znaj.ua Open in urlscan Pro
2606:4700:20::ac43:44d1 Public Scan

URL: https://invite.viber.com/?g2=AQBHp854yy0BjknLCovlazGCqvAmipQtzJqWDxlaZXNq4%2FMp3TOY868DzX9xyWLg

URL: https://flipboard.com/@ZnajUA?from=share

URL: https://www.pinterest.com/znajznaj/

URL: https://war.znaj.ua/
Title: Війна

URL: https://grosi.znaj.ua/
Title: Гроші

URL: https://life.znaj.ua/
Title: Життя

URL: https://kyiv.znaj.ua/
Title: Київ

URL: https://kharkiv.znaj.ua/
Title: Харків

URL: https://www.youtube.com/channel/UCwgXH0dz8d8SiYeMLg9WtIw?sub_confirmation=1
Title: Анекдоти

URL: https://war.znaj.ua/431435-propagandistka-simonyan-pokazala-svoyu-merzennu-sutnist-dilit-nagrabovane-nache-shchuriha
Title: Пропагандистка Симоньян показала свою мерзенну сутність: ділить награбоване, наче щуриха

URL: https://sport.znaj.ua/431438-alina-grosu-zahopila-shanuvalnikiv-neymovirnim-obrazom-ukrajinskoji-rusalonki-fayna-divka
Title: Аліна Гросу захопила шанувальників неймовірним образом української русалоньки: "Файна дівка"

URL: https://sport.znaj.ua/431446-navit-svyashcheniki-mriyali-pro-vilnu-nadyu-dorofyeyevu-ale-kacurina-nihto-ne-ochikuvav-chekav-vse-zhittya
Title: Навіть священики мріяли про вільну Надю Дорофєєву, але на Кацуріна ніхто не очікував: "Чекав все життя"

URL: https://sport.znaj.ua/431317-zirka-aferisti-u-sityah-olena-kristina-lebid-pokazala-yak-legko-obduriti-ukrajinciv-mi-vam-zaplatimo
Title: Зірка "Аферисти в сітях" Олена-Крістіна Лебідь показала, як легко обдурити українців: "Ми вам заплатимо"

URL: https://grosi.znaj.ua/431488-yak-zasnuti-za-1-hvilinu-diyeviy-sposib-bez-yogi-ta-pidrahunku-ovec
Title: Як заснути за 1 хвилину: дієвий спосіб без йоги та підрахунку овець

URL: https://sport.znaj.ua/431439-rahunki-rozpovniloji-ani-lorak-zablokuvali-v-rosiji-teper-tilki-spivati-na-vesillyah-za-jizhu
Title: Рахунки розповнілої Ані Лорак заблокували в росії: тепер тільки співати на весіллях за їжу

URL: https://grosi.znaj.ua/431519-golovni-novini-za-7-lipnya-pravda-pro-zvilnennya-dzhonsona-tur-polyakovoji-po-ukrajini-ta-legalizaciya-grudey
Title: Головні новини за 7 липня: правда про звільнення Джонсона, тур Полякової по Україні та легалізація грудей

URL: https://grosi.znaj.ua/431486-chi-chekati-ukrajincyam-deficitu-moloka-siriv-ta-smetani-slidom-za-inshimi-produktami-dumka-fahivcya
Title: Чи чекати українцям дефіциту молока, сирів та сметани слідом за іншими продуктами: думка фахівця

URL: https://grosi.znaj.ua/431469-pravdu-pro-borisa-dzhonsona-rozkrili-nezadovgo-do-vidstavki-drug-volodimira-zelenskogo-ne-takiy-prostiy-yomu-vazhlivo-shchob
Title: Правду про Бориса Джонсона розкрили незадовго до відставки, друг Володимира Зеленського не такий простий: "Йому важливо, щоб..."

URL: https://sport.znaj.ua/431371-olya-polyakova-vlashtuvala-tur-deokupovanimi-teritoriyami-shchob-pokazati-svitovi-pravdu-pislya-prihodu-orkiv
Title: Оля Полякова влаштувала "тур" деокупованими територіями, щоб показати світові правду: "Після приходу орків"

URL: https://war.znaj.ua/431440-u-okupantiv-za-tizhden-stalo-na-11-skladiv-menshe-ne-darma-voni-tremtili-vid-odniyeji-zgadki-pro-himars
Title: У окупантів за тиждень стало на 11 складів менше - не дарма вони тремтiли від однієї згадки про HIMARS

URL: https://sport.znaj.ua/431349-zirka-orel-i-reshka-andriy-byednyakov-stav-na-shlyah-sergiya-prituli-i-razom-z-usikom-zabezpechiv-harkiv-191-tisyachu-dlya-lyudey
Title: Зірка "Орел і Решка" Андрій Бєдняков став на шлях Сергія Притули і разом з Усиком забезпечив Харків: "191 тисячу для людей"

URL: https://sport.znaj.ua/431425-dasha-astaf-yeva-pislya-dovgoji-perervi-nareshti-porinula-u-svit-mistectva-vpershe-pislya-viyni
Title: 05:20 сьогодні, 05:20 Даша Астаф'єва після довгої перерви нарешті поринула у світ мистецтва: "Вперше після війни"

URL: https://war.znaj.ua/431306-zhitel-mariupolya-rozpoviv-pro-nastroji-lyudey-u-misti-filtraciyni-spiski-voda-do-3-poverhu-ta-vidsutnist-benzinu
Title: 23:50 вчора, 23:50 Житель Маріуполя розповів про настрої людей у місті: фільтраційні списки, вода до 3 поверху та відсутність бензину

URL: https://sport.znaj.ua/431297-dantes-gotuye-zharti-pro-rozluchennya-z-nadeyu-dorofyeyevoyu-prihovuyuchi-pravdu-pro-kacurina-i-stendap-vidbere
Title: 23:20 вчора, 23:20 Дантес готує жарти про розлучення з Надею Дорофєєвою, приховуючи правду про Кацуріна: "І стендап відбере"

URL: https://life.znaj.ua/431493-zhurnalistka-katerina-kotenkova-rozpovila-chi-mozhut-ukrajinci-uniknuti-dodatkovih-vitrat-na-vodu
Title: 23:15 вчора, 23:15 Журналістка Катерина Котенкова розповіла, чи можуть українці уникнути додаткових витрат на воду

URL: https://life.znaj.ua/431518-psiholog-sergiy-novikov-zayaviv-shcho-suchasni-lyudi-stali-teplichnimi-cherez-poboyuvannya-do-zmin
Title: 23:00 вчора, 23:00 Психолог Сергій Новіков заявив, що сучасні люди стали тепличними через побоювання до змін

URL: https://sport.znaj.ua/431434-yevgen-hmara-vidomiy-pianist-pokazav-yak-viglyadaye-zaraz-royal-na-yakomu-grali-elton-dzhon-keyko-macui-yak-bolyache-na-ce-divitis
Title: 22:50 вчора, 22:50 Євген Хмара, відомий піаніст, показав як виглядає зараз рояль, на якому грали Елтон Джон та Кейко Мацуї: "Як боляче на це дивитись"

URL: https://life.znaj.ua/431491-viyskoviy-oleksandr-kondratenko-zayaviv-shcho-vtorgnennya-bilorusi-maloymovirne
Title: 22:45 вчора, 22:45 Військовий Олександр Кондратенко заявив, що вторгнення Білорусі малоймовірне

URL: https://life.znaj.ua/431490-politolog-boris-tizengauzen-rozpoviv-yak-lukashenko-prosiv-u-putina-yadernu-zbroyu
Title: 22:15 вчора, 22:15 Політолог Борис Тизенгаузен розповів, як Лукашенко просив у путіна ядерну зброю

URL: https://grosi.znaj.ua/431517-na-odeshchini-vzhe-zaynyatisya-nichim-mer-bilgorod-dnistrovskogo-ta-golova-rayradi-vlashtuvali-rozigrivalniy-biy
Title: 22:05 вчора, 22:05 На Одещині вже зайнятися нічим — мер Білгород-Дністровського та голова райради влаштували "розігрівальний бій"

URL: https://life.znaj.ua/431516-u-zmi-rozpovili-koli-sankciji-prizvedut-do-zrostannya-cin-na-produkti-harchuvannya-u-rosiji
Title: 22:00 вчора, 22:00 У ЗМІ розповіли, коли санкції призведуть до зростання цін на продукти харчування у росії

URL: https://war.znaj.ua/431487-oskazheniliy-illya-kiva-pochav-pogrozhuvati-volodimiru-zelenskomu
Title: 21:35 вчора, 21:35 Оскаженiлий Ілля Кива почав погрожувати Володимиру Зеленському

URL: https://war.znaj.ua/431520-dmitro-medvedyev-pobachiv-peremogu-dlya-rosiji-u-vidstavci-borisa-dzhonsona-krashchi-druzi-ukrajini-ydut
Title: 21:05 вчора, 21:05 Дмитро Медведєв побачив "перемогу" для росії у відставці Бориса Джонсона: "Кращі друзі України йдуть"

URL: https://sport.znaj.ua/431420-mishel-andrade-z-orla-i-reshki-pishla-vid-potapa-ta-zalizla-pid-kovdru-vidchula-na-sobi-yak-neprosto-buti-zirkoyu
Title: 20:55 вчора, 20:55 Мішель Андраде з "Орла і Решки" пішла від Потапа та залізла під ковдру: відчула на собі, як непросто бути зіркою

URL: https://war.znaj.ua/431494-nimechchina-vidmovilasya-peredavati-ukrajini-obicyanu-tehniku
Title: 20:45 вчора, 20:45 Німеччина відмовилася передавати Україні обіцяну техніку

URL: https://war.znaj.ua/431441-olaf-sholc-znovu-tyagne-z-postachannyam-ozbroyennya-dlya-ukrajini-i-pridumav-vidmovku
Title: 20:05 вчора, 20:05 Олаф Шольц знову тягне з постачанням озброєння для України, і придумав відмовку

URL: https://sport.znaj.ua/431442-olya-polyakova-povernulas-v-ukrajinu-ta-zasvitilas-z-molodim-krasenem-shcho-mi-robimo
Title: 19:55 вчора, 19:55 Оля Полякова повернулась в Україну та засвітилась з молодим красенем: "Що ми робимо?"

URL: https://war.znaj.ua/431340-oleksiy-danilov-rozpoviv-chomu-vidstavka-putina-nichogo-ne-zminit-dlya-ukrajini
Title: 19:45 вчора, 19:45 Олексій Данилов розповів, чому відставка путіна нічого не змінить для України

URL: https://sport.znaj.ua/431341-vlada-sedan-prosporila-zinchenku-z-mansiti-i-zrobila-yomu-priyemno-na-lyudyah-zv-yazalasya-na-svoyu-golovu
Title: 19:15 вчора, 19:15 Влада Седан проспорила Зінченку з "Мансіті" і зробила йому приємно на людях: "Зв'язалася на свою голову"

URL: https://sport.znaj.ua/431342-kamaliya-pohvalilasya-prigolomshlivim-uspihom-dochok-bliznyuchok-skriz-pershi
Title: 18:35 вчора, 18:35 Камалія похвалилася приголомшливим успіхом дочок-близнючок: "Скрізь перші"

URL: https://war.znaj.ua/431344-britanskiy-viyskoviy-ekspert-nazvav-misce-de-proyde-virishalna-bitva-za-ukrajinu-daleko-ne-donbas
Title: 18:20 вчора, 18:20 Британський військовий експерт назвав місце, де пройде вирішальна битва за Україну: далеко не Донбас

URL: https://grosi.znaj.ua/431460-spekotna-pogoda-pokine-chastinu-ukrajini-polivshi-kilka-oblastey-doshchami-prognoz-natalki-didenko-na-8-lipnya
Title: 18:05 вчора, 18:05 Спекотна погода покине частину України, поливши кілька областей дощами: прогноз Наталки Діденко на 8 липня

URL: https://grosi.znaj.ua/431373-v-ukrajini-znayshli-glibokiy-zv-yazok-iz-20-mi-chislami-den-nezalezhnosti-gerojiv-nebesnoji-sotni-ta-chornobil
Title: 17:35 вчора, 17:35 В Україні знайшли глибокий зв'язок із 20-ми числами - день Незалежності, Героїв Небесної Сотні та Чорнобиль

URL: https://sport.znaj.ua/431418-irina-fedishin-pokazala-nayshchaslivishiy-moment-u-zhitti-dyakuyu-gospodu-za-tebe
Title: 17:20 вчора, 17:20 Ірина Федишин показала найщасливіший момент у житті: "Дякую Господу за тебе"

URL: https://life.znaj.ua/431477-politolog-ruslan-bizyayev-zayaviv-shcho-ne-mozhna-nedoocinyuvati-variant-napadu-bilorusi
Title: 17:15 вчора, 17:15 Політолог Руслан Бізяєв заявив, що не можна недооцінювати варіант нападу Білорусі

URL: https://war.znaj.ua/431489-boris-dzhonson-obstrilyuvav-byelgorod-ta-kurs-u-derzhdumi-vipustili-porciyu-marazmu
Title: 17:05 вчора, 17:05 Борис Джонсон обстрілював Бєлгород та Курськ: у Держдумі випустили порцію маразму

URL: https://sport.znaj.ua/431409-natasha-korolova-prodala-svoyu-golu-popu-cherez-zagibel-yuriya-shatunova-yakshcho-vzhe-zashkvaritisya-to-na-povnu
Title: 16:50 вчора, 16:50 Наташа Корольова "продала" свою голу попу через загибель Юрія Шатунова: "Якщо вже зашкваритися, то на повну"

URL: https://life.znaj.ua/431476-zhurnalistka-katerina-kotenkova-rozpovila-yaki-funkciji-vikonuyut-oblgazi
Title: 16:45 вчора, 16:45 Журналістка Катерина Котенкова розповіла, які функції виконують облгази

URL: https://breaking.znaj.ua/
Title: Важливе

URL: https://breaking.znaj.ua/410757-astrolog-vlad-ross-zayaviv-shcho-nazarbayev-maye-vsi-shansi-piti-z-zhittya
Title: 7 грудня 2021, 16:17 Астролог Влад Росс заявив, що Назарбаєв має всі шанси піти з життя 7 грудня 2021, 16:17

URL: https://breaking.znaj.ua/410763-monastirskiy-vodiy-vantazhivki-porushiv-pravil-dorozhnogo-ruhu-shcho-prizvelo-do-smertelnoji-avariji-pid-chernigivom
Title: Монастирський: Водій вантажівки порушив правил дорожнього руху, що призвело до смертельної аварії під Чернігівом 7 грудня 2021, 15:59

URL: https://breaking.znaj.ua/410577-pristrit-ce-vpliv-na-lyudinu-i-na-jiji-dva-nizhni-centri-tarolog-anastasiya-kazachok
Title: Пристріт – це вплив на людину і на її два нижні центри, - таролог Анастасія Казачок 6 грудня 2021, 14:17

URL: https://breaking.znaj.ua/410311-viluchili-ponad-10-kg-duri-na-poltavshchini-vikrili-bandu-narkodileriv
Title: Вилучили понад 10 кг "дурі": на Полтавщині викрили банду наркодилерів 3 грудня 2021, 16:41

URL: https://breaking.znaj.ua/410260-4-grudnya-bude-sonyachne-zatemnennya-u-znaku-zodiaku-strilec-numerolog-nonna-musalyan
Title: 4 грудня буде сонячне затемнення у знаку зодіаку Стрілець, - нумеролог Нонна Мусалян 3 грудня 2021, 14:07

URL: https://breaking.znaj.ua/410151-mvs-posilyuye-bezpeku-na-vodnih-shlyahah-yevropi
Title: МВС посилює безпеку на водних шляхах Європи 2 грудня 2021, 15:52

URL: https://kyiv.znaj.ua/431144-zmi-poyasnili-z-chim-krashche-varto-borotisya-pid-chas-viyni-torgivelni-centri-abo-kioski
Title: 4 липня 2022, 19:40 ЗМІ пояснили, з чим краще варто боротися під час війни: торгівельні центри або кіоски 4 липня 2022, 19:40

URL: https://kyiv.znaj.ua/429946-zahist-batkivshchini-peretvoryuyut-na-pokarannya-stolichna-vlada-rozpravlyayetsya-z-malim-biznesom
Title: Захист Батьківщини перетворюють на покарання: столична влада розправляється з малим бізнесом 21 червня 2022, 16:00

URL: https://kyiv.znaj.ua/427542-svyata-dzhavelina-zalishilasya-bez-nimba-pislya-rukoprikladstva-mikoli-azarova-andriy-andreyev-pokazav-naslidki
Title: Свята Джавеліна залишилася без німба після "рукоприкладства" Миколи Азарова: Андрій Андреєв показав наслідки 26 травня 2022, 15:27

URL: https://kyiv.znaj.ua/427462-u-kiyevi-cherez-obrazheni-pochuttya-cerkovnikiv-mozhut-zafarbuvati-noviy-mural-svyata-dzhavelina-podrobici-incidentu
Title: У Києві через "ображені почуття" церковників можуть зафарбувати новий мурал "Свята Джавеліна" - подробиці інциденту 25 травня 2022, 21:04

URL: https://kyiv.znaj.ua/427316-aleya-muraliv-popovnilasya-zobrazhennyam-svyatoji-dzhavelini-andriy-andreyev-povidomiv-pro-zavershennya-robit
Title: "Алея муралів" поповнилася зображенням Святої Джавеліни: Андрій Андреєв повідомив про завершення робіт 24 травня 2022, 18:10

URL: https://kyiv.znaj.ua/426920-budinki-ukrajinciv-prikrasyat-osoblivimi-malyunkami-andriy-andryeyev-stvorit-aleyu-muraliv
Title: Будинки українців прикрасять особливими малюнками: Андрій Андрєєв анонсував "Алею муралів" 20 травня 2022, 10:17

URL: https://sport.znaj.ua/
Title: Показати більше

URL: https://sport.znaj.ua/429948-uchasniki-gurtu-spiv-brativ-zayavili-shcho-viyna-zirvala-maski-z-rosiyan
Title: Учасники гурту «Спів Братів» заявили, що війна зірвала маски з росіян 21 червня 2022, 16:45

