabe207d5d4dd967f59c448afa910bd193f195494beb72485ba6e0d0d49a5a9c
db47cf4feab1f4a70d4d837b200985e57402b80c51c08b5620858d2ddfdb9f22
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd213eacc0f658903d46703559ba6e696121e61fe93da9b3c30df8beff053035
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de624a0a9b0ce2f2a5a44c44f80210ed7c42095f089a6109d0b29d6eecc2b074
e14a53acde565277cbd2431e722ccd08d6d7047d1400f701ef74dfd14605fe23
e365cc592fb95d3828f763017a833f0f6c295a7537c081145fa48e2c50b35510
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e7f3181f807ae5fafeebc0c12ca12050564c5e9f2279f62063b94517870efd
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
e90e10e1ebdb08c4c9d60da734ff42d91a3dbf7fcfea963e86ca054761817095
eaf5b6c9d06af1ad833f23798f7ffc9468dfef28bfaefbe1dea90ced8af684e6
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ee63cc3a703a49d862bf3fb37db0b5ce30e60f1c9eb61c59cd757f1d38732dc2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2df81a21342e8e2ec2a17738dac199c55a248712dc3a2804b701f38d7acf5e
f01f2b2db41ab7dd8ba1fcc1dfc20a7a94c5c980734d9ba13f974e51959935e3
f127f5991d8905bdacab57c2616de16ad334f816e74675cdf8de8cd7981528ab
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f78047a9a4deb1a46a653aea75be2ac2178949ed3281eb9c20622bb3a24a88d1
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5