URL: https://sport.znaj.ua/407074-dumayut-shcho-vona-20-tirichna-studentka-babusya-zdivuvala-internet-svoyeyu-zovnishnistyu-i-formoyu
Title: Думають, що вона - 20-тирічна студентка: бабуся здивувала Інтернет своєю зовнішністю і формою 10 листопада 2021, 05:00

URL: https://sport.znaj.ua/407087-vidtvorennya-smerti-merlin-monro-legendarna-madonna-v-zuhvalomu-vbranni-oskandalilasya-na-ves-svit
Title: "Відтворення смерті Мерлін Монро": легендарна Мадонна в зухвалому вбранні оскандалилася на весь світ 9 листопада 2021, 23:00

URL: https://sport.znaj.ua/406576-jiji-umbrella-vipala-legendarna-spivachka-rihanna-u-vidvertomu-vbranni-vivalila-svoji-prinadi
Title: Її "Umbrella" випала: легендарна співачка Rihanna у відвертому вбранні вивалила свої "принади" 5 листопада 2021, 15:40

URL: https://sport.znaj.ua/407083-absolyutna-ikona-ogolena-superzirka-britni-spirs-zasvitila-svoji-yamki
Title: "Абсолютна ікона": оголена суперзірка Брітні Спірс засвітила свої "ямки" 10 листопада 2021, 02:00

URL: https://news.google.com/publications/CAAqJAgKIh5DQklTRUFnTWFnd0tDbnB1WVdvdWRXRXZjblVvQUFQAQ?hl=ru&gl=RU&ceid=RU%3Aru

URL: https://apps.apple.com/ua/app/znaj-ua/id1473938906?l=uk

URL: https://play.google.com/store/apps/details?id=com.znaj.znaj&hl=uk

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://znaj.ua/ HTTP 307
https://znaj.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://gaua.hit.gemius.pl/_1657247862907/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=yKrL_lat4D8Du8wYRSvdd_VuU.tbz_cAkJG93TBl.p7.E7lNT99LUh1HXo85YSgLboSWGZR6Nd5GFpXWRTaz6olRIZcP/iTFIoZY5ERNXN/&ltime=224&fpdata=NuoQpKsUFuDmUaGgMnr9i08vqaKcLNGyo915itniHKX.X7&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1657247862907/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=yKrL_lat4D8Du8wYRSvdd_VuU.tbz_cAkJG93TBl.p7.E7lNT99LUh1HXo85YSgLboSWGZR6Nd5GFpXWRTaz6olRIZcP/iTFIoZY5ERNXN/&ltime=224&fpdata=NuoQpKsUFuDmUaGgMnr9i08vqaKcLNGyo915itniHKX.X7&fpcap=

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMFQ8QqgXkeCrCpvY61keg&google_cver=1

Request Chain 98

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YseYeGo4bz25yRAlTf1CFAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMFQ8QqgXkeCrCpvY61keg&google_cver=1

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOsL9AhBlX0VyuJIR-Bb0Kk&google_cver=1

Request Chain 100

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0Mjk3MjQ5OTQ3NDAxOTMyMQ%3D%3D

Request Chain 110

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHfZ3peyNIBGuKnnfGGU3DQ&google_cver=1&google_push=ARnp8GC-FjR7uGSMdPnpTh6-MpNdjLjtx6qf2EeOHNzihurCKkJSwG7umvuaLAwVZEthibwCEEh7Y7GTmZFxkCA3EbfTntNgDJs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAyNDA2Njk2Mzg2MDg3NTc1Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHfZ3peyNIBGuKnnfGGU3DQ&google_cver=1

Request Chain 111

https://d5p.de17a.com/cookies/google?google_gid=CAESEJE48vB2Phvdg0EXnTDZbc0&google_cver=1&google_push=ARnp8GD9_QRzN7gidHG126g2z3CS7fqNF5Ws3qW4eeWC4l4N45LhwA18hd5Sa1wXqFi6MLto4CGZQXDKAv2KAn2VG9lMhbFtbKo HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJE48vB2Phvdg0EXnTDZbc0&google_cver=1&google_push=ARnp8GD9_QRzN7gidHG126g2z3CS7fqNF5Ws3qW4eeWC4l4N45LhwA18hd5Sa1wXqFi6MLto4CGZQXDKAv2KAn2VG9lMhbFtbKo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GD9_QRzN7gidHG126g2z3CS7fqNF5Ws3qW4eeWC4l4N45LhwA18hd5Sa1wXqFi6MLto4CGZQXDKAv2KAn2VG9lMhbFtbKo

Request Chain 113

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJfH_59BoUmTFonJjFE5YpQ&google_cver=1&google_push=ARnp8GAlVg3vF55rMggBZBxfTfNMYSCElH6ZpwKsAVgj9je5v9pdTt3nG-okr1dECaCREUOn2xW2yPpMpWkVPOuTEZ0vSkX1jYs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GAlVg3vF55rMggBZBxfTfNMYSCElH6ZpwKsAVgj9je5v9pdTt3nG-okr1dECaCREUOn2xW2yPpMpWkVPOuTEZ0vSkX1jYs

Request Chain 114

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAZpXartQvERu_ltD9_3lDM&google_cver=1&google_push=ARnp8GAqP4tXzhvNYFLLCEb2L0UizhFBkeyG17UDvoZQ_iypdUDZ1A7UYbDEJBrSChqkRaR_4NOhwzHbdPTAQL_4-QNonQgB0ODi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GAqP4tXzhvNYFLLCEb2L0UizhFBkeyG17UDvoZQ_iypdUDZ1A7UYbDEJBrSChqkRaR_4NOhwzHbdPTAQL_4-QNonQgB0ODi

Request Chain 115

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAZpXartQvERu_ltD9_3lDM&google_cver=1&google_push=ARnp8GD0M-oxIUc2y1KpGVCDEUKDr53i9NFIaEDWh45JdSlGQ9g7TND7DVxqMA0PgaHHUjz-9T35who0D89TKB6pOyiptQyJjYUVlA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GD0M-oxIUc2y1KpGVCDEUKDr53i9NFIaEDWh45JdSlGQ9g7TND7DVxqMA0PgaHHUjz-9T35who0D89TKB6pOyiptQyJjYUVlA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 117

https://gum.criteo.com/sid/json?origin=publishertag&domain=znaj.ua&sn=ChromeSyncframe&so=0&topUrl=znaj.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=W7vFi3xqRXZKVUd0bnE4ZkRQZ3Q0MCtmcWtxa1NRRVYvcmU0Z3lUeXBTWnNSeFhPMng0UzVuUGFib0FZMzBuL1R0TGc4aHFYS1d2TDZ0SjYxb3B0U0RMZjNWQ1RqN1NGU1E1RkxxNUJJcWxuS0p2TDVHbEZBR3cxVTBuN1JEcEpoaUdaTUNnRUgzc3FCYy9IZlVkVGw1TmswK2Z1YUFGNUV5VGE2RTBpU2RrMVdrYmN6UXd5dGwvTEhPMDE4N2hRalRGNWx1SGgrc0M5ZnZHUGtXZHdQUnJBZlJJdjlVUno5dTBrVEVBQlhKZk02c1d1UTVXd0NERDlXOFcwckFaVTZLSmcvM3YzL2FadU16OCt3ZldEV0JPWFlYdz09fA&cppv=2

Request Chain 138

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Request Chain 142

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=63ee0445-c13e-4938-9c45-c0d15c214d03

Request Chain 143

https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=%7Bgdpr%7D&gdpr_consent=%7Bgdpr_consent%7D&us_privacy=%7Bus_privacy%7D&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=36fe2e1b-cb06-4758-ba73-9addfcca32ad

Request Chain 152

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db7e742c55e2d98e7%26uid%3D%24UID HTTP 302
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b7e742c55e2d98e7&uid=5342972499474019321

Request Chain 153

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 158

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZRy6ZSbCSxK49mjmeMjzBw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZRy6ZSbCSxK49mjmeMjzBw

Request Chain 160

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzA5NDdkODhmNGE3NDcxMzc2ZjRjNDNmODY5MjdlOTY2Mjg1M2IyNQ

Request Chain 161

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCVUw3OUQtVC1EMEs4

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHcUFa3OcMDsIVkT53egH7Y&google_cver=1

Request Chain 164

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0gId3T3hS42nTQ-nMu5Lbg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0gId3T3hS42nTQ-nMu5Lbg

Request Chain 165

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/RJPFmPHVACxLYuGvltvYLA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7288108749723738368

Request Chain 170

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=1ffcddbc-b59a-432f-9aca-566d7ffec725&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361

Request Chain 176

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=dfde3a7d-e2b8-4dd4-ad70-a7a0a2541eaf&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 177

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=468a16d9-5ca5-416b-426b-ae7e51c09b09&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=468a16d9-5ca5-416b-426b-ae7e51c09b09&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=60747421689431500911402203606571642210&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361

Request Chain 179

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7117825385851320467&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361

Request Chain 180

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=468a16d9-5ca5-416b-426b-ae7e51c09b09 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=468a16d9-5ca5-416b-426b-ae7e51c09b09

Request Chain 181

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=468a16d9-5ca5-416b-426b-ae7e51c09b09&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=468a16d9-5ca5-416b-426b-ae7e51c09b09&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361&bounce=1&random=2247608214 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=82.bhnlqBmWT86wVeS080O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361

Request Chain 182

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361&cklb=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=

Request Chain 183

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=468a16d9-5ca5-416b-426b-ae7e51c09b09?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=468a16d9-5ca5-416b-426b-ae7e51c09b09?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361

Request Chain 184

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-FSwatxNE2orXIOlxzGXZ33g8W5_IOH.Saw--~A&zpartnerid=570&env=mWeb

Request Chain 185

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=MjjoqVWHhTiH4iWcBoZLLZ4HV8ol5K5G%2BS41iYitP1U%3D

Request Chain 189

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361&_test=YseYewAOpk4cNQAo HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YseYewAOpk4cNQAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361&_test=YseYewAOpk4cNQAo

Request Chain 190

https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.8176b031-b1ae-48d1-b814-30f2b2d1805a&zdid=1361

Request Chain 191

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361

Request Chain 192

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=468a16d9-5ca5-416b-426b-ae7e51c09b09&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=468a16d9-5ca5-416b-426b-ae7e51c09b09&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361&dcc=t

Request Chain 194

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=231WvJG5kTcQVCixhgCrnLYbA&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=231WvJG5kTcQVCixhgCrnLYbA&gdpr=0&gdpr_consent=&google_gid=CAESEPKEoKmvzdHb4oUNaKO0o1c&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 207

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=3093752394935046271 HTTP 302
https://a.audrte.com/p

208 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
znaj.ua/
Redirect Chain

http://znaj.ua/
https://znaj.ua/

302 KB
60 KB

244ms
82ms

Document
text/html

2606:4700:20::ac43:44d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b557314ccc4d328a70b5c3f2a46c21e32e625f08924532f472dbe3aa3450829f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: HIT
cf-ray: 72757083ff8cd600-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 02:37:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Fri, 08 Jul 2022 02:35:19 GMT
link
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnEFgQZVpa9DQLIC%2Fp6z2ADX3l8QaWxwPJMLXhrqPyiuP3dlGEW1LHCBeLgTVkjUrOCOVNYvjUUmDdr6O2Lxz7ssLIzHr3Lkbc%2FMmOp0hrNOe72zwjnMWfQMy8L9WOXKjFUQjQ4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cache-status: MISS
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://znaj.ua/
Non-Authoritative-Reason: HSTS

GET
H2 200 8zXk1NnP16q76oYJTL0IWPmjuZ6JBOTyjZzJNVwi.jpg
znaj.ua/crops/dd2b81/150x100/2/0/2022/07/07/ 4 KB
4 KB 70ms
70ms Image
image/jpeg 2606:4700:20::ac43:44d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/dd2b81/150x100/2/0/2022/07/07/8zXk1NnP16q76oYJTL0IWPmjuZ6JBOTyjZzJNVwi.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaadb34c558baa2b171506ea6157a51911e167d810bb7e9012f2fe8e3664d5a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20301
cf-polished: origSize=4050, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3899
last-modified: Thu, 07 Jul 2022 06:54:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGB88wklWmFTco8pHdQrDoZeMnkqEpjsQthzKGJjtPFHaP6t0vtCqEZ9L9Lw7XBtMkizRzJbVptNuVOm8rtdAL0L9mfyIJojdFoN%2BOvvSjpCHyJT5K%2Fo160%2BIdG42zdY07hWOAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 727570849fb3d600-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 ukraine.png
znaj.ua/img/ 702 B
1 KB 68ms
67ms Image
image/webp 2606:4700:20::ac43:44d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/img/ukraine.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be73820642834b6bb64d9a5f252aa97581c362366dc129e650d8c6f19a428979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5831496
cf-polished: origFmt=png, origSize=992
content-disposition: inline; filename="ukraine.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 702
pragma: public
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 09 Mar 2022 13:29:35 GMT
server: cloudflare
etag: "6228abbf-3e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyy7SddERMx60CISYnx7WlTi8OKE7V1ZfTrKuyp6GzelGko3AZJvx2d8s4lA2TdDNfDRMS6dWDTo2ijvDU64ES8lXEtZEO5BtmqKjxrR%2BqjV17mtgSR9Dk2D3qsZwoyJDqxp2KU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 72757084afb4d600-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 app.js Show response
znaj.ua/desktop/js/ 90 KB
26 KB 78ms
77ms Script
application/javascript 2606:4700:20::ac43:44d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znaj.ua/desktop/js/app.js?id=f13d9d3b121596546fe3

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d13f878522940cf9d1cdabbee896f915a0c232ee234e7617c3ac0b9e21d9b9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2086369
cf-polished: origSize=92589
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 13 Jun 2022 21:17:50 GMT
server: cloudflare
etag: W/"62a7a97e-169ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMDlOG177s89r4vLcnLa0wrN5xg21LWmjwEcglUkHJKa7wYYSyd9PBGeOJ2kS1XwVSj%2Bcaj92Nml2hM98d3%2BNb9n12HntGnslKF8wCzK0p5MXf3%2BWHaDgSIPSl2fPVHwY4lxLCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: max-age=315360000, public
cf-ray: 72757084bfc0d600-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client.js Show response
aixcdn.com/ 23 KB
9 KB 206ms
69ms Script
application/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/client.js?165725

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

535fe6ca04237d2379eb55688e5704ea4fdefd03eda700aee5fbd910daf1e40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7735
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 15 Apr 2022 16:27:29 GMT
server: cloudflare
etag: W/"62599cf1-5a3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnJNXoGz8aRCv%2FeXWUloY%2B0nUG6JTxthGaRhqj5qKCK%2Br4cueQwMad67N1ZQz97Jijk7DQST7S8RhkByIBawxXi12zaaGe9UZ4ssAMVxkXNv5qGw7ay7qle%2BqOXk76Gfy9lvPMEhLkZK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 727570859effba9a-MXP
expires: Fri, 08 Jul 2022 02:37:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
41ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5571
date: Fri, 08 Jul 2022 01:04:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 08 Jul 2022 03:04:51 GMT

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 134 B
425 B 314ms
66ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16952272&s16952728&t0&c1&n872844&w0&y0&d24&r1600
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 5f842330d9fc84459d716966d7b4c0891bc5e490f669ce848c0680412f732cbf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:42 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 52 KB
14 KB 182ms
58ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 14031
expires: Fri, 08 Jul 2022 14:37:42 GMT

GET
H2 200 client.js Show response
s.getstat.net/cdn/ 16 KB
7 KB 207ms
67ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.getstat.net/cdn/client.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d394c3e67c160f651dc91ed1259a2559d7e8890445b9673f92d00746b2421ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 718
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Apr 2022 15:15:08 GMT
server: cloudflare
etag: W/"6260237c-3e9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYDCMPG4jUKPL7cVQtSndtColS%2BD7rElzXE4PZdHYrWGVNxhiNG9cR%2Fao3o3BJtWxUDvz0mhoJpp0CvT0Yv4vaYCTD%2FZDKw3fpXwCW%2BuLdUf2G76fuqskYPCgsRcneiKCTiLufRjO5sPUkAR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 72757085ae6d0f4e-MXP
cf-bgj: minify

GET
H2 200 client.js Show response
cdn.getpush.net/s/a3wlzukx2m98q0dibqkeatbvdtkkd9sy/ 58 KB
18 KB 225ms
86ms Script
application/javascript 2606:4700:3030::ac43:a0b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getpush.net/s/a3wlzukx2m98q0dibqkeatbvdtkkd9sy/client.js
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a0b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc99e68ac6a91cd40f81ad5efb3029ab8304cf7785ae5bec124ccf6e79dd10fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 08 Jul 2022 02:07:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrBPkAb32n%2B8PY092eJz5IIpQXFdC0L7dy3zvKV2D6MZFzJ8oosqyHBw4CAi42smrbPpmv0vKb2yg1H5kUGttdHCqYKPPnum14liUyD7lW9ArV741i54quYyLs0OrzV7m60wJ8zddDwwtR2GG9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://znaj.ua
cache-control: max-age=14400, public
cf-ray: 72757085a993baa5-MXP
cf-bgj: minify

GET
DATA 200
OK truncated
/ 125 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7822ab0c944ab5defc5a0af4abd345fde1b54118332d943da596c3d3dbeb2dfe

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 125 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c47d0e9361abb627329fb9187d30d3647a38c2ef9908b7f2a49fc5219028937

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 S1os9Xc7oF1mBHV0fKq8lgR8xn2wz30lb8dJmUDg.jpeg
znaj.ua/crops/207315/150x100/2/0/2022/01/26/ 4 KB
4 KB 71ms
70ms Image
image/jpeg 2606:4700:20::ac43:44d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/207315/150x100/2/0/2022/01/26/S1os9Xc7oF1mBHV0fKq8lgR8xn2wz30lb8dJmUDg.jpeg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e571fced59b3e0c6b82eb6d640b745d4804412ffd719d30422c5d1ffbd25e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23630
cf-polished: origSize=4009, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3885
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 26 Jan 2022 15:19:01 GMT
server: cloudflare
etag: "61f16665-fa9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upAHykkGthhgV2%2FOB4mipE4rgRAklmwq4sZq8x16E286iwB3iEuXUsJSdHEpYvniNJ6bVTOILfZE%2Bu2%2FGxwzxoQszft0EioFWDaglkdWIjq%2BjlahgfUJZnC4rzQ4t%2B09WDw2DBk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 727570856cdc5a0d-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 yLF8rzJKx8UrefNNaqCVMTCw8wfUHaCqqddutUNJ.jpg
znaj.ua/crops/af6ac5/150x100/2/0/2022/07/07/ 4 KB
4 KB 265ms
264ms Image
image/jpeg 2606:4700:20::ac43:44d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/af6ac5/150x100/2/0/2022/07/07/yLF8rzJKx8UrefNNaqCVMTCw8wfUHaCqqddutUNJ.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a62c6e47c1901316677e9da33fbf879094f6af0b2d99dbbc07f0528fe92746

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23629
cf-polished: origSize=3834, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3686
last-modified: Thu, 07 Jul 2022 09:02:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwOMJvxy8z%2BzPuT4Ok2Dlj3hx2EsS%2B%2FCR8T2bk6iLDmVXWVxP2KyvBCUsa3cAeQuRTPZbs2389BK7J4Va0ZqiQRInkkiISBAf1qkCVeDJhkRyvAcYnEwORE0CLmrN6Y2ErRtOyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 727570857cde5a0d-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 jMQCuf3Ya2PHnx6jOoBP5McSz3JV1N3hc4lCIj9n.jpeg
znaj.ua/crops/92e307/150x100/2/0/2020/07/06/ 6 KB
7 KB 197ms
196ms Image
image/jpeg 2606:4700:20::ac43:44d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/92e307/150x100/2/0/2020/07/06/jMQCuf3Ya2PHnx6jOoBP5McSz3JV1N3hc4lCIj9n.jpeg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68c6f40cf58bbbcc5950063eda4fcf07475bd680cd2cbffc7642621c543ee520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23629
cf-polished: origSize=6782, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6647
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 06 Jul 2020 14:01:02 GMT
server: cloudflare
etag: "5f032e9e-1a7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYXGoWrTXe5UMEBrU5WY%2BzEZyNoznONfAoUJvRzn3wq5gOCQnMlmklTgafJRMr3qisxsH0W%2BelacmHNwCRPPELLhXwaG0%2FkgFX2GptYKdFbPgDrxTF3s0kyg5MSVqbsfkRSa4X4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 727570857cdf5a0d-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 PXzeCD2yhW2Kym08SUO0wL59MmbydLoDHauYm1P3.png
znaj.ua/crops/0b799e/150x100/2/0/2022/07/07/ 4 KB
5 KB 72ms
71ms Image
image/jpeg 2606:4700:20::ac43:44d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/0b799e/150x100/2/0/2022/07/07/PXzeCD2yhW2Kym08SUO0wL59MmbydLoDHauYm1P3.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92cc768d1181fdb9c82135450cabb8c7497d2f4c27140129649b5a2991ae600b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23629
cf-polished: origSize=4194, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4064
last-modified: Thu, 07 Jul 2022 13:37:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ter8%2B6OD4V5K7vdcQi8PSEhAUQJKJGGCsSf7VrsqPRsAtYzC15iQ2XZvaz%2F31%2BIk%2FrWc%2Flj1sPNbo%2FqlboinaDM5OvwFPcvJdIOb%2FFRaT8%2BKK7HMDLpJgi%2FFaPqQvJYNwHwGstM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 727570857ce05a0d-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 zUiWmFPjD5YaartjYyKezQZwjE671Ia2FGwVFb1T.png
znaj.ua/crops/6373ff/150x100/2/0/2022/07/07/ 4 KB
4 KB 73ms
72ms Image
image/jpeg 2606:4700:20::ac43:44d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/6373ff/150x100/2/0/2022/07/07/zUiWmFPjD5YaartjYyKezQZwjE671Ia2FGwVFb1T.png

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05f4500cfd8fb8daaa74f3cfb958c4256d4b5b57b6ae1d0885fc0c156ead6ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28516
cf-polished: origSize=3820, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3659
last-modified: Thu, 07 Jul 2022 08:02:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2F8BflpEiWwtVsWtwSbygxBTaOvUhRKtjTZbvYZ3Povdxp7BBZ4eXVIeXeKiquDoNk1PZZ0StBW1lwzsTj7OqwSqIO6JbFNKDNH6SPpEtRN3aB8l5KlGFlMp3W8SKw44PsK2awU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 727570857ce15a0d-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 IW0IoS12zFBJlDfKdAxbMlW9Vj3QpVZyt9NNeESE.jpg
znaj.ua/crops/6e3354/735x400/2/0/2022/07/06/ 56 KB
57 KB 198ms
197ms Image
image/jpeg 2606:4700:20::ac43:44d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/6e3354/735x400/2/0/2022/07/06/IW0IoS12zFBJlDfKdAxbMlW9Vj3QpVZyt9NNeESE.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e649f7ddde6641bad0d56739ecb9d451197b256f92a15d6375bd032114fe89c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=57803, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57545
last-modified: Thu, 07 Jul 2022 20:58:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddpEZ6%2FZwOCX8nHot9iS5ChgCVpE9jW1ABkcG75vqNOXbNBPSLboMUqtMCLM2rLSkCC2HWM0mOvg%2BAJj8sz6ckKTxqSLeqN8hWVL3Lngj1Njgn2QdB286xoevvHw1YWrZQX9dvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 727570857ce25a0d-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 8zXk1NnP16q76oYJTL0IWPmjuZ6JBOTyjZzJNVwi.jpg
znaj.ua/crops/e55b09/735x400/2/0/2022/07/07/ 32 KB
33 KB 133ms
132ms Image
image/jpeg 2606:4700:20::ac43:44d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znaj.ua/crops/e55b09/735x400/2/0/2022/07/07/8zXk1NnP16q76oYJTL0IWPmjuZ6JBOTyjZzJNVwi.jpg

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:44d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

438a0a73003444b06e61b81afaab1c568d196c4a5bbb4f11d82c81df664e9c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=33631, status=webp_bigger
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33154
last-modified: Thu, 07 Jul 2022 20:06:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkNoHmQBdIJaPeQAcF4pmWQ91fgpmMQS88y4klU0rHyvbUkfwI2odck0XEwMZM2RFpyTvIsy%2BojnW%2BaOsIxjoPsF1szMgtFNdUV2DV5u7xcmle3OxW%2FrJUFVqZAjxB8%2B2bGK9rg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 727570857ce35a0d-MXP
cf-bgj: imgq:100,h2pri

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 132ms
47ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=95010016&t=pageview&_s=1&dl=https%3A%2F%2Fznaj.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B2%D1%96%D0%B6%D1%96%20%D1%82%D0%B0%20%D0%B0%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D1%8C%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83.%20Znaj.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=839120693&gjid=246223474&cid=1449982755.1657247863&tid=UA-108263001-1&_gid=603535887.1657247863&_r=1&_slc=1&z=1544877246

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 276 B
390 B 58ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=znaj.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: f0245a8874d1d91dcadcc7223f48c4e278d7e28b120dd7e090abf639a0cc24f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 276
expires: Sun, 07 Aug 2022 02:37:42 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 09CD 5 KB
3 KB 188ms
59ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: b769bd50a96b22ec278505cdc41badb2067a4275674f8cdd15bd7972d1e9a7af

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2718
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 02:37:42 GMT
etag: PRIVATE7520710249
expires: Sun, 07 Aug 2022 02:37:42 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 121 Show response
aixcdn.com/p/ 257 B
789 B 141ms
72ms Script
text/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/p/121

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165725

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7b7dc029aadf4c26e5ad370b70c77c812936e206519fb854123588c074da9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Jul 2022 10:32:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDg3bqO7vkLAhjYb10PeD3%2Fy2%2F354Gg%2Bmc4yzQoyRObTSoy1Is46MfLAVWGoSCvnAMtFqiXdYx1qXYC7NtWeyNp9o6s%2BLhWtR9fyyhpFVFf6P2D57tfrqjkOICSS0VntlIIoNqzQWCAz"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray: 727570868f6f0f76-MXP

GET
H3 200 97 Show response
aixcdn.com/p/ 23 B
631 B 140ms
71ms Script
text/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/p/97

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165725

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca5cdde752a7e0dbd7652fe7cd000eed74a0f4aa74eaecede273a8d3f60be04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3570
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Jul 2022 10:32:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uHdEdjavfa5cfZa51z6HqYRK4v6iTt01B6sEbhVNPKgtWFFSJDRdcmn09Ib1UDs4bO68BjGQ9R4BGUeTKNxaDbtgp4%2FBhIZiyjpjfCZ0nKo2aMoSN%2FPduOy15Hp9muQKh4A75UUrsPm"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray: 727570868f6d0f76-MXP

GET
H3 200 194 Show response
aixcdn.com/p/ 2 KB
2 KB 139ms
70ms Script
text/javascript 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aixcdn.com/p/194

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165725

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bacf54b7d27b6739185e88efc6a53a890e2d6beec5fe35827ae10144e53cf71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Jul 2022 10:32:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sn9yz6nHgfrlGpDt1mW%2BXa3n15pFPnjJVMQPJv45HFnb3KXStaz28ydXOlI6S1CedkWog6nyokbKwfUj%2Bv8ngD8vO8n6Vg81ehUHIim2hRpeOrYFdgr2AamtbgUc59Ff88jNTtIT94zO"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: no-cache, private, no-store, no-cache, must-revalidate, max-age=0
cf-ray: 727570868f6e0f76-MXP

GET
H3 200 pv
s.getstat.net/ 42 B
793 B 183ms
116ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.getstat.net/pv?u=https%3A%2F%2Fznaj.ua%2F&d=znaj.ua&s=&t=&l=uk&ac=&aa=&ap=&un=1&ss=&dp=1&sd=1&dt=1&o=1&b=1&p=1&r=0.08853861909311411

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ga%2FP5PnbfFIqgisiK%2FNoQZWyiXL%2BsuTFQVCtGKSnLReJo%2BpIEbqXkCH%2FJsfWv7Vo9TXtnqMWEXVGyRqlQxlWrxH1aGE%2BOENL6ScgJmQZEFPdA61aTg36f98Ag0%2BTIntZn4ujiNy8rkHSZMWX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store
cf-ray: 727570868d2cbabb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
439 B 111ms
37ms XHR
text/plain 2a00:1450:400c:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-108263001-1&cid=1449982755.1657247863&jid=839120693&gjid=246223474&_gid=603535887.1657247863&_u=IEBAAEAAAAAAAC~&z=114444149

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 08 Jul 2022 02:37:42 GMT
content-type: text/plain
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 branding Show response
a4p.adpartner.pro/ 11 KB
3 KB 189ms
61ms Script
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding?id=1582&0.8354124378749466
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: d46ceb2bde60881fb19d81ed006513a18f1fa2428fe60af86e50e308a13f298f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 157ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: aixcdn.com
URL: https://aixcdn.com/client.js?165725

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a8f68791d18e0ab2bcbd0faedb6620be4f440cee4aff4f8806784f841bd24da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28094
x-xss-protection: 0
server: sffe
etag: "1267 / 996 of 1000 / last-modified: 1657231719"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Jul 2022 02:37:42 GMT

GET
H2 200 ym.js Show response
cdn-b.notsy.io/zna/ 336 KB
106 KB 131ms
38ms Script
application/javascript 84.17.46.54
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/zna/ym.js
Requested by: Host: aixcdn.com
URL: https://aixcdn.com/client.js?165725
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-54.cdn77.com
Software: BunnyCDN-AMS-883 /
Resource Hash: 6f11b026b11a4b0bf7bd004eb880330bc9dc6d8b81fc550cd39bce6baf974748

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
content-encoding: br
cdn-edgestorageid: 879
cdn-fileserver: 250
cdn-storageserver: DE-164
cdn-cachedat: 07/04/2022 09:00:40
cdn-pullzone: 139012
server: BunnyCDN-AMS-883
last-modified: Mon, 04 Jul 2022 09:00:01 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62c2ac11-53ec1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 83b07226c6b2b409f07db4c575747d6b
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 144ms
53ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108263001-1&cid=1449982755.1657247863&jid=839120693&_u=IEBAAEAAAAAAAC~&z=1925507573

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 156ms
54ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-108263001-1&cid=1449982755.1657247863&jid=839120693&_u=IEBAAEAAAAAAAC~&z=1925507573

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1657247862907/
Redirect Chain

https://gaua.hit.gemius.pl/_1657247862907/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&...
https://gaua.hit.gemius.pl/__/_1657247862907/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%...

169 B
423 B

156ms
156ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1657247862907/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=yKrL_lat4D8Du8wYRSvdd_VuU.tbz_cAkJG93TBl.p7.E7lNT99LUh1HXo85YSgLboSWGZR6Nd5GFpXWRTaz6olRIZcP/iTFIoZY5ERNXN/&ltime=224&fpdata=NuoQpKsUFuDmUaGgMnr9i08vqaKcLNGyo915itniHKX.X7&fpcap=
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: c776b9db066183f12837ea0d17ea8655c97cd49cb15a4c6b98dc225d522d2ee6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:42 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Thu, 07 Jul 2022 02:37:42 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:42 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1657247862907/rexdot.js?l=100&id=AjrrCS8K7F_6f3.GM5ZW67S4rocKK1uFgzX4ielSjOb.37&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fznaj.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=yKrL_lat4D8Du8wYRSvdd_VuU.tbz_cAkJG93TBl.p7.E7lNT99LUh1HXo85YSgLboSWGZR6Nd5GFpXWRTaz6olRIZcP/iTFIoZY5ERNXN/&ltime=224&fpdata=NuoQpKsUFuDmUaGgMnr9i08vqaKcLNGyo915itniHKX.X7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 07 Jul 2022 02:37:42 GMT

GET
H2 200 branding.min.js Show response
a4p.adpartner.pro/apstc/ 13 KB
3 KB 59ms
58ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.8354124378749466
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
cache-control: no-store no-transform
last-modified: Tue, 15 Mar 2022 16:47:24 GMT
server: nginx
content-encoding: br
etag: W/"6230c31c-35bf"
content-type: application/javascript

GET
H2 204 tt
a4p.adpartner.pro/ Frame 9CE8 0
0 385ms
384ms Document
text/plain 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=9b080961-bd8b-4ca3-becd-1f9a8a8fe123&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.8354124378749466
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Fri, 08 Jul 2022 02:37:43 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/branding/ Frame 0EEF 5 KB
2 KB 59ms
58ms Document
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=84114074586938900&apuid=a55baf10-7056-4481-aa6e-1c757bd40a1e&session_pageview=1&session_id=9b080961-bd8b-4ca3-becd-1f9a8a8fe123&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=1582&0.8354124378749466
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 02009f9572787ec35a61f5e885f4c1b39d472f72ccf13fa8ddd96dba22713b83

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 08 Jul 2022 02:37:43 GMT
server: nginx

GET
H2 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ 374 KB
128 KB 138ms
41ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 07 Jul 2023 22:56:13 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 297 B
778 B 146ms
50ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=znaj.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cf2bebf4d8dc76e0b7c0bdd6d810f59b022c38df8045e55256604489b48d1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
expires: Fri, 08 Jul 2022 02:37:43 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 163ms
43ms Script
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 08 Jul 2022 01:54:40 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 2584
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-C1
content-encoding: gzip
x-amz-cf-id: Sw79DRX7K74WzNk-9PEMo7s1PyoJ91IepniRp7tav3Lw8c78gk6b-A==

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 183ms
80ms Ping
text/html 138.199.37.232
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?ZNA;desktop;;main_page_desktop;c667db|70bec2
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.232 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-232.datapacket.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn-b.notsy.io/video/ 204 KB
67 KB 35ms
34ms Script
application/javascript 84.17.46.54
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/video/video.js
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-54.cdn77.com
Software: BunnyCDN-AMS-883 /
Resource Hash: c5fa35c1584ab1f1e02555637883171da31c9a74847e82e1ccdb26a8a57a6c9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: br
cdn-edgestorageid: 883
cdn-fileserver: 224
cdn-storageserver: DE-197
cdn-cachedat: 07/06/2022 18:32:30
cdn-pullzone: 139012
server: BunnyCDN-AMS-883
last-modified: Wed, 06 Jul 2022 18:30:23 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62c5d4bf-3312d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 8c53c14389ac8c5a1024edf1d9313ebf
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 145ms
52ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220708

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4c16b63d82f18031a9c566901bf1b4d1e1f694ec063fcf34530ee193796250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41799
x-jsd-version: 1.0.1394
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19154-FRA, cache-itm18842-ITM
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66d-dFli+hdEmgM6E/c4GmWpxS0PJBE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zePqWrESWRS6SzSfY7EI6QIdU6Nmo5mwFj3y%2BJhKtdNh%2FM7aqGP7BbpmgaYEcZoaXsjWDPZ3iNHgXyV401S8gSf1IJkdJHt3oMXVfhAQ9wWJ5j0MeOf4sh7Y7dNeX8cOcANH81sFtjz3XhBTJDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 72757089197d23c7-ZRH
access-control-expose-headers: *

GET
H2 200 / Show response
adx.adform.net/adx/ 20 B
482 B 247ms
124ms XHR
application/json 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEzNDAxNTMmdHJhbnNhY3Rpb25JZD1mYmI5MDVkOS0yZTllLTQ5MmQtYjNkNi0xNzBmZGViNGI5NzgmcmN1cj1FVVI%3D&bWlkPTEzNDAxNTUmdHJhbnNhY3Rpb25JZD02OTA1MGUzMy0wYTdhLTQ5YjYtYWFiNS04YzE2MjQ1ZTZlZWYmcmN1cj1FVVI%3D&bWlkPTEzNDAxNTcmdHJhbnNhY3Rpb25JZD0zYThlOTEyNS00Mjg1LTRlYTMtOWJhNC00OWYwOGUyOWM2YjYmcmN1cj1FVVI%3D&bWlkPTEzNDAxNjImdHJhbnNhY3Rpb25JZD1mMDIzZTc2Yi0yMDMxLTQ5ZmMtYmM5MC1iODFkY2E0YTk2NjEmcmN1cj1FVVI%3D&pt=gross&stid=42b85628-141f-4030-b8f9-213908768997&fd=1

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://znaj.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 65 KB
16 KB 337ms
259ms XHR
application/json 185.89.210.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

nginx/1.21.3 /

Resource Hash

4f831d3be110df678a6206dd4da34ab4cdbbcbb8141bacd9c38d15efd537e2ed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Jul 2022 02:37:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 945.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: da11a126-2bcf-4640-94b5-e1f71245da33
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 261ms
102ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309706&size_id=16&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=fbb905d9-2e9e-492d-b3d6-170fdeb4b978&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5481714395046693
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6ea74f548c3aca1a6d7918b7298f7cda56c32aa2de00936c2c5be96ffd8a54f4

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:43 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 263ms
103ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309708&size_id=16&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=69050e33-0a7a-49b6-aab5-8c16245e6eef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.29862671396171336
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c1ab35e206fe3e82d26873510ebe759cc711914e60802d5a63de0ff5afbb4437

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:43 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 260ms
99ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309710&size_id=16&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=3a8e9125-4285-4ea3-9ba4-49f08e29c6b6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39039810180744183
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: dfc00d01fb91b7f67f1d386334b4701db14324ec6a0f5766d5fe5d245ad16579

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:43 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 263ms
102ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309716&size_id=10&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=f023e76b-2031-49fc-bc90-b81dca4a9661&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3402978743510554
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 02c9f196e85b42b940652c3992eca4a41253f977b8605857e25a09ae3e821560

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:43 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
209 B 109ms
34ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=57393594365

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 02:37:42 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://znaj.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
501 B 182ms
94ms XHR
application/json 52.28.173.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fznaj.ua%2F&tmax=1000

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.173.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-173-192.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:43 GMT
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
content-type: application/json; charset=utf-8
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 7 KB
1 KB 290ms
189ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: fd2b5309cf59924e8d938d3623bfec18d681e2fc04dcb9f5572a26b387ded11f

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Jul 2022 02:37:42 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://znaj.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 887

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 193 B
402 B 155ms
154ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8220,8221,8222,8223&sizes=336x280|600x280,336x280|600x280,336x280|600x280,300x600&referer=https%3A%2F%2Fznaj.ua%2F
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: cceaf1580bc3d3d76ac0a56981a28e95e54291d2e2e5604b9ea03fe549a3df0b

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://znaj.ua
date: Fri, 08 Jul 2022 02:37:43 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0EEF 49 KB
20 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=84114074586938900&apuid=a55baf10-7056-4481-aa6e-1c757bd40a1e&session_pageview=1&session_id=9b080961-bd8b-4ca3-becd-1f9a8a8fe123&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5572
date: Fri, 08 Jul 2022 01:04:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 08 Jul 2022 03:04:51 GMT

POST
H2 200 branding Show response
a4p.adpartner.pro/ Frame 0EEF 772 B
448 B 64ms
63ms XHR
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding?id=1582&session_id=9b080961-bd8b-4ca3-becd-1f9a8a8fe123&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=84114074586938900&apuid=a55baf10-7056-4481-aa6e-1c757bd40a1e&session_pageview=1&session_id=9b080961-bd8b-4ca3-becd-1f9a8a8fe123&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 3e6eb089aade1932a634c0b0e2aff1b3993ea1775de672aa8914f47e1a5ffba1

Request headers

Referer: https://a4p.adpartner.pro/branding/ls?branding=1582&bannerNum=84114074586938900&apuid=a55baf10-7056-4481-aa6e-1c757bd40a1e&session_pageview=1&session_id=9b080961-bd8b-4ca3-becd-1f9a8a8fe123&site_visited=1&location=https%3A%2F%2Fznaj.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H2 200 geolocation.json Show response
cdn-b.notsy.io/ 3 B
647 B 115ms
42ms Fetch
text/plain 84.17.46.54
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/geolocation.json
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/video/video.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-54.cdn77.com
Software: BunnyCDN-AMS-883 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
cdn-edgestorageid: 879
cdn-fileserver: 309
cdn-storageserver: DE-167
access-control-expose-headers: x-ym-country, cdn-requestcountrycode
cdn-cachedat: 07/01/2022 20:10:34
cdn-pullzone: 139012
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-ym-country: GB
content-length: 3
server: BunnyCDN-AMS-883
access-control-allow-origin: *
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "622b54c3-3"
content-type: text/plain
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: d5cbe5da9516c36a20145ac842d9cd95
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame F1AB 0
139 B 70ms
69ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522a55baf10-7056-4481-aa6e-1c757bd40a1e%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Fri, 08 Jul 2022 02:37:43 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 42CB 0
139 B 70ms
70ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522a55baf10-7056-4481-aa6e-1c757bd40a1e%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A1582%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fznaj.ua%25252F%2522%257D
Requested by: Host: znaj.ua
URL: https://znaj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Fri, 08 Jul 2022 02:37:43 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 51ms
51ms XHR
text/plain 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fznaj.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 00:25:29 GMT
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
server: Server
age: 7933
x-cache: Hit from cloudfront
access-control-allow-origin: https://znaj.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: EFf2mEdIf_zzoPwizgsESA-2Hh1HW4VMiGFxwwBQ_X0bSQqcfMoQeQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
486 B 77ms
77ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fznaj.ua%2F&pid=8UUoxqSxvP9cH&cb=0&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22ZNA_ITA%22%2C%22s%22%3A%5B%22336x280%22%2C%22600x280%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ITA_336%22%7D%2C%7B%22sd%22%3A%22ZNA_ITA_1%22%2C%22s%22%3A%5B%22336x280%22%2C%22600x280%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ITA_336_1%22%7D%2C%7B%22sd%22%3A%22ZNA_ITA_2%22%2C%22s%22%3A%5B%22336x280%22%2C%22600x280%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ITA_336_2%22%7D%2C%7B%22sd%22%3A%22ZNA_SBR%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_SBR_300c%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: Z5KFBXABYJSV1MQD9C8T
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://znaj.ua
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: qRyt94ZacESkNzMiVYuzq-aYGDT9coWrrH919vDeUKdqSV_WH_udHQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
486 B 80ms
79ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fznaj.ua%2F&pid=8UUoxqSxvP9cH&cb=1&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22ZNA_ATC%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21863949019%2FZNA_ATC_970%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: FYVENEX6N9WD91BSB23M
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://znaj.ua
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: rodS5D_foq6ntBIxh-KPTX335C3O0dgKq6hU8II1bT8YWP-q88vsbA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 133ms
41ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 67125
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 23:14:57 GMT
server: AmazonS3
date: Thu, 07 Jul 2022 08:00:13 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: AujfdjOHGDPvQqav5lLquxrFfdv27M9L6WOT1vPcjQ_U9dYr0RQXTg==

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 141ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 138ms
48ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 896 B
530 B 255ms
171ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3834207813579877&correlator=2961367020687974&eid=44768338%2C42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_WEB_INTERSTITIAL&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3438404882&sfv=1-0-38&fsbs=1&ecs=20220708&ists=1&fas=8&fsapi=false&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1657247863353&lmt=1657247719&dlt=1657247862452&idt=875&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1449982755.1657247863&ga_sid=1657247863&ga_hid=95010016&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48ca53a5f4118d050f950a8cc8c4392525069ed5edab90f162147984c9ce3e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 500
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FC51 6 KB
4 KB 166ms
49ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 02:37:43 GMT
expires: Sat, 08 Jul 2023 02:37:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 123ms
41ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022063001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb8e8964b5b86218a37d73f701503ff287126d5573b27c20b654bcb2f5f8044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 17:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 07 Jul 2023 17:21:46 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
478 B 96ms
95ms XHR
application/json 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEzNDAxNTEmdHJhbnNhY3Rpb25JZD1lNjVkZWU5OS1lMjZkLTQyMWUtOTVhOC1iMTE5ZjZhNmY3NGUmcmN1cj1FVVI%3D&pt=gross&stid=aeaf6cc9-42bb-4604-b333-5810e5e0ff81&fd=1

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://znaj.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 16 KB
8 KB 170ms
100ms XHR
application/json 185.89.210.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

nginx/1.21.3 /

Resource Hash

382e1c8899be361eeb7d44c4578e71c6b23126525ab1a9e4d9f3690f9e0fe092

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Jul 2022 02:37:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 945.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 27a26db8-5c89-4155-9fb4-7a7ca4d98176
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
708 B 109ms
109ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=410706&zone_id=2309704&size_id=2&alt_size_ids=55&rp_schain=1.0,1!notsy.io,c4193689-ccff-4240-b83b-892a8970bb47,1,,,&rf=https%3A%2F%2Fznaj.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=e65dee99-e26d-421e-95a8-b119f6a6f74e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9640831325940395
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0950fede2ed5c150b2e5a8a3730d11fbbddb4f1853e8814cf86394e09eabed69

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:43 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://znaj.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
208 B 34ms
34ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=16614356064

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://znaj.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
500 B 80ms
80ms XHR
application/json 52.28.173.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fznaj.ua%2F&tmax=1000

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.173.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-173-192.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:43 GMT
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
content-type: application/json; charset=utf-8
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 KB
950 B 293ms
156ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4cbf85a4529b3e13d669010cd806a5d9ac1567039b050dc9a273081512d7ceea

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Jul 2022 02:37:42 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://znaj.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 648

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 193 B
402 B 153ms
153ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8217&sizes=970x90|728x90&referer=https%3A%2F%2Fznaj.ua%2F
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: c533adc4b8ecd02eaf0fc80f97e07b84589b53be7cdc96b02bf17ba20054e283

Request headers

Referer: https://znaj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://znaj.ua
date: Fri, 08 Jul 2022 02:37:43 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 311 KB
62 KB 414ms
413ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3834207813579877&correlator=4167228103859250&eid=44768338%2C42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_ITA_336%2CZNA_ITA_336_1%2CZNA_ITA_336_2%2CZNA_SBR_300c&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=320x50%7C336x280%7C600x280%2C320x50%7C336x280%7C600x280%2C320x50%7C336x280%7C600x280%2C300x600&fluid=height%2Cheight%2Cheight%2C0&ifi=2&adks=1604177946%2C1670658071%2C2070129014%2C3542710887&sfv=1-0-38&fsbs=1%2C1%2C1%2C1&ecs=20220708&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D513c86e31add0d5%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.01%26hb_adid%3D513c86e31add0d5%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D5277049327c2b18%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.01%26hb_adid%3D5277049327c2b18%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D5383b2e1906168e%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.00%26hb_adid%3D5383b2e1906168e%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.03%26hb_adid_appnexus%3D5459f34b5a8a872%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.03%26hb_adid%3D5459f34b5a8a872%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1657247863464&lmt=1657247719&dlt=1657247862452&idt=875&biw=1600&bih=1200&adxs=-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0&ga_vid=1449982755.1657247863&ga_sid=1657247863&ga_hid=95010016&ga_fc=true&btvi=-1%7C-1%7C-1%7C-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c05282455e487dbbada9655e249aae2d4f889e65742b4c85e1ef702c359f6079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63082
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://znaj.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 56ms
55ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6d0ab58c1fe064199cb827d9ef2aac82528a8c65e7246847c3fcf1f7c02aa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10597
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 144ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 02:37:43 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 137ms
52ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 136ms
52ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=znaj.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 375ms
374ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3834207813579877&correlator=4348179279276312&eid=44768338%2C42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=21863949019%2CZNA_ATC_970&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C728x90&fluid=height&ifi=6&adks=2184955199&sfv=1-0-38&fsbs=1&ecs=20220708&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D56d588f8e80e371%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D56d588f8e80e371%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3Df710f3ee12a5920a-223928f5c7cd00c7%3AT%3D1657247863%3AS%3DALNI_MavTnf79sZohGDg9yTu2Xr2Byy5wg&abxe=1&dt=1657247863681&lmt=1657247719&dlt=1657247862452&idt=875&biw=1600&bih=1200&adxs=315&adys=147&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fznaj.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&fws=4&ohw=1600&psts=AGkb-H9D-Y7Fsq8mPQIBiTvyAOOSA7-2UuUSqSBM5jJjML3N&ga_vid=1449982755.1657247863&ga_sid=1657247863&ga_hid=95010016&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9d16e11092e6dad931036c6019ba32d4c0edf192d8360b45004777b4014f135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12277
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://znaj.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
c.aixcdn.com/ 42 B
394 B 92ms
82ms Image
image/gif 2606:4700:3031::ac43:b689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aixcdn.com/?2120&3224&4137&4166&r=3180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b689 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:43 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkOPQ32Aq6YSArzmtxWS6480Ztaxcw6J74X3A33irjoa4CMExqyNTp4GE%2FpnpcT1FoV43gtaXRZGWcRHXkVihpczXxErFj5yMBqJ9ztoe4%2FjzVqFDwwfvqS0PC351s2kcV92DSsrnLaNnr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7275708c6a97ba9a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C027 13 KB
5 KB 128ms
40ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 25644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 19:30:19 GMT
expires: Fri, 07 Jul 2023 19:30:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1F1E 783 B
535 B 136ms
49ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

75e6b6606e5f5eb358cd627f7c83f5ad89f97a840a83ffad86535126f8d3b5a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uJbI69J-n7-KYO_TnOyjRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-uJbI69J-n7-KYO_TnOyjRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 02:37:43 GMT
expires: Fri, 08 Jul 2022 02:37:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame C027 36 KB
14 KB 42ms
41ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:55:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 22:55:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1F1E 0
0 78ms
78ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=3834207813579877&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C027 0
9 B 40ms
40ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QRQtdg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 26B1 6 KB
3 KB 125ms
41ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 02:37:43 GMT
expires: Sat, 08 Jul 2023 02:37:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 324ms
110ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4c2ce8d360f61186e0ba56478c0bc8e848e2ad5958fd08900e13bb0981541a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:44 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 06:23:33 GMT
server: nginx
etag: W/"62bbefe5-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Jul 2022 02:37:44 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9140 624 B
733 B 145ms
53ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDryqX-Ahi9iOjBATAB&v=APEucNXZi0JGhZ4O5bi3hOCfxLsEbHL19Dr-a7424WmK-zw5Am14NCVIGkpAjeB8VfcRKgEMK63taYwZjkSP_fhKORsRq154EQqI0DxepDHLV8psCyRCRyQiozj32eNwy8nSrYnxcHdsHRA8gLkkO6gShk47GED5p2_f-IhKx3DurvUJBxMHCDY

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 02:37:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 26B1 14 KB
11 KB 164ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzrLb2DM1HML50jEaxGT3kZ29SkoGiyR9CcOGbtARd1QUS2Jea45bHLRTY56Wa6_2fVZfZV2qkWnUz-LbOv2w0XdF63mmPU-FHLW5NGsIfpyycv1djABKxwk3qLo9ALos4G5nkOHr-p4rT8hH92aq5L5f_rw&cry=1&dbm_d=AKAmf-DzzVZT3196zksgb4lD9S7Wo5iVWA9lkBSWmkOxccEj1ixxBkcKTETkX4qbbJ6pje0ZsMwgSjpsnqiZOagHsBHgfyh44RHqoQOnxwInJ1jA-oYFGdCJasj8QDCzOqwWyQ-KGXlWpVE-J77wWYchMaMQ1mNg9M2aGFVqu_LvOmOsJhWZQ9Zbp3Hcv9hQ9pMXYoihnzIeHXpUqLrgiey2AhujPx-LQylnSToQntVk3N3TZ4dkwhcJgVhTYRWFg-nhHvs1sLh425yR9M-6FzDdzAXnU9Zr8WICnQgEpqS82HZIrAHsnqjwXZKD-938DkjN4tjvHXv74htfG-XlmRnyg-YaI3hSZEf43QfPP-AWffFYR61Y0qRSkGTdN_3bEyt9Rs_xoheQizfGYlVwapesihm8KU_XaEhbAgZUtMI9ZZ-h26jBtcjm21MEACGBRmxrcZ5ttw52PgdLe0Vki5JoJF-ungYQ9dd3HAe11f04V3BUh66jc2ns216QQ0NYTWHiTPeod-80sACNIOUjG62_udWOptW0elXuset5hWGB77tLTxUU_ch5V7VhtFs0rQsl11NwVSqTVPnfqvm3jo8zoOtuDAWdFrXBAhlrZg5t33nGgXGsYsKItCdgDgKaWOr10rO1eehewRy8tQxPfq7HgHnIfFE3RQnZ-oHTc28jIoMXFbjA8qHk5Z_UZXsDXbLk3hLyfWDDMB0pcdVbgPcwYtoL8_4QzapMd6r-GbNVnlqOPgEuKA2l2EDjJIWpT7ykc7wDR1L-7F-3dD5LVhznZJNmaKey1l1h3gisSWvsvc_IJG3ZSU5s2nqz3hNJpRkCtJaJiRycbMHTh5m5UD3msgimxlvVcJ0uOo33TLmyC2wbs9zeVg-Af61X9EOP2_ItCBkHO-tJazr_u8n7FoLBJY3cE-x0_ghh088OBSsimVIMVPvX7byOGZX3evOpHxbcZQ3Gfe-R_xvIlwIQi5v4eAT2YctdWOVWiUYLdA1iWQCV-4vCHBJhJQytZ5BBcC_LscVtI1lhF7NFLugSjEZBZm2Ke-cyMqxvV6tSf2N4sWiHQk3Q9J-2HHAYWmveJhFMASVVfWgNcScxO3Id5LHHb7-KDNLe7pRYserGVE7Qf-fTUEJgrW2gQnFoQKdLVk0CoTwXHN9cWpC6ZKeEYNtkaCUNT1b8-8ekMaakSvLMyvljjp39l2FCpa15J7mftCB8W6KCa0jE62DYPH5hJ7IUZ5Ip_I7hNVCf7KbWgP_1TfSCg6F9V_AeWtUE99xBRQur0V6IbndwGI-S8UouDs-FSnzIwrLOcWppQUSe33UqZK2su04Gy5oaDkUzVHuO3zdGzmRq4bfQX7M35VutTYPtS0lnMLkuHLb2-DDcAKAWF7i46uUBZ8sYSZX8cZSPJYlla5purs4Yt3Ao9X0LVZoxf0VsyMTi9C-wINl0ZfOwLyZ4Y8YwFBerpltZcI2xZLCyj2XynMEA39NSgQAcdNxc5m-cxWuBzVEKPFP9soK1MqIe8bkcabWPnwqVHKXjxstXwFDKZ7A3JetqVSEF7TyEtTMx5wdRhbvuu8fKNrphPr6rl53UcqqfRps355mVy5qFvDmNQ2nR2pgQASOxrFxB6R6RNyhRWbnL9UbkhpGx_dJGLZj59_KmJvNO9FPYMVtDkQwni1iBZOWiqzDqEqcSfDpF1tB6X4SRwK13XNV3XOgSx26uO0_YLRa2TMIYemvBYS-HD4nKXJxCL_2bEnndn9IpiQRHC8XrYva2cKTevM4lf0AS1eMYlhqUQ6KvLLwUQ3XmNqXcUt0-SfA8UrfTRQmNkorbVl6QOfF8s0uieLO_sObSuO0fCw6VO9Vhx8v9ZXw2ilYKbmD0MztHTSWc0qvgX07UkB7fBKbjzkjT_YiMTEiPxayNT89NcAKagzQ6rWUmtH65-pGdWfdbeJE3XzP1mh72NFDusMY-GEsLznMDKU0X9Aq9bVrT2pY6kYsRrDydKtTilL16rj3w0UZBW8plQQQ_APDhnUA5iedv8AHDQkcZQ2JuHSsp2nVkd_iFvuIce2kG9NxEozjpI-nFLiJBik3CujXzrCqOlYz-bg_n3H32LXlB1U9xi4O6yAT9CkB03_GT7MXtLLu31Kqv2JIAcxPVPss_nLWfV5tOYoIYVBtggy9Wd-Y63hK3cO3zV0B1lh-akbWePvUESQxntDOhri9q5UEIXEaGlmMDBA2P0tWCKjn98Dkhh1XK9PM_N5b3obPsswT0WHrTL_heDf67clu3qNzCdI3tQSCV6gVNRLuIy6u0Mbfl0guIe-ibst3zn58dmRVYcNd8boPbBEm-3kcGjDoOfnaVBct5V8ptPLHtju4aPF2b4EtwtPC9ZGQaQMq5NSojciQjjhLjT5eQ6JtUmb-EWOQqQLB3LMHhnBH1zkTjxY04oXLpqBenGobFRKlflslR-HfifVebkxUjzlEtAAvqVg5Eisf6kdSQsCn3rcACPqFgL-iYNkRe9ECXXsi-pfOaRfkiMpHTCx9FhaL50UFEBl6hfpF2eee4_7VErAcbu4jwoL2TdBh6aNYvirPwOFYoHaMSYO_mrffaL-GINFmurF5QwBxHgZ91GSyVkQ4&cid=CAASJeRow55w7M-bEYIoEd4tYNZPGtz3gqFikiZFb9pAL5ZB7MBmRIs&rfl=1%2Chttps%253A%252F%252Fznaj.ua%252F%240

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e3aa7e0547d2094b9a525ee7e76678bfc1ddb1389b770ddb98b63a7af3ad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10808
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26B1 42 B
63 B 76ms
75ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYtw26eVanWsTlSewNwY6QTxjYbdaMFp4iZm9CRi0tcvVftAf2pLrUVqMiCoG8r1Rx8vtUjnyaaQQNYg0MNDhFNLZxC8PRvS3SpmbPJUZuyqY_l6Y

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-143-204-215-88.fra53.r.cloudfront.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 26B1 62 KB
22 KB 172ms
72ms Script
text/javascript 64.233.166.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWztvSOp_WziUpkKwhLrDXCcZadOmCSQJqmZa9b3ISyC2hXCFI&d=CnkAoCZ_4ISstoR0oliakF7PagtBdCGuOcOC7N0PUhp3CNBVkWvLp0mOrKqJoozeejhjA6zNce_U1SQQ23gY27Ygd5xpE0zt0dSDtZYymDWNvrRXlGA4ckeYr6d6vpGlEVCyNE2Q9IpxQXQQB0_4QlMiyFHMlamodFtIEskUAKAmf-DdzgGZf7-H93JKhI7FRLh_00fffwqpqCqAF5FFoJD9Twws0mTpOzz2iwdmZbpepsiQx8BGKhJfHEQ9Wevk9d7zgye8SX-_NWAk1XsAuabU25X8W3g702KP6UyRFtr4EQUSGtq9Q2Odr3dlnGwztiOzPyhCkJgoQSQ4Px7jLi0phUax6uLhlkc061Bu9CML6vzpJM1Vq9VwuJ42ghSYiQalrrDTBzrQD2yYa2hxuzrwb1wL8aGQvtVmOVmsZi3I6PPLAYFdIL51s0buXcPrV5AxZBCxg_fB6dZJR889JC9_hnZjtjfiplIVr8H_8irnwPQQj3jHGFTYoCa3oHdVC1hJXfsfOV6gHin08DAIw1dSbmZGVY0naUizstirlYIQ2wccYmbLyX8CMQkN6VbNLFC8Of4AEMJzr6MYksK2ALHA-Du1sZR0SYnxf56Gu5q039mzLMw0eU8ZtSGoCoT5TJx7Kp8EMOH3zLPQBRF5D-A0V5ejW5hTfmMBRvSnqmFLPC-5mmcZPlIcYPVgsmCl8PBdbXJQ-o8s0ljpEO0RfNlKJzKjoM-2Ea8T7--i2BpH_tZ2_Rk6jxOc3sjNG_iWnFrEAwN2vHPsYQ0kAKAuRN6CaMPd8xyvkldDFEMF5QsmrJq1L8R-p-oDtfrYUIw6w0wr-nGKoOhvVi3XTqE5z84j4Y4KvRy2eXcmSI8y23_Ai-wC5FePL96YMiseXrFNjNE_UQiQHu1NHYu-_Mcs0pDAZHGPOcMqjpi-u-JLBaBun434c7nNQOaF09-sPGg5an3oA9oPYLcyU4hjYPWVnNqld8TZEFAbIEDFl_PUY6GkuHzJzUhA5Ts9RnjK-ZGFmhPwc_3hXrqoJOcdV-aXs5oiQ2_hCkUPOJi2yzN37ceLcKhEt9CirXa2KS8DHtOqza269h7yPGUnAgKaMCJ_hX2im--5oKr-Yn8_MghEjObHxzrNPehJCSgqmmnlVO735Mb786BsG54TItCOZD_SASrbeiLfPvDkVKSzy0NP4jJxONuxt1kNOVoyfQKX5d-D8Iji9qxQ7Q0Il1ML-imAPr7btv4akRvQvfh1DGMcctMcxKL7ZIieND8ThK8f3AsppSc2lF1aWDxw_wsR3bTWTvIA9UDRJ_ACYqJbUthaL4ffktWYGBW_ehN93nJXREZEkyGOn-q5iZWgKy4XhPH64EwIy6JqVHziibRA7JiG9I3eoraqgdiyexPEdzm_cMGapJkPuqJ4PRe1rFrf00IH42P-wUDhQ7e_oIz0CDBiME4wQtgW5ifIkzKk4prhgj-2Q1S0xkinbyOUKiZcRVVrSXk242cGWCCvRP86OOmDhnf02j2UZtdXjLxMngyxmhPfFPCjVqZKDFuC7owwmRuKCWKgCcCSkSBQBLwvTITr1fByZtZX2vNcRjr4Tg8J_j3VrUw3AOlUoGbii072bux8BUN9No4QL6J_sNmQ9Jz4euSWei2_PY5K8DpBZHMWHyu4j0Kael-Hz5-B4Gs0g2yddBLiwVPWz1jf-l6mKQHtxlnPYVUjDzvKce_PDcErYFIIAtnHPUd9V1lmILH04RL1d78L14rnNIsQIpSrs8vQMvGDEpur9x1Xk6AKiqpcpbnQAk0WzdDfdpChHN3AZh5N2lu8eXQU9-wIVQPifQsBpE6DvAwEkNfUiM6Vtv5zRXezExkWG8RiLc1xMO2vYP4vib3dOKNl0YDi-P5xPzvWqRDo7TqIF_MrqPOageB7aE3sutN_BqI2tOPfpQxjelvc05vF6QWUnHuMYPiS2UomWPXXajQF1n2FzrR253BNfVvHMfYSTHiakBNW26l7HvaJGcyXGbERGEWp0U7rzV46jEsFi8X-c-VwJDdZO2qRenK165BP_xK1tlnmgKhcEWR49tWj41H0ga0uEV9p8X5i94MRFvf-cOx_lh0coH2N9kKdfUhCgH6N3Hqd01n0GxZDnvvLYQ1LlI4HtMLsPv0cdnGJQ6eX3ftKVjBgyTnTdSL38bCMzpFhOXPf-qWO_J2t2_ssKJU5GNuLgbpNKuJq8T9ZxUN_qeJ2VmBU5xVwyBImcVWa1wXPDbiVaaggiK7Thv4rtHcKKBXkqlzWpdUYDuLlcFzE0CmZdumZcK6mRCCXGzj4aYWsIcfbaOlPmx3jooVZG6I1qrujyiTbrHFdwfHj0EVwmKdSJ_5h5wlbhLODLaMJY-x6P26yHfovBI2Mx_kXhagOW2cRcCFqrsmEHJ8jmffGXtRrPb4b3uppadZPGqJeYO8q6SUfD2JyxbTEPhnwt3WkOY9M7FMaL7jdI8PMKk460thkvpvpAxEearez-sXpLlE4GuAVCwi_0qUa72CteUpZSi5buCJ3th0jIzkGB8tVAk4usGtsHbGNPgn6kSTSt37t94lmkk_88mzEYIb4TPx5SM-s_S7s3ZuBGXWt94EwXgYlAB8a7FHFrn2V7JOhniefS9i4iy3-N1sbaGVMx_VIKYUdvq-k4jegKx-FTTXotenoPr9j8DdrkH6kx-5PTlYEj798RuX4J3So0w0_NTqIAeDyLaXxZY8NA8La1rYLNKBTa8H-gzvOgJbbDd_0IG0cmkvrB39ttYs6t2CUEWBSr3mBU-rR4NKLUs0NFk7iZSdS-3Ciq157QfPJOEIYSr4OoTiUabYB_21ex-yUJAy19q3oR1InzhElJHrXwo0hn5_30aFab1Y2ijWzNAmCzJ3PTjSLkzEBob2Cu39jIoPlJ0u082gESBr5Mmvs5vqS48wAK68q7L34TFQvoZwbGXxk_EmvWPkdypDdtSsAgUoeaW02mKIamif2NVVCdIe4JZte9_SExGsCESaY_tbZsvuRO65fGD3N3j4_LqvrfBJwXi5eUTSo1rYmrZef6XhxzrKbooarbISamc_MeyQzzGgnn6mEfG_kdpV9Re8L09aYWOKrSMs796gwYxV_Kg6A4Ezc_IoNYMJ6fWAW1IBxqz_p7bc6MPfAb8Sv6NG6D2Q12YxeLSCX5tR8D5VPNCDPgA0MwNzMKT2CKVgDi8tmI5wkY8Q7y8wme69cnWHL9AdcUNCdKNeWuhvUnQWYi68VKSslksM-4fJF8R2BfIoZXPqHTWWtzUC2DfBnVdigDjtuclY7yfz8YetSHyC23_QioVNknI1MNpwQA03_pOakw0uP2ubcabkXOrlLn35t5LpULYehL3s7oQd09tPcwSR25o2-TqF5wF-XdKnwm6s4cB-QkwaaWkouAOIEJ5nxV-Ef8VHKyg7ge4ePxj3DRSE0507fLMZjoAg1H_5fgtT2DaprPiMol8M01rPbjt1zTMInM9b0kgtbQKoEwksqJ-l_TL4lY1Mckxbw4WYdj5MOpmQXqpiPtpt2V_V0o0nqnVei-sJFPHpWJRrTw6d49AeZK1J0P8ZIhYdQepNHWbPXTwE-BUHxgRKahE8j9q9Np2KvR5ZeWXjh_14f5eOxsNsud4SZjVuSyUKsYoRNj5It_iYjXGAEVB9WkLu1idIhxvrsHtgaKQgAEiXkaMOecOzPmxGCKBHeLWDWTxrc94KhYpImRW_aQC-WQezAZkSLYAE

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f157.1e100.net

Software

cafe /

Resource Hash

4b9c081fcde0f2446386c8aa139dd3acc109bad2dbec39fd4e584c878449c7f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21963
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame 26B1 27 KB
10 KB 135ms
42ms Script
text/javascript 143.204.215.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2be9909334229757b086499e9f90e34191180e89ad695b48f798443f39da2570

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 06:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73414
cross-origin-embedder-policy: unsafe-none
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 2kaf8a_e-aW6tkk6d3sB23CKaGY-Ei-nOZ3AV1RKePgtmpHbf3GFhg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 26B1 3 KB
1 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 01:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 01:31:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26B1 137 KB
42 KB 767ms
682ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 02:37:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 26B1 17 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 02:02:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 26B1 0
0 49ms
48ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHG6xgcQFqMz0VbIKpXHGtmZ2OqkBSi9tWToT7ZkPYtOEAaIHgnbAKQ6VPxkhIFtsGcszS7o2LRzZlsZpSPxII5kSdVA
Requested by: Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8CDA 15 KB
6 KB 185ms
63ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=znaj.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 02:37:43 GMT
server-processing-duration-in-ticks: 2300
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 162ms
55ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4c2ce8d360f61186e0ba56478c0bc8e848e2ad5958fd08900e13bb0981541a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:44 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 06:23:33 GMT
server: nginx
etag: W/"62bbefe5-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Jul 2022 02:37:44 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9140
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMFQ8QqgXkeCrCpvY61keg&google_cver=1

43 B
906 B

133ms
93ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMFQ8QqgXkeCrCpvY61keg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDryqX-Ahi9iOjBATAB&v=APEucNXZi0JGhZ4O5bi3hOCfxLsEbHL19Dr-a7424WmK-zw5Am14NCVIGkpAjeB8VfcRKgEMK63taYwZjkSP_fhKORsRq154EQqI0DxepDHLV8psCyRCRyQiozj32eNwy8nSrYnxcHdsHRA8gLkkO6gShk47GED5p2_f-IhKx3DurvUJBxMHCDY
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 727570927eef75ad-LHR
pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKpbine5TzBwAitWf7P3YJu%2Bu9NQg0iS1cjVSxb8AkfNRZw%2B38NXIkmapVte02VTkTa6pXPCwid3yB09LBybgZrK7vytX9FBAmsA1cx9OGmODNd8n9G65zjbibQxyDqPSyv6CTmpr1nIJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMFQ8QqgXkeCrCpvY61keg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9140
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YseYeGo4bz25yRAlTf1CFAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMFQ8QqgXkeCrCpvY61keg&google_cver=1

43 B
908 B

81ms
80ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMFQ8QqgXkeCrCpvY61keg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDryqX-Ahi9iOjBATAB&v=APEucNXZi0JGhZ4O5bi3hOCfxLsEbHL19Dr-a7424WmK-zw5Am14NCVIGkpAjeB8VfcRKgEMK63taYwZjkSP_fhKORsRq154EQqI0DxepDHLV8psCyRCRyQiozj32eNwy8nSrYnxcHdsHRA8gLkkO6gShk47GED5p2_f-IhKx3DurvUJBxMHCDY
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72757093c85a75ad-LHR
pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAaQnehHWifnzoSC0LpxKosMi9CGu9oAlC1aggfuWPjPD3PEeXmjyNse3ql6hsH1R%2FW2nPJtyURv%2BXZ%2BCq2w4SRAaF5mmoHU9Q4Nd6VgFAuitfx6PZgWzUegkPNf3SJ4KECX7rnhggzUrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMMFQ8QqgXkeCrCpvY61keg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9140
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOsL9AhBlX0VyuJIR-Bb0Kk&google_cver=1

43 B
1020 B

35ms
35ms

Image
image/gif

185.89.210.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOsL9AhBlX0VyuJIR-Bb0Kk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDryqX-Ahi9iOjBATAB&v=APEucNXZi0JGhZ4O5bi3hOCfxLsEbHL19Dr-a7424WmK-zw5Am14NCVIGkpAjeB8VfcRKgEMK63taYwZjkSP_fhKORsRq154EQqI0DxepDHLV8psCyRCRyQiozj32eNwy8nSrYnxcHdsHRA8gLkkO6gShk47GED5p2_f-IhKx3DurvUJBxMHCDY

Protocol

HTTP/1.1

Server

185.89.210.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:44 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 945.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 935f14bd-77b6-43bc-a5b7-c9116786c847
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOsL9AhBlX0VyuJIR-Bb0Kk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9140
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0Mjk3MjQ5OTQ3NDAxOTMyMQ%3D%3D

170 B
243 B

125ms
61ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0Mjk3MjQ5OTQ3NDAxOTMyMQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:44 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 945.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ebbeda95-f8ff-4308-844e-911b320236ec
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0Mjk3MjQ5OTQ3NDAxOTMyMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 26B1 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzrLb2DM1HML50jEaxGT3kZ29SkoGiyR9CcOGbtARd1QUS2Jea45bHLRTY56Wa6_2fVZfZV2qkWnUz-LbOv2w0XdF63mmPU-FHLW5NGsIfpyycv1djABKxwk3qLo9ALos4G5nkOHr-p4rT8hH92aq5L5f_rw&cry=1&dbm_d=AKAmf-DzzVZT3196zksgb4lD9S7Wo5iVWA9lkBSWmkOxccEj1ixxBkcKTETkX4qbbJ6pje0ZsMwgSjpsnqiZOagHsBHgfyh44RHqoQOnxwInJ1jA-oYFGdCJasj8QDCzOqwWyQ-KGXlWpVE-J77wWYchMaMQ1mNg9M2aGFVqu_LvOmOsJhWZQ9Zbp3Hcv9hQ9pMXYoihnzIeHXpUqLrgiey2AhujPx-LQylnSToQntVk3N3TZ4dkwhcJgVhTYRWFg-nhHvs1sLh425yR9M-6FzDdzAXnU9Zr8WICnQgEpqS82HZIrAHsnqjwXZKD-938DkjN4tjvHXv74htfG-XlmRnyg-YaI3hSZEf43QfPP-AWffFYR61Y0qRSkGTdN_3bEyt9Rs_xoheQizfGYlVwapesihm8KU_XaEhbAgZUtMI9ZZ-h26jBtcjm21MEACGBRmxrcZ5ttw52PgdLe0Vki5JoJF-ungYQ9dd3HAe11f04V3BUh66jc2ns216QQ0NYTWHiTPeod-80sACNIOUjG62_udWOptW0elXuset5hWGB77tLTxUU_ch5V7VhtFs0rQsl11NwVSqTVPnfqvm3jo8zoOtuDAWdFrXBAhlrZg5t33nGgXGsYsKItCdgDgKaWOr10rO1eehewRy8tQxPfq7HgHnIfFE3RQnZ-oHTc28jIoMXFbjA8qHk5Z_UZXsDXbLk3hLyfWDDMB0pcdVbgPcwYtoL8_4QzapMd6r-GbNVnlqOPgEuKA2l2EDjJIWpT7ykc7wDR1L-7F-3dD5LVhznZJNmaKey1l1h3gisSWvsvc_IJG3ZSU5s2nqz3hNJpRkCtJaJiRycbMHTh5m5UD3msgimxlvVcJ0uOo33TLmyC2wbs9zeVg-Af61X9EOP2_ItCBkHO-tJazr_u8n7FoLBJY3cE-x0_ghh088OBSsimVIMVPvX7byOGZX3evOpHxbcZQ3Gfe-R_xvIlwIQi5v4eAT2YctdWOVWiUYLdA1iWQCV-4vCHBJhJQytZ5BBcC_LscVtI1lhF7NFLugSjEZBZm2Ke-cyMqxvV6tSf2N4sWiHQk3Q9J-2HHAYWmveJhFMASVVfWgNcScxO3Id5LHHb7-KDNLe7pRYserGVE7Qf-fTUEJgrW2gQnFoQKdLVk0CoTwXHN9cWpC6ZKeEYNtkaCUNT1b8-8ekMaakSvLMyvljjp39l2FCpa15J7mftCB8W6KCa0jE62DYPH5hJ7IUZ5Ip_I7hNVCf7KbWgP_1TfSCg6F9V_AeWtUE99xBRQur0V6IbndwGI-S8UouDs-FSnzIwrLOcWppQUSe33UqZK2su04Gy5oaDkUzVHuO3zdGzmRq4bfQX7M35VutTYPtS0lnMLkuHLb2-DDcAKAWF7i46uUBZ8sYSZX8cZSPJYlla5purs4Yt3Ao9X0LVZoxf0VsyMTi9C-wINl0ZfOwLyZ4Y8YwFBerpltZcI2xZLCyj2XynMEA39NSgQAcdNxc5m-cxWuBzVEKPFP9soK1MqIe8bkcabWPnwqVHKXjxstXwFDKZ7A3JetqVSEF7TyEtTMx5wdRhbvuu8fKNrphPr6rl53UcqqfRps355mVy5qFvDmNQ2nR2pgQASOxrFxB6R6RNyhRWbnL9UbkhpGx_dJGLZj59_KmJvNO9FPYMVtDkQwni1iBZOWiqzDqEqcSfDpF1tB6X4SRwK13XNV3XOgSx26uO0_YLRa2TMIYemvBYS-HD4nKXJxCL_2bEnndn9IpiQRHC8XrYva2cKTevM4lf0AS1eMYlhqUQ6KvLLwUQ3XmNqXcUt0-SfA8UrfTRQmNkorbVl6QOfF8s0uieLO_sObSuO0fCw6VO9Vhx8v9ZXw2ilYKbmD0MztHTSWc0qvgX07UkB7fBKbjzkjT_YiMTEiPxayNT89NcAKagzQ6rWUmtH65-pGdWfdbeJE3XzP1mh72NFDusMY-GEsLznMDKU0X9Aq9bVrT2pY6kYsRrDydKtTilL16rj3w0UZBW8plQQQ_APDhnUA5iedv8AHDQkcZQ2JuHSsp2nVkd_iFvuIce2kG9NxEozjpI-nFLiJBik3CujXzrCqOlYz-bg_n3H32LXlB1U9xi4O6yAT9CkB03_GT7MXtLLu31Kqv2JIAcxPVPss_nLWfV5tOYoIYVBtggy9Wd-Y63hK3cO3zV0B1lh-akbWePvUESQxntDOhri9q5UEIXEaGlmMDBA2P0tWCKjn98Dkhh1XK9PM_N5b3obPsswT0WHrTL_heDf67clu3qNzCdI3tQSCV6gVNRLuIy6u0Mbfl0guIe-ibst3zn58dmRVYcNd8boPbBEm-3kcGjDoOfnaVBct5V8ptPLHtju4aPF2b4EtwtPC9ZGQaQMq5NSojciQjjhLjT5eQ6JtUmb-EWOQqQLB3LMHhnBH1zkTjxY04oXLpqBenGobFRKlflslR-HfifVebkxUjzlEtAAvqVg5Eisf6kdSQsCn3rcACPqFgL-iYNkRe9ECXXsi-pfOaRfkiMpHTCx9FhaL50UFEBl6hfpF2eee4_7VErAcbu4jwoL2TdBh6aNYvirPwOFYoHaMSYO_mrffaL-GINFmurF5QwBxHgZ91GSyVkQ4&cid=CAASJeRow55w7M-bEYIoEd4tYNZPGtz3gqFikiZFb9pAL5ZB7MBmRIs&rfl=1%2Chttps%253A%252F%252Fznaj.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:12:47 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 26B1 106 KB
38 KB 161ms
41ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
Origin: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 08:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Jul 2022 08:39:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220630/r20110914/elements/html/ Frame 26B1 8 KB
3 KB 42ms
41ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220630/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWztvSOp_WziUpkKwhLrDXCcZadOmCSQJqmZa9b3ISyC2hXCFI&d=CnkAoCZ_4ISstoR0oliakF7PagtBdCGuOcOC7N0PUhp3CNBVkWvLp0mOrKqJoozeejhjA6zNce_U1SQQ23gY27Ygd5xpE0zt0dSDtZYymDWNvrRXlGA4ckeYr6d6vpGlEVCyNE2Q9IpxQXQQB0_4QlMiyFHMlamodFtIEskUAKAmf-DdzgGZf7-H93JKhI7FRLh_00fffwqpqCqAF5FFoJD9Twws0mTpOzz2iwdmZbpepsiQx8BGKhJfHEQ9Wevk9d7zgye8SX-_NWAk1XsAuabU25X8W3g702KP6UyRFtr4EQUSGtq9Q2Odr3dlnGwztiOzPyhCkJgoQSQ4Px7jLi0phUax6uLhlkc061Bu9CML6vzpJM1Vq9VwuJ42ghSYiQalrrDTBzrQD2yYa2hxuzrwb1wL8aGQvtVmOVmsZi3I6PPLAYFdIL51s0buXcPrV5AxZBCxg_fB6dZJR889JC9_hnZjtjfiplIVr8H_8irnwPQQj3jHGFTYoCa3oHdVC1hJXfsfOV6gHin08DAIw1dSbmZGVY0naUizstirlYIQ2wccYmbLyX8CMQkN6VbNLFC8Of4AEMJzr6MYksK2ALHA-Du1sZR0SYnxf56Gu5q039mzLMw0eU8ZtSGoCoT5TJx7Kp8EMOH3zLPQBRF5D-A0V5ejW5hTfmMBRvSnqmFLPC-5mmcZPlIcYPVgsmCl8PBdbXJQ-o8s0ljpEO0RfNlKJzKjoM-2Ea8T7--i2BpH_tZ2_Rk6jxOc3sjNG_iWnFrEAwN2vHPsYQ0kAKAuRN6CaMPd8xyvkldDFEMF5QsmrJq1L8R-p-oDtfrYUIw6w0wr-nGKoOhvVi3XTqE5z84j4Y4KvRy2eXcmSI8y23_Ai-wC5FePL96YMiseXrFNjNE_UQiQHu1NHYu-_Mcs0pDAZHGPOcMqjpi-u-JLBaBun434c7nNQOaF09-sPGg5an3oA9oPYLcyU4hjYPWVnNqld8TZEFAbIEDFl_PUY6GkuHzJzUhA5Ts9RnjK-ZGFmhPwc_3hXrqoJOcdV-aXs5oiQ2_hCkUPOJi2yzN37ceLcKhEt9CirXa2KS8DHtOqza269h7yPGUnAgKaMCJ_hX2im--5oKr-Yn8_MghEjObHxzrNPehJCSgqmmnlVO735Mb786BsG54TItCOZD_SASrbeiLfPvDkVKSzy0NP4jJxONuxt1kNOVoyfQKX5d-D8Iji9qxQ7Q0Il1ML-imAPr7btv4akRvQvfh1DGMcctMcxKL7ZIieND8ThK8f3AsppSc2lF1aWDxw_wsR3bTWTvIA9UDRJ_ACYqJbUthaL4ffktWYGBW_ehN93nJXREZEkyGOn-q5iZWgKy4XhPH64EwIy6JqVHziibRA7JiG9I3eoraqgdiyexPEdzm_cMGapJkPuqJ4PRe1rFrf00IH42P-wUDhQ7e_oIz0CDBiME4wQtgW5ifIkzKk4prhgj-2Q1S0xkinbyOUKiZcRVVrSXk242cGWCCvRP86OOmDhnf02j2UZtdXjLxMngyxmhPfFPCjVqZKDFuC7owwmRuKCWKgCcCSkSBQBLwvTITr1fByZtZX2vNcRjr4Tg8J_j3VrUw3AOlUoGbii072bux8BUN9No4QL6J_sNmQ9Jz4euSWei2_PY5K8DpBZHMWHyu4j0Kael-Hz5-B4Gs0g2yddBLiwVPWz1jf-l6mKQHtxlnPYVUjDzvKce_PDcErYFIIAtnHPUd9V1lmILH04RL1d78L14rnNIsQIpSrs8vQMvGDEpur9x1Xk6AKiqpcpbnQAk0WzdDfdpChHN3AZh5N2lu8eXQU9-wIVQPifQsBpE6DvAwEkNfUiM6Vtv5zRXezExkWG8RiLc1xMO2vYP4vib3dOKNl0YDi-P5xPzvWqRDo7TqIF_MrqPOageB7aE3sutN_BqI2tOPfpQxjelvc05vF6QWUnHuMYPiS2UomWPXXajQF1n2FzrR253BNfVvHMfYSTHiakBNW26l7HvaJGcyXGbERGEWp0U7rzV46jEsFi8X-c-VwJDdZO2qRenK165BP_xK1tlnmgKhcEWR49tWj41H0ga0uEV9p8X5i94MRFvf-cOx_lh0coH2N9kKdfUhCgH6N3Hqd01n0GxZDnvvLYQ1LlI4HtMLsPv0cdnGJQ6eX3ftKVjBgyTnTdSL38bCMzpFhOXPf-qWO_J2t2_ssKJU5GNuLgbpNKuJq8T9ZxUN_qeJ2VmBU5xVwyBImcVWa1wXPDbiVaaggiK7Thv4rtHcKKBXkqlzWpdUYDuLlcFzE0CmZdumZcK6mRCCXGzj4aYWsIcfbaOlPmx3jooVZG6I1qrujyiTbrHFdwfHj0EVwmKdSJ_5h5wlbhLODLaMJY-x6P26yHfovBI2Mx_kXhagOW2cRcCFqrsmEHJ8jmffGXtRrPb4b3uppadZPGqJeYO8q6SUfD2JyxbTEPhnwt3WkOY9M7FMaL7jdI8PMKk460thkvpvpAxEearez-sXpLlE4GuAVCwi_0qUa72CteUpZSi5buCJ3th0jIzkGB8tVAk4usGtsHbGNPgn6kSTSt37t94lmkk_88mzEYIb4TPx5SM-s_S7s3ZuBGXWt94EwXgYlAB8a7FHFrn2V7JOhniefS9i4iy3-N1sbaGVMx_VIKYUdvq-k4jegKx-FTTXotenoPr9j8DdrkH6kx-5PTlYEj798RuX4J3So0w0_NTqIAeDyLaXxZY8NA8La1rYLNKBTa8H-gzvOgJbbDd_0IG0cmkvrB39ttYs6t2CUEWBSr3mBU-rR4NKLUs0NFk7iZSdS-3Ciq157QfPJOEIYSr4OoTiUabYB_21ex-yUJAy19q3oR1InzhElJHrXwo0hn5_30aFab1Y2ijWzNAmCzJ3PTjSLkzEBob2Cu39jIoPlJ0u082gESBr5Mmvs5vqS48wAK68q7L34TFQvoZwbGXxk_EmvWPkdypDdtSsAgUoeaW02mKIamif2NVVCdIe4JZte9_SExGsCESaY_tbZsvuRO65fGD3N3j4_LqvrfBJwXi5eUTSo1rYmrZef6XhxzrKbooarbISamc_MeyQzzGgnn6mEfG_kdpV9Re8L09aYWOKrSMs796gwYxV_Kg6A4Ezc_IoNYMJ6fWAW1IBxqz_p7bc6MPfAb8Sv6NG6D2Q12YxeLSCX5tR8D5VPNCDPgA0MwNzMKT2CKVgDi8tmI5wkY8Q7y8wme69cnWHL9AdcUNCdKNeWuhvUnQWYi68VKSslksM-4fJF8R2BfIoZXPqHTWWtzUC2DfBnVdigDjtuclY7yfz8YetSHyC23_QioVNknI1MNpwQA03_pOakw0uP2ubcabkXOrlLn35t5LpULYehL3s7oQd09tPcwSR25o2-TqF5wF-XdKnwm6s4cB-QkwaaWkouAOIEJ5nxV-Ef8VHKyg7ge4ePxj3DRSE0507fLMZjoAg1H_5fgtT2DaprPiMol8M01rPbjt1zTMInM9b0kgtbQKoEwksqJ-l_TL4lY1Mckxbw4WYdj5MOpmQXqpiPtpt2V_V0o0nqnVei-sJFPHpWJRrTw6d49AeZK1J0P8ZIhYdQepNHWbPXTwE-BUHxgRKahE8j9q9Np2KvR5ZeWXjh_14f5eOxsNsud4SZjVuSyUKsYoRNj5It_iYjXGAEVB9WkLu1idIhxvrsHtgaKQgAEiXkaMOecOzPmxGCKBHeLWDWTxrc94KhYpImRW_aQC-WQezAZkSLYAE

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 00:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 00:13:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220630/r20110914/ Frame 26B1 27 KB
10 KB 42ms
41ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220630/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 01:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 01:34:51 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 25E2 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 69897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:12:47 GMT
expires: Fri, 07 Jul 2023 07:12:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 96ms
96ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=3834207813579877&bg=!LyylLGjNAAaLlKKnq5Q7ACkAdvg8WkSBFxda9GWXS1HFJk3z7nSfU29JWtA5GYwXlK1OOB4kO_mBFAIAAABcUgAAAAJoAQcKAEpG2mPDy9cMXvNnANwYS8HoU6Ncpf4eiclYx9Ln94XhN2P7K5pXf1Gd6VYU1knZVo1qh9w9guwZ2HO7f_Z5NQxbNAMaiiCqRwVeEJkCl8lg7Tntf2zEyymNcZMZOBwJLRHjnxN5Y-J_UuVpm_VbQFEbsV4-qVFLNEtuxJHJjvgBPNk65oZ2c5bGoJXcr_9izOBfFrmIaS1KRI7cCwbrJD6ZtMAXjsZpAsu85tWenJdDelL3MkzRBz0utpDsB6CebTmeevDlI_R0l8tzDEdzhCUdxFMW-uvhJxBro4M7fz5Ggr5vljIU9r8YkAagXxldhjgW_EtNDN0b8sEtTVsoMdszKapBm06M4vU6TF46Ri5n5D9aRXSTdTx7HxDEpFNJhvMyyN4N8YK9OY0qkMH8-rxKTrMvEcZ5sxu4MQwmXWbJOzc0Uj8D1AZxxzZaNH2M5BqCNShM6kJKwuHuMnQLD7VqXX5o-EBNGcC9CelAIq6ny3JvBI_2EuyiqJGbP7fuqSFW6mVXYseSHR4o60GYH0CEuRciFI7-MZoXp5COvg6jMqhkQuLdaq48rUrpPwt7ISoo2XH6Mhmx_9ozAF-EkG4ksluJ1hH1bIj9YJ5XNFfFVJUjq7rjYnUAMN_vr71-JjL9DgSY2vZld4IZydjOHPVptmpF-tpo7nQOEidlq_v89z3v--lEefjdi5JoCsCJ8SFg-w2Ug0PNgKfthJmPSH5pZUJjfbNA9vhJ0GkGFW2S-BUaINlsllLjVlBfwKLO7tpqkmRQqPjRDyn7fPgsIPpsgnb74bV5fFa5CjjPoh0QNLw8-Snyh2pSRzL5hxqSOPKcKp6x2qzfY-_4mEh06xnRXvgocWN_pNb56jezwHFzgIkz-tPDm-w2YJzMYSYHkixK7wioGVi0stvE3ohyNlKKQdxJOv6hZVnfbQ61QyxRi3NpDvJApf6Z8_9behHqiNOdV5AVfHV-70gSOxq-tY6o1s35tg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2AC1 1 KB
752 B 42ms
41ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 47492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 08 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js Show response
pagead2.googlesyndication.com/bg/ Frame 25E2 35 KB
13 KB 42ms
42ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 20:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 20:10:29 GMT

GET /
google2waycm.netmng.com/cm/ Frame 2AC1 0
0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2AC1
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHfZ3peyNIBGuKnnfGGU3DQ&google_cver=1&google_push=ARnp8GC-FjR7uGSMdPnpTh6-MpNdjLjtx6qf2EeOHNzihurCKkJSwG7umvuaLAwVZEthibwCEEh7Y7GTmZFxkCA3EbfTntNgDJs
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAyNDA2Njk2Mzg2MDg3NTc1Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHfZ3peyNIBGuKnnfGGU3DQ&google_cver=1

43 B
398 B

69ms
42ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHfZ3peyNIBGuKnnfGGU3DQ&google_cver=1
Requested by: Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHfZ3peyNIBGuKnnfGGU3DQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2AC1
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJE48vB2Phvdg0EXnTDZbc0&google_cver=1&google_push=ARnp8GD9_QRzN7gidHG126g2z3CS7fqNF5Ws3qW4eeWC4l4N45LhwA18hd5Sa1wXqFi6MLto4CGZQXDKAv2KAn2VG9lMhbF...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJE48vB2Phvdg0EXnTDZbc0&google_cver=1&google_push=ARnp8GD9_QRzN7gidHG126g2z3CS7fqNF5Ws3qW4eeWC4l4N45LhwA18hd5Sa1wXqFi6MLto4CGZQXDKAv2KAn2VG9lMh...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GD9_QRzN7gidHG126g2z3CS7fqNF5Ws3qW4eeWC4l4N45LhwA18hd5Sa1wXqFi6MLto4CGZQXDKAv2KAn2VG9lMhbFtbKo

170 B
188 B

61ms
59ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GD9_QRzN7gidHG126g2z3CS7fqNF5Ws3qW4eeWC4l4N45LhwA18hd5Sa1wXqFi6MLto4CGZQXDKAv2KAn2VG9lMhbFtbKo

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GD9_QRzN7gidHG126g2z3CS7fqNF5Ws3qW4eeWC4l4N45LhwA18hd5Sa1wXqFi6MLto4CGZQXDKAv2KAn2VG9lMhbFtbKo
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 2AC1 0
166 B 122ms
35ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGrKlLLOgErWg3jtKrjlhiY&google_cver=1&google_push=ARnp8GDFfKfQeO5yoMwOnBlS85w0s_SZhmXXa2UssgU-Tya_VoifWbAUo6Fou0FuPylYxMgqaywezJaGKwnk5RJ1733proiS2a8
Requested by: Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2AC1
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJfH_59BoUmTFonJjFE5YpQ&google_cver=1&google_push=ARnp8GAlVg3vF55rMggBZBxfTfNMYSCElH6ZpwKsAVgj9je5v9pdTt3nG-okr1dECaCREUOn2xW2yPpMpWkVPOuT...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GAlVg3vF55rMggBZBxfTfNMYSCElH6ZpwKsAVgj9je5v9pdTt3nG-okr1dECaCREUOn2xW2yPpMpWkVPOuTEZ0vSkX1jYs

170 B
188 B

136ms
54ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GAlVg3vF55rMggBZBxfTfNMYSCElH6ZpwKsAVgj9je5v9pdTt3nG-okr1dECaCREUOn2xW2yPpMpWkVPOuTEZ0vSkX1jYs

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Jul 2022 02:37:44 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GAlVg3vF55rMggBZBxfTfNMYSCElH6ZpwKsAVgj9je5v9pdTt3nG-okr1dECaCREUOn2xW2yPpMpWkVPOuTEZ0vSkX1jYs
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: TSpIUs4xi-Vg8fZ_NEw9ImYsNF1Bo17bVPgNGpu-dkTIn-x3h5jHWA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2AC1
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAZpXartQvERu_ltD9_3lDM&google_cver=1&google_push=ARnp8GAqP4tXzhvNYFLLCEb2L0UizhFBkeyG17UDvoZQ_iypdUDZ1A7UYbDEJBrSChqkRaR_4NOhwzHbdPTA...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GAqP4tXzhvNYFLLCEb2L0UizhFBkeyG17UDvoZQ_iypdUDZ1A7UYbDEJBrSChqkRaR_4NOhwzHbdPTAQL_4-QNonQgB0ODi

170 B
188 B

139ms
53ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GAqP4tXzhvNYFLLCEb2L0UizhFBkeyG17UDvoZQ_iypdUDZ1A7UYbDEJBrSChqkRaR_4NOhwzHbdPTAQL_4-QNonQgB0ODi

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GAqP4tXzhvNYFLLCEb2L0UizhFBkeyG17UDvoZQ_iypdUDZ1A7UYbDEJBrSChqkRaR_4NOhwzHbdPTAQL_4-QNonQgB0ODi
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 2AC1
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAZpXartQvERu_ltD9_3lDM&google_cver=1&google_push=ARnp8GD0M-oxIUc2y1KpGVCDEUKDr53i9NFIaEDWh45JdSlGQ9g7TND7DVxqMA0PgaHHUjz-9T35who0D89...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GD0M-oxIUc2y1KpGVCDEUKDr53i9NFIaEDWh45JdSlGQ9g7TND7DVxqMA0PgaHHUjz-9T35who0D89TKB6pOyiptQyJjYUVlA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

44ms
42ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2AC1 0
59 B 49ms
49ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDjRbOdTcWhKcoXKjt7bB-kI8GosNqGhhSAFaJmCusR9DG8LApJiqBKOXToTD5VSJb_eMhug

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8CDA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=znaj.ua&sn=ChromeSyncframe&so=0&topUrl=znaj.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=W7vFi3xqRXZKVUd0bnE4ZkRQZ3Q0MCtmcWtxa1NRRVYvcmU0Z3lUeXBTWnNSeFhPMng0UzVuUGFib0FZMzBuL1R0TGc4aHFYS1d2TDZ0SjYxb3B0U0RMZjNWQ1RqN1NGU1E1RkxxNUJJcWxuS0p2TDVHbEZBR3cxVTBuN1...

425 B
629 B

116ms
39ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=W7vFi3xqRXZKVUd0bnE4ZkRQZ3Q0MCtmcWtxa1NRRVYvcmU0Z3lUeXBTWnNSeFhPMng0UzVuUGFib0FZMzBuL1R0TGc4aHFYS1d2TDZ0SjYxb3B0U0RMZjNWQ1RqN1NGU1E1RkxxNUJJcWxuS0p2TDVHbEZBR3cxVTBuN1JEcEpoaUdaTUNnRUgzc3FCYy9IZlVkVGw1TmswK2Z1YUFGNUV5VGE2RTBpU2RrMVdrYmN6UXd5dGwvTEhPMDE4N2hRalRGNWx1SGgrc0M5ZnZHUGtXZHdQUnJBZlJJdjlVUno5dTBrVEVBQlhKZk02c1d1UTVXd0NERDlXOFcwckFaVTZLSmcvM3YzL2FadU16OCt3ZldEV0JPWFlYdz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

28f8626e0d8e51808f806b801486e5be24ea6506e59ca29ec3d6c19339bd7d1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:43 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 6927
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:43 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=W7vFi3xqRXZKVUd0bnE4ZkRQZ3Q0MCtmcWtxa1NRRVYvcmU0Z3lUeXBTWnNSeFhPMng0UzVuUGFib0FZMzBuL1R0TGc4aHFYS1d2TDZ0SjYxb3B0U0RMZjNWQ1RqN1NGU1E1RkxxNUJJcWxuS0p2TDVHbEZBR3cxVTBuN1JEcEpoaUdaTUNnRUgzc3FCYy9IZlVkVGw1TmswK2Z1YUFGNUV5VGE2RTBpU2RrMVdrYmN6UXd5dGwvTEhPMDE4N2hRalRGNWx1SGgrc0M5ZnZHUGtXZHdQUnJBZlJJdjlVUno5dTBrVEVBQlhKZk02c1d1UTVXd0NERDlXOFcwckFaVTZLSmcvM3YzL2FadU16OCt3ZldEV0JPWFlYdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1312
content-length: 541
expires: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9839622279407188057/ Frame E3F6 28 KB
5 KB 124ms
41ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9839622279407188057/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2d322d11afe4046e99498a25f6f76d1d002a66d8ee7d4870b95f0c76cd7d2bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4949
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 21:44:21 GMT
expires: Fri, 07 Jul 2023 21:44:21 GMT
last-modified: Fri, 13 May 2022 18:24:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 26B1 0
575 B 189ms
83ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstBQxR7BcsnDfMqU2X6RiPeDckZD28EkZaZlqL1utaHjK9D_8ATUZroQTwUn_ToZEDjK6uiG7hvIfbJpMV5u8rfYr3MUCJ-M9EfwNnanZr2wlOclIrZ6_MtTWq0Ar50IgM9oeH59hZL1tqtfuArTKP_Pk8&sai=AMfl-YQ0yaA7gtIf4ZikKD3BVEmepUJPV-2rQwlAyWXiznImE8I2U5-_2AP2oX9-qM92kdK4PNEeImEkHvFajnv6QBToc8TSusfxud9lkBryIaeaIje1zzQSQjVkLR97&sig=Cg0ArKJSzImfPySv-aY0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=232&cbvp=1&cstd=229&cisv=r20220630.10145&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 02:37:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25E2 0
20 B 78ms
78ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCrUweJjHYrSrHIifgQeE0K24DwAAAAA4AeAEAg&bg=!19Sl1JDNAAaYcLjmuHA7ACkAdvg8WgMhXvnRBqhBa6NHAlGfsOi--5nOcvznIB8_5oWzuaQeirjiSgIAAABYUgAAAAFoAQeZAui7xjti0DFbkiR9y8xQci7SQsiPZg_89dmOzz54KOW5NddVD8njg_uSzWOM4QOTlUla_U508srJKrx_RvrZ7ENh7AeYwAVkTJ2836pKZvHWceGEFYx0XJITOAc5OZQTv-JU6maX5w0aZeACOjGVnHGwnnHvJgjpd2kq4F6E0RCRjWbYU5bqgV8V8A_T38hE5KSvSLSsoLsjrFlut78eqoyJT8yzdzOeHiMhvZ3ZkZyWA7ErC_pcL01ZSY_yeQuQH3sBeFKkf3xE5-9v66dNoQoB6P36OLs3CGQIlmmIc_UyZZ6EAvhEtErUGG2E_C3CB4GgbExu72YuLF4RFEgk0VmmmYgyR4NEXOSsYtPdTG8808RbcBirUyEXCJ4q1Def3c6WNRju6GEBSm6_C7nW_BPJ_AET0WF11ziqlnjplk4eBMsrAtcfjNa2MPLjQgg9yn6wc5ljKajdGO496GWiuxxICboihEa9ICe04Vjp-cs5O1dszQ79BMH8Rc77U_KWt1NqI5VT2UH1R8lDVe4W5cUyrDBIfNO1brOVQg5Dhm-JXfOCgyUVKk9ufq6dUjZCC1gcmLea2pPi80lheDnaMP6h9rYn9NzQriQF98vTSY1b3Yritri6kTEfDvMjhfUZVdb72x4a3Zs6btvOHHrGFgVTnfGYV0ihzXkH0eOtH1rjNY-ACSldGqF4-6jCyHXfHjkaJyWBe4ArkBlq768zIiDho-A7-ohj0aJWOajDrbCuDugIopg5jIshBNtQ2pdK_PhJG21-ahm6ayvTHElWM360DIu-bRlWak3JTxv5zut3robf9rjaVbsa0-8o2aPoQlLHz7DQ_zorn5WUU-ye_V96DmqdA0g3nY0_d5R8HRtgDE_sT05zj243fcyDgXBaQB4qaxDES-useaop1LSxF9BJdMsgdqV8yiBb0Vlm4-nd1lx1Ueo5kdtLAM5gyeD3p9CM7Ijz_nSUACxKkxOnUEF-UjeoTcWMH4w

Requested by

Host: a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com
URL: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-99-86-4-19.fra6.r.cloudfront.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 86dd141811868863f27ed390f63606f2.js Show response
s0.2mdn.net/sadbundle/9839622279407188057/ Frame E3F6 78 KB
20 KB 42ms
42ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9839622279407188057/86dd141811868863f27ed390f63606f2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcb26bf5376e4676216306b741650a8be1c120b4db746bd7cb4aedb13c900ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 21:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20363
x-xss-protection: 0
last-modified: Fri, 13 May 2022 18:24:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 21:44:21 GMT

GET
H3 200 4386401c0704419787bb10566c01c58f.jpg
s0.2mdn.net/sadbundle/9839622279407188057/media/ Frame E3F6 129 KB
129 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9839622279407188057/media/4386401c0704419787bb10566c01c58f.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0f415e3656ed61e0db556fdcc441e5c014d756d03d806138370bc3a9fd120dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 21:44:21 GMT
x-content-type-options: nosniff
age: 17603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131887
x-xss-protection: 0
last-modified: Fri, 13 May 2022 18:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 21:44:21 GMT

GET
H3 200 a15a69d3e3f8bfc6a66734772ca9000b.svg
s0.2mdn.net/sadbundle/9839622279407188057/media/ Frame E3F6 2 KB
1 KB 51ms
51ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9839622279407188057/media/a15a69d3e3f8bfc6a66734772ca9000b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38d5120f6ace8247c1745838a8cc4224e1e5d5d110d2a7a5c3c9cd9a57dde270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 21:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
last-modified: Fri, 13 May 2022 18:24:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 21:44:21 GMT

GET
H3 200 cd9fc5573f2c975ded65fc846950c649.svg
s0.2mdn.net/sadbundle/9839622279407188057/media/ Frame E3F6 5 KB
2 KB 53ms
53ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9839622279407188057/media/cd9fc5573f2c975ded65fc846950c649.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

174611cb68fc6a81f728f3c0b956a4116e9b4cc02f6e17e983fa999e0a3d018e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 21:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1613
x-xss-protection: 0
last-modified: Fri, 13 May 2022 18:24:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 21:44:21 GMT

GET
H3 200 8b0e41e2faf55426634cbc37d2023531.svg
s0.2mdn.net/sadbundle/9839622279407188057/media/ Frame E3F6 4 KB
2 KB 52ms
51ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9839622279407188057/media/8b0e41e2faf55426634cbc37d2023531.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e22b30cc3924a2afff0165fa691beac7ff3cb6aefebfebd678ef90292a5a865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 21:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1874
x-xss-protection: 0
last-modified: Fri, 13 May 2022 18:24:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 21:44:21 GMT

GET
H3 200 2f7bdddc6ff317de67ccec36ec25edd7.jpg
s0.2mdn.net/sadbundle/9839622279407188057/media/ Frame E3F6 88 KB
88 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9839622279407188057/media/2f7bdddc6ff317de67ccec36ec25edd7.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9327a52887f4e4674d832d6ee8ae2fbaad0c57476eb8cd87aaee5d81ba8f7a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 21:44:21 GMT
x-content-type-options: nosniff
age: 17604
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90053
x-xss-protection: 0
last-modified: Fri, 13 May 2022 18:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 21:44:21 GMT

GET
H3 200 51a0e71f67f661ae396f93c1f88cdf0a.svg
s0.2mdn.net/sadbundle/9839622279407188057/media/ Frame E3F6 4 KB
2 KB 48ms
48ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9839622279407188057/media/51a0e71f67f661ae396f93c1f88cdf0a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70b45a4f2b0e596d4b4e7dba4d37df4eda388fb6ed2475a6c14436f925e2806d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 21:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17604
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1580
x-xss-protection: 0
last-modified: Fri, 13 May 2022 18:24:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 21:44:21 GMT

GET
H3 200 17dcfe1b48e30061eefc90d36ac19542.svg
s0.2mdn.net/sadbundle/9839622279407188057/media/ Frame E3F6 3 KB
1 KB 48ms
47ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9839622279407188057/media/17dcfe1b48e30061eefc90d36ac19542.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c14db257c90acd121cfc57c863c642b96964cba5228c3819c0c028bc2c844e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9839622279407188057/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 21:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17604
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1151
x-xss-protection: 0
last-modified: Fri, 13 May 2022 18:24:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 21:44:21 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 26B1 0
26 B 168ms
80ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstBQxR7BcsnDfMqU2X6RiPeDckZD28EkZaZlqL1utaHjK9D_8ATUZroQTwUn_ToZEDjK6uiG7hvIfbJpMV5u8rfYr3MUCJ-M9EfwNnanZr2wlOclIrZ6_MtTWq0Ar50IgM9oeH59hZL1tqtfuArTKP_Pk8&sai=AMfl-YQ0yaA7gtIf4ZikKD3BVEmepUJPV-2rQwlAyWXiznImE8I2U5-_2AP2oX9-qM92kdK4PNEeImEkHvFajnv6QBToc8TSusfxud9lkBryIaeaIje1zzQSQjVkLR97&sig=Cg0ArKJSzImfPySv-aY0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=640&vt=11&dtpt=408&dett=3&cstd=229&cisv=r20220630.10145&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: znaj.ua
URL: https://znaj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 02:37:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 26B1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ad362db84b8f4e05d5c1ea2aa9dc645139dbfdca5d19af52dec154f724a90fb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 26B1 7 KB
3 KB 145ms
41ms Script
text/javascript 99.86.4.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw1&base=te-clr1-fee044d9-706e-4700-ac57-d70280492502

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c5966ae0a4b9b9f0b68851bf9fb426c3f7ca513ae09269aaced10e48d87fff9e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 10:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59632
cross-origin-embedder-policy: unsafe-none
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 2413
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: YYjPOXOviPtdg8bozm626tdQ7ivzW32U4bCvxOd0k5zg1iVHw9Mzug==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 26B1 38 KB
12 KB 147ms
43ms Script
text/javascript 99.86.4.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw2

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-19.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 10:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59667
cross-origin-embedder-policy: unsafe-none
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: qrdQ3mVCWo9h3XOwcQI-IjiqwebcVuYahZiH0UaHeIdpuvhArmtzCw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 26B1 43 B
1 KB 239ms
136ms Image
image/gif 99.86.4.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=c287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-19.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:46 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: T9nuSR9KotJ2wfYVsBor3MvbW0q4h0qUdGOIzP2ByzkL3qaiMPUxdQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 26B1 42 B
64 B 179ms
92ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseGXpIlQYC_tjyoh4i01erl0JxvXt4o0dQklL5FrSMalBBWBjTkCqtIXEssWqntY_TVcE3YnCE4i2mMQhVkVvVUx8YPfn26uhTFSbiWH2JApURYM7INQiFwMLIyNg7P0Cu9KRWaw&sai=AMfl-YTGE8qykW34PTaty9LHlHUOGnLRlvLCydThy2xn-JsZWk7AtSR_XN9YQ7Smk7D-iNK_ygK3ch1sOTp6zqWIboNUy_rFKBOOY5F1rtTdYiEkdMTnK7bqmrxkD4VS&sig=Cg0ArKJSzBbcMhz7_vrIEAE&cid=CAASJeRow55w7M-bEYIoEd4tYNZPGtz3gqFikiZFb9pAL5ZB7MBmRIs&id=lidar2&mcvt=1000&p=147,436,237,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2184955199&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657247864067&rpt=1091&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a0bd516db1f91d18699d0e002f78f0f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame DB0D 281 B
554 B 145ms
41ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Jul 2022 02:37:46 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 265B 37 B
139 B 132ms
41ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 08 Jul 2022 02:37:46 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8AC1 52 KB
17 KB 97ms
29ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79146
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 08 Jul 2022 02:37:46 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 22 Jun 2022 05:08:01 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 306652
X-Served-By: cache-lga13624-LGA, cache-lcy19266-LCY
X-Timer: S1657247867.550628,VS0,VE0

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame 8C0D
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

2 KB
1 KB

39ms
39ms

Document
text/html

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 83d06455be4477d000261b1ae33ecc876630c4f4aac9e6b2bca33ab89894d82d

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 08 Jul 2022 02:37:46 GMT
expires: Fri, 08 Jul 2022 02:37:46 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-601

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Fri, 08 Jul 2022 02:37:46 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-601

GET
H2 204 d
ic.tynt.com/r/ Frame A01D 0
0 352ms
115ms Document
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date: Fri, 08 Jul 2022 02:37:46 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7E2E 52 KB
17 KB 94ms
29ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 79146
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 08 Jul 2022 02:37:46 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 22 Jun 2022 05:08:01 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 306653
X-Served-By: cache-lga13624-LGA, cache-lcy19266-LCY
X-Timer: S1657247867.551091,VS0,VE0

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 08D1 37 B
140 B 125ms
41ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 08 Jul 2022 02:37:46 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 7108
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=63ee0445-c13e-4938-9c45-c0d15c214d03

0
407 B

859ms
294ms

Document
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=63ee0445-c13e-4938-9c45-c0d15c214d03
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/zna/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://znaj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Fri, 08 Jul 2022 02:37:47 GMT
Etag: 4794f49260b43659
Server: VertaMedia 1.0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7275709e380901f0-ZRH
content-length: 0
date: Fri, 08 Jul 2022 02:37:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=63ee0445-c13e-4938-9c45-c0d15c214d03
server: cloudflare

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?gdpr=%7Bgdpr%7D&gdpr_consent=%7Bgdpr_consent%7D&us_privacy=%7Bus_privacy%7D&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D...
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=36fe2e1b-cb06-4758-ba73-9addfcca32ad

0
407 B

976ms
303ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=36fe2e1b-cb06-4758-ba73-9addfcca32ad
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 02:37:47 GMT
Server: VertaMedia 1.0
Etag: 4794f49260b43659
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=36fe2e1b-cb06-4758-ba73-9addfcca32ad
date: Fri, 08 Jul 2022 02:37:46 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 prebid
rtb.openx.net/sync/ 43 B
351 B 99ms
33ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://znaj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: gu4akm9ikcr36125g3mgcvpn54l8mhqn

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8AC1 0
747 B 39ms
38ms Script
text/html 185.89.210.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:46 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 945.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c9448cd6-5fca-4fe9-959e-a151f330efb9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7E2E 0
747 B 37ms
37ms Script
text/html 185.89.210.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:46 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 945.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 37c0fe56-16eb-414c-8bef-6e1b7ee6e089
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DB0D 31 KB
10 KB 43ms
43ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8c35724525e653b7bf88daa452275689c2f6d7567a3016ec171b14118e64e59e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 02:37:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 17:17:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14305
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9456
Expires: Fri, 08 Jul 2022 06:36:11 GMT

GET
H2 204 pixelSync
pixel.sitescout.com/dmp/ Frame 8C0D 0
191 B 110ms
33ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Db7e742c55e2d98e7
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:45 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 prebid
rtb.openx.net/sync/ Frame 8C0D 43 B
64 B 67ms
34ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Db7e742c55e2d98e7%26uid%3D%24%7BUID%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 08tu2obfcpqgoicneslv99b7ssija2gb

GET
H/1.1 200 ptag Show response
a.audrte.com/ Frame 8C0D 5 KB
2 KB 462ms
114ms Script
text/plain 34.199.197.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptag?p=M1353665098
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.197.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-197-121.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 822ac4e66e48087992e258c5ef7b94a7dd2e7b28af07db80684802b83108cabf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 02:37:47 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1683

GET
H2 200 lotame20220615.js Show response
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 8C0D 566 B
521 B 119ms
35ms Script
application/x-javascript 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:46 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 16:21:31 GMT
server: openresty
etag: W/"62aa070b-236"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Wed, 07 Jul 2027 02:37:46 GMT

GET
H2

200

um
u-ams02.e-planning.net/ Frame 8C0D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db7e742c55e2d98e7%26uid%3D%24UID
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b7e742c55e2d98e7&uid=5342972499474019321

42 B
104 B

118ms
36ms

Image
image/gif

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b7e742c55e2d98e7&uid=5342972499474019321
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:46 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:46 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 945.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 637ca7b3-18b0-4a0e-b05c-d5d5c1182c96
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b7e742c55e2d98e7&uid=5342972499474019321
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E064
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

42ms
41ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Jul 2022 02:37:46 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 08 Jul 2022 02:37:46 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7E72 15 KB
6 KB 134ms
41ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db7e742c55e2d98e7%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=113985
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 02:37:46 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 09 Jul 2022 10:17:31 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame D36F 1 KB
987 B 206ms
59ms Document
text/html 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 0
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Fri, 08 Jul 2022 02:37:46 GMT
etag: W/"61ddbb71-5f5"
expires: Sun, 10 Jan 2027 17:30:12 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-rand: 58.812
x-cf-tsc: 1641922213
x-cf1: 29080:dA.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2: H
x-cf3: M
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame 823A 0
0 43ms
42ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame D514 7 KB
2 KB 182ms
76ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10bab419bd1a4d45e90c3ed3e3d28d6ccbd894ae445babdc08b8e90deddf0b11

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 7275709f7e67cc56-ZRH
content-encoding: br
content-type: text/html
date: Fri, 08 Jul 2022 02:37:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Origin
via: 1.1 google

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DB0D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZRy6ZSbCSxK49mjmeMjzBw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZRy6ZSbCSxK49mjmeMjzBw

43 B
556 B

130ms
129ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZRy6ZSbCSxK49mjmeMjzBw

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NDPFHZMVKCQN4M8J1945
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZRy6ZSbCSxK49mjmeMjzBw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame DB0D 70 B
265 B 129ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DB0D
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzA5NDdkODhmNGE3NDcxMzc2ZjRjNDNmODY5MjdlOTY2Mjg1M2IyNQ

170 B
188 B

53ms
53ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzA5NDdkODhmNGE3NDcxMzc2ZjRjNDNmODY5MjdlOTY2Mjg1M2IyNQ

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzA5NDdkODhmNGE3NDcxMzc2ZjRjNDNmODY5MjdlOTY2Mjg1M2IyNQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DB0D
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCVUw3OUQtVC1EMEs4

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCVUw3OUQtVC1EMEs4

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCVUw3OUQtVC1EMEs4
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame DB0D 0
0 119ms
38ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame DB0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHcUFa3OcMDsIVkT53egH7Y&google_cver=1

0
239 B

196ms
44ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHcUFa3OcMDsIVkT53egH7Y&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHcUFa3OcMDsIVkT53egH7Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame DB0D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0gId3T3hS42nTQ-nMu5Lbg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0gId3T3hS42nTQ-nMu5Lbg

43 B
556 B

49ms
49ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0gId3T3hS42nTQ-nMu5Lbg

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AQQAM78E7CRX6XSCEEQ0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0gId3T3hS42nTQ-nMu5Lbg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame DB0D
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/RJPFmPHVACxLYuGvltvYLA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7288108749723738368

0
239 B

44ms
44ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7288108749723738368
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

date: Fri, 08 Jul 2022 02:37:47 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7288108749723738368
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7E72 0
39 B 35ms
34ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5402531&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db7e742c55e2d98e7%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:46 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E064 31 KB
10 KB 47ms
46ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8c35724525e653b7bf88daa452275689c2f6d7567a3016ec171b14118e64e59e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 02:37:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 17:17:26 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14305
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9456
Expires: Fri, 08 Jul 2022 06:36:11 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame D514 0
0 36ms
35ms Image
text/html 185.89.210.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 945.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame D514 170 B
188 B 52ms
52ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D514
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=1ffcddbc-b59a-432f-9aca-566d7ffec725&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7...

95 B
153 B

75ms
75ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=1ffcddbc-b59a-432f-9aca-566d7ffec725&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 727570a13ef7cc56-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=1ffcddbc-b59a-432f-9aca-566d7ffec725&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame D514 0
331 B 178ms
47ms Image
text/plain 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D514 70 B
264 B 45ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame D514 0
163 B 239ms
94ms Image
text/plain 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 27
date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 varnish
server: nginx
x-timer: S1657247867.034821,VS0,VE27
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-mxp6927-MXP

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame D514 0
411 B 465ms
108ms Image
text/html 2600:1f18:6593:f601:8db1:1078:892f:cd87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f601:8db1:1078:892f:cd87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:47 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D514 0
41 B 38ms
34ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a16d9-5ca5-416b-426b-ae7e51c09b09%26reqId%3De4817d80-8b90-43e7-6c11-f35361523cb6%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D514
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=136...
https://mwzeom.zeotap.com/mw?cid=dfde3a7d-e2b8-4dd4-ad70-a7a0a2541eaf&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
153 B

74ms
74ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=dfde3a7d-e2b8-4dd4-ad70-a7a0a2541eaf&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 727570a1ef34cc56-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=dfde3a7d-e2b8-4dd4-ad70-a7a0a2541eaf&zpartnerid=317&gdpr=1&gdpr_consent=
pragma: no-cache
date: Fri, 08 Jul 2022 02:37:47 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D514
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=468a16d9-5ca5-416b-426b-ae7e51c09b09&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=468a16d9-5ca5-416b-426b-ae7e51c09b09&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=60747421689431500911402203606571642210&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-...

95 B
153 B

82ms
81ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=60747421689431500911402203606571642210&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 727570a1bf21cc56-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-2-v036-049f0654a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ncyBZ4JORDQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=60747421689431500911402203606571642210&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame D514 0
324 B 180ms
45ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D514
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7117825385851320467&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-...

95 B
204 B

98ms
88ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7117825385851320467&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 727570a0fee1cc56-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7117825385851320467&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Date: Fri, 08 Jul 2022 02:37:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame D514
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=468a16d9-5ca5-416b-426b-ae7e51c09b09
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=468a16d9-5ca5-416b-426b-ae7e51c09b09

95 B
113 B

68ms
37ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=468a16d9-5ca5-416b-426b-ae7e51c09b09

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=468a16d9-5ca5-416b-426b-ae7e51c09b09
date: Fri, 08 Jul 2022 02:37:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D514
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=468a16d9-5ca5-416b-426b-ae7e51c09b09&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=468a16d9-5ca5-416b-426b-ae7e51c09b09&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=82.bhnlqBmWT86wVeS080O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43...

95 B
153 B

73ms
73ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=82.bhnlqBmWT86wVeS080O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 727570a1af1ccc56-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
last-modified: Fri, 08 Jul 2022 02:37:47 GMT
server: Weborama Collect Frontend
location: https://mwzeom.zeotap.com/mw?webouuid=82.bhnlqBmWT86wVeS080O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D514
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b...
https://mwzeom.zeotap.com/mw?cid=

95 B
153 B

84ms
83ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 727570a25f49cc56-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=
pragma: no-cache
date: Fri, 08 Jul 2022 02:37:46 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D514
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=468a16d9-5ca5-416b-426b-ae7e51c09b09?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventTyp...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=468a16d9-5ca5-416b-426b-ae7e51c09b09?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eve...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c1...

95 B
153 B

83ms
82ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 727570a25f4acc56-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:47 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
expires: 0
cache-control: no-cache
x-server: 10.45.16.225
content-length: 0
x-consent: absent

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D514
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-FSwatxNE2orXIOlxzGXZ33g8W5_IOH.Saw--~A&zpartnerid=570&env=mWeb

95 B
153 B

90ms
89ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-FSwatxNE2orXIOlxzGXZ33g8W5_IOH.Saw--~A&zpartnerid=570&env=mWeb
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 727570a21f39cc56-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-FSwatxNE2orXIOlxzGXZ33g8W5_IOH.Saw--~A&zpartnerid=570&env=mWeb
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D514
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=MjjoqVWHhTiH4iWcBoZLLZ4HV8ol5K5G%2BS41iYitP1U%3D

95 B
153 B

82ms
82ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=MjjoqVWHhTiH4iWcBoZLLZ4HV8ol5K5G%2BS41iYitP1U%3D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 727570a29f56cc56-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:47 GMT
server: AAWebServer
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=MjjoqVWHhTiH4iWcBoZLLZ4HV8ol5K5G%2BS41iYitP1U%3D
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame D514 43 B
356 B 116ms
40ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=468a16d9-5ca5-416b-426b-ae7e51c09b09&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame D514 0
338 B 151ms
44ms Image
text/plain 63.34.119.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.119.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-119-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1657247867
x-served-by: beacon-n008-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame D514 95 B
359 B 148ms
51ms Image
image/png 162.55.233.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=468a16d9-5ca5-416b-426b-ae7e51c09b09&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.233.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D514
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YseYewAOpk4cNQAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35...

95 B
153 B

73ms
72ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YseYewAOpk4cNQAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361&_test=YseYewAOpk4cNQAo
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 727570a39f9fcc56-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1657247867.419364,VS0,VE0
x-served-by: cache-lcy19228-LCY
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YseYewAOpk4cNQAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361&_test=YseYewAOpk4cNQAo
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D514
Redirect Chain

https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b...
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.8176b031-b1ae-48d1-b814-30f2b2d1805a&zdid=1361

95 B
153 B

74ms
74ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.8176b031-b1ae-48d1-b814-30f2b2d1805a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 727570a39f9dcc56-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
server: nginx/1.20.1
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
location: https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.8176b031-b1ae-48d1-b814-30f2b2d1805a&zdid=1361
cache-control: must-revalidate, no-store, no-cache
content-length: 0
x-amz-cf-id: -AtZNkbgdJFe_HB6YL4q-rndsv9PhgBIvnJseidB9RTzRx3KWZ1Qlw==
expires: -1

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame D514
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f3536152...

0
337 B

45ms
45ms

Image
text/plain

63.34.119.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 63.34.119.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-119-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1657247867
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
date: Fri, 08 Jul 2022 02:37:47 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a010-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame D514
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=468a16d9-5ca5-416b-426b-ae7e51c09b09&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=468a16d9-5ca5-416b-426b-ae7e51c09b09&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426...

43 B
645 B

47ms
47ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=468a16d9-5ca5-416b-426b-ae7e51c09b09&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2Y3KH1RKDRASSNC8D7AH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0W75W192B8W4KZAZG3W8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=468a16d9-5ca5-416b-426b-ae7e51c09b09&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame D514 0
145 B 360ms
251ms Image
text/plain 69.192.160.219

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=468a16d9-5ca5-416b-426b-ae7e51c09b09&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D514
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D468a1...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361

95 B
153 B

85ms
84ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:37:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 727570a3ffaecc56-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=468a16d9-5ca5-416b-426b-ae7e51c09b09&reqId=e4817d80-8b90-43e7-6c11-f35361523cb6&zdid=1361
date: Fri, 08 Jul 2022 02:37:47 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame E064 0
239 B 218ms
48ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=L5BUL79D-T-D0K8
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15238/ Frame 8C0D 47 KB
15 KB 140ms
45ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 13:10:16 GMT
content-encoding: gzip
etag: W/"a31a707739fd82541fa40e577dbbfede"
last-modified: Wed, 15 Jun 2022 17:05:13 GMT
server: AmazonS3
age: 48452
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: VYQgZk5RJl5MyTnTuR6sB1gvnwDh0y8K3hlDeoD5JqUvHYfC1_DyPQ==

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame EC07 636 B
577 B 35ms
35ms Document
text/html 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: i.e-planning.net
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=157680000
content-encoding: gzip
content-type: text/html
date: Fri, 08 Jul 2022 02:37:47 GMT
etag: W/"601b131c-27c"
expires: Wed, 07 Jul 2027 02:37:47 GMT
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
server: openresty

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 1A56 0
387 B 368ms
295ms Document
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AA2Yl4YBKrWp-QTc
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 0
Date: Fri, 08 Jul 2022 02:37:47 GMT
Etag: 5a6c92a239d97b02
Server: VertaMedia 1.0

GET
H/1.1 200
OK GS.d Show response
js.cookieless-data.com/ Frame EC07 0
535 B 139ms
45ms Script
text/plain 212.129.3.113
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1657247867172

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.113 , France, ASN12876 (Online SAS, FR),

Reverse DNS

212-129-3-113.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:47 GMT
Server: nginx/1.11.3
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8AC1 0
747 B 46ms
45ms Script
text/html 185.89.210.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 02:37:47 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 945.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e0612813-6fe3-4b39-8840-dd543f91057e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7E2E 0
747 B 79ms
35ms Script
text/html 185.89.210.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